Skip to content

HybridOps v0.1 Stage1 Baseline Lock + Acceptance

Date locked: 2026-02-27
Purpose: Freeze a reproducible baseline and record real acceptance evidence.

Baseline Lock Manifest

Workloads source of truth:

  1. Repo: https://github.com/hybridops-tech/hybridops-workloads.git
  2. Release tag: v0.1.0-stage1
  3. Tag commit: 968704a4f3b443a285d7025da610c4ed2b0739c5

Stage1 app pinning:

  1. apps/smoke/guestbook/base/application.yaml
  2. repoURL: https://github.com/argoproj/argocd-example-apps.git
  3. targetRevision: 723b86e01bea11dcf72316cb172868fcbf05d69e
  4. apps/platform/velero/base/application.yaml
  5. chart: velero
  6. chart version: 8.5.0
  7. values source revision: v0.1.0-stage1
  8. apps/observability/loki/base/application.yaml
  9. chart: loki
  10. chart version: 6.24.0
  11. values source revision: v0.1.0-stage1

Infrastructure/module pins:

  1. Proxmox SDN Terraform source:
  2. tfr://registry.terraform.io/hybridops-tech/sdn/proxmox?version=0.1.4
  3. Proxmox VM module source:
  4. git::https://github.com/hybridops-tech/hybridops-terraform-gitmods.git//proxmox/vm-multi?ref=v0.1.1
  5. NetBox version:
  6. v4.1.7
  7. RKE2 version:
  8. v1.34.3+rke2r1

HyOps bootstrap default alignment (now pinned):

  1. workloads_repo_url: https://github.com/hybridops-tech/hybridops-workloads.git
  2. workloads_revision: v0.1.0-stage1
  3. workloads_target_path: clusters/onprem-stage1

Runtime State Snapshot

Shared foundation:

  1. core/onprem/template-image
  2. run: apply-20260224T214118Z-226f9017
  3. status: ok
  4. template: rocky-9-template (template_vm_id=102)
  5. core/onprem/network-sdn
  6. run: apply-20260225T183317Z-12678d0a
  7. status: ok
  8. zone_name=shybzone, vnets=10
  9. platform/onprem/postgresql-ha
  10. run: apply-20260224T214533Z-fd5273af
  11. status: ok
  12. db_host=10.12.0.5
  13. cap.db.postgresql_ha=ready
  14. platform/onprem/netbox-db-migrate
  15. run: apply-20260226T131935Z-8f3f6c10
  16. status: ok
  17. cap.db.netbox_migration=ready
  18. platform/onprem/netbox
  19. run: apply-20260226T132307Z-668c8d68
  20. status: ok
  21. netbox_url=http://10.10.0.11:8000/
  22. db_host=10.12.0.5
  23. cap.ipam.netbox=ready

Dev operations:

  1. platform/onprem/rke2-cluster
  2. run: apply-20260226T151855Z-3ee0a5e9
  3. status: ok
  4. kubeconfig=/home/user/.hybridops/envs/dev/state/kubeconfigs/rke2.yaml
  5. platform/k8s/argocd-bootstrap
  6. run: apply-20260227T112954Z-fd34c42e
  7. status: ok
  8. root_app_name=hyops-workloads-root
  9. workloads_revision=v0.1.0-stage1

Acceptance Evidence (Tarball-Style Gate)

Control-plane and workload health:

  1. RKE2 nodes ready (kubectl get nodes -o wide):
  2. 3/3 control-plane nodes Ready
  3. version v1.34.3+rke2r1
  4. Argo apps healthy (kubectl -n argocd get applications):
  5. hyops-workloads-root: Synced/Healthy
  6. smoke-guestbook: Synced/Healthy
  7. platform-velero: Synced/Healthy
  8. observability-loki: Synced/Healthy
  9. NetBox HTTP readiness:
  10. curl http://10.10.0.11:8000/ => HTTP/1.1 302 Found
  11. PostgreSQL HA reachability:
  12. from Proxmox: nc -vz 10.12.0.5 5432 => open
  13. Stage1 strict validation:
  14. bash ./scripts/validate.sh --strict --target onprem-stage1 => ok

Blueprint preflight checks:

  1. onprem/bootstrap-netbox@v1 (shared) => preflight_status=ok
  2. onprem/netbox-ha-cutover@v1 (shared) => preflight_status=ok
  3. onprem/postgresql-ha@v1 (dev) => preflight_status=ok
  4. onprem/rke2@v1 (dev) => preflight_status=ok

Known operator caveat:

  1. hyops preflight may fail in a fresh shell if GPG vault is locked.
  2. Unlock first:
  3. hyops vault password >/dev/null

Re-run Commands

Stage1 lock refresh in workloads repo:

./scripts/fill-onprem-stage1.sh \
  --repo-url https://github.com/hybridops-tech/hybridops-workloads.git \
  --git-revision v0.1.0-stage1 \
  --velero-version 8.5.0 \
  --loki-version 6.24.0

Acceptance check commands:

hyops blueprint preflight --env shared --ref onprem/bootstrap-netbox@v1
hyops blueprint preflight --env shared --ref onprem/netbox-ha-cutover@v1
hyops blueprint preflight --env dev --ref onprem/postgresql-ha@v1
hyops blueprint preflight --env dev --ref onprem/rke2@v1

KUBECONFIG="$HOME/.hybridops/envs/dev/state/kubeconfigs/rke2.yaml" kubectl get nodes -o wide
KUBECONFIG="$HOME/.hybridops/envs/dev/state/kubeconfigs/rke2.yaml" kubectl -n argocd get applications
curl -sS -D - http://10.10.0.11:8000/ -o /dev/null | head -n 1