Skip to content

Harden generated Grafana observability and GHCR run docs#391

Open
DovOps wants to merge 4 commits into
mainfrom
codex/grafana-public-dashboards-promtail-fix
Open

Harden generated Grafana observability and GHCR run docs#391
DovOps wants to merge 4 commits into
mainfrom
codex/grafana-public-dashboards-promtail-fix

Conversation

@DovOps

@DovOps DovOps commented May 28, 2026

Copy link
Copy Markdown
Collaborator

Summary

Fixes #389.

This PR hardens generated observability states and their generated documentation:

  • exposes Grafana dashboards as anonymous Viewer surfaces through /grafana/
  • replaces admin/admin generated defaults with state-scoped local admin credentials and env overrides
  • fixes Grafana sub-path/reverse-proxy defaults for generated ingress routes
  • configures generated start scripts to select the local Docker daemon API version for Promtail
  • documents Grafana URLs and credential conventions in generated runtime docs and published snapshot docs
  • cleans dashboard tags/titles so state 009 no longer shows future-state labels such as state-012, state-013, or State 013
  • fixes script-based GHCR run-bundle validation for convergence states by documenting TRADERX_SKIP_GENERATE=1

Key Files

  • pipeline/normalize-observability-runtime.sh
  • scripts/lib/observability-runtime.sh
  • pipeline/render-state-007-observability-lgtm-compose.sh
  • pipeline/render-state-008-pricing-awareness-market-data.sh
  • pipeline/render-state-009-order-management-matcher.sh
  • pipeline/install-generated-runtime-harness.sh
  • pipeline/install-generated-ci-assets.sh
  • pipeline/validate-ghcr-run-bundle-readmes.sh
  • state 008/009/010/011/013 dashboard patch payloads

Validation

  • TRADERX_GENERATED_ROOT=/tmp/traderx-grafana-docs-gen bash pipeline/generate-state.sh 009-order-management-matcher
  • inspected generated state 009 dashboards; no future-state tags/titles remain
  • TRADERX_GENERATED_ROOT=/tmp/traderx-ghcr-fix-gen-012 bash pipeline/generate-state.sh 012-platform-convergence-c3
  • TRADERX_GENERATED_ROOT=/tmp/traderx-ghcr-fix-gen-013 bash pipeline/generate-state.sh 013-radius-kubernetes-platform
  • dry-ran documented state 012 GHCR published-image startup command
  • bash scripts/test-generated-ci-assets.sh
  • tools/validate-frontmatter.sh
  • bash pipeline/speckit/validate-root-spec-kit-gates.sh
  • bash pipeline/speckit/validate-speckit-readiness.sh
  • bash pipeline/verify-spec-coverage.sh
  • TRADERX_GENERATED_ROOT=/tmp/traderx-all-states-pr bash pipeline/state-playbook.sh --all-implemented

Notes

  • Website build was skipped locally because website/node_modules is not installed.
  • SSO is intentionally not enabled by default; generated public demos use anonymous Viewer dashboards plus local admin credentials that can be overridden via env vars.

@netlify

netlify Bot commented May 28, 2026
edited
Loading

Copy link
Copy Markdown

Deploy Preview for lucky-concha-f3599f canceled.

Name Link
🔨 Latest commit 6dfbbec
🔍 Latest deploy log https://app.netlify.com/projects/lucky-concha-f3599f/deploys/6a2e738551f0030008ba7242

@DovOps DovOps requested a review from a team May 28, 2026 06:00
@DovOps DovOps mentioned this pull request Jun 11, 2026
Open
@DovOps DovOps force-pushed the codex/grafana-public-dashboards-promtail-fix branch from 8e9c130 to 1fe187a Compare June 14, 2026 08:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Harden public Grafana access and deterministic log collection for generated observability states

1 participant

@DovOps