docs(vibe): bootstrap vibe/ knowledge tree + ecosystem AGENTS.md

Add a root AGENTS.md (ecosystem map of factory/tools/cms + agent operating rules + the persona cohort & workflow) and a new vibe/ knowledge base for LLM agents, modeled on tree-docs conventions and the factory house style. vibe/ folders (each with a README hub + contribution rules): - ADR/ optimized MADR-lite; canonical home going forward (doc/adr stays historical) - PRD/ one subfolder per PRD, mandatory STATUS.md, QA strategy for big ones - investigations/ single INV-NNN-slug.md, or stub + folder w/ notebooks - guidebooks/ tree-docs maps; lab-ecosystem guidebook of factory+tools+cms - runbooks/ [AGENT]/[HUMAN] step procedures (EN; doc/runbooks stays FR) - shareouts/ dated FR handouts (decks/mp4) Seed content (first ADR + PRD): a safe, production-like environment to rehearse risky changes and recovery without touching real prod — local-only sandbox (k3d + arm64 VMs) with a hard prod/sandbox isolation boundary. Includes INV-001 (prod blast-radius couplings), the ecosystem guidebook, and a FR shareout. Conventions enforced: no-tombstone rule, breadcrumb spine, bidirectional cross-links, theme:base mermaid (MCP-validated) + ordered-list-after-diagram. Built with a Workflow + persona cohort; 24 files, zero dead links. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-23 11:52:37 +02:00
parent 827af6b392
commit 7647a68cdc
25 changed files with 1878 additions and 0 deletions
--- a/vibe/PRD/safe-prod-like-environment/STATUS.md
+++ b/vibe/PRD/safe-prod-like-environment/STATUS.md
@@ -0,0 +1,52 @@
+[vibe](../../README.md) > [PRD](../README.md) > [Safe, production-like environment](README.md) > **STATUS**
+
+# STATUS — Safe, production-like environment
+
+> **Last Updated:** 2026-06-23
+
+Legend: ⬜ not started · 🟡 in progress · ✅ done
+
+> [!IMPORTANT]
+> This file MUST be updated whenever something ships. Every PR that advances a phase crosslinks back here (and the matching checkbox flips), and the [PRs](#prs) table gets a row.
+
+## Phase 0 — Isolation guardrails
+
+*Must land before any sandbox run.*
+
+- [ ] ⬜ Sandbox inventory `inventory/sandbox/hosts.yml` (VM/cloud hosts only)
+- [ ] ⬜ Prod-IP abort guard (aborts on `192.168.1.201-203` unless `i_mean_prod=true`)
+- [ ] ⬜ Sandbox GCS state prefixes (`sandbox/...`) or `gs://arcodange-tf-sandbox`
+- [ ] ⬜ Sandbox Vault unseal-key path (`~/.arcodange/sandbox/cluster-keys.json`)
+- [ ] ⬜ Sandbox env profile / plan-only DNS against a throwaway zone
+
+## Phase 1 — Tier-1 k3d fast mode
+
+- [ ] ⬜ One-command bring-up seeded from GitOps
+- [ ] ⬜ Parity manifest v1
+- [ ] ⬜ Canary provisioning-parity test
+- [ ] ⬜ `changed=0` idempotence gate documented
+
+## Phase 2 — Tier-1 3-VM cluster
+
+- [ ] ⬜ Three arm64 VMs (multipass / Vagrant on the M4)
+- [ ] ⬜ Same `system_k3s`; Postgres + Gitea outside k3s on the pi2-equivalent VM
+- [ ] ⬜ Longhorn across the three VM disks
+- [ ] ⬜ Chaos drills: node-kill / Vault-seal / DB-drop
+- [ ] ⬜ First full `CLUSTER_RECOVERY` dry-run against the sandbox
+
+## Phase 3 — Game-day operationalization
+
+- [ ] ⬜ Monthly cadence + promotion gate in the PR checklist
+- [ ] ⬜ Longhorn engine-ID drill
+- [ ] ⬜ ArgoCD bad-sync rollback runbook
+- [ ] ⬜ Evidence trail for ≥1 cycle
+
+## Phase 4 — out of scope
+
+Not planned: dedicated physical node (4th Pi / mini-PC) and disposable cloud k3s for real public DNS/ACME. See [ADR 0001](../../ADR/0001-safe-prod-like-environment.md) for the rejected-alternatives rationale.
+
+## PRs
+
+| PR | Scope | Phase | Merged |
+| --- | --- | --- | --- |
+| _pending_ | Bootstrap the PRD tree (this `vibe/` set) — backfilled on open | — | ⬜ |