Scaffold Cloudron packaging workspace and automation

docs/PRIORITY_MILESTONES.md

@@ -0,0 +1,49 @@
+# Priority Packaging Milestones
+
+_Target date references assume today is 2025-10-02._
+
+## 1. Apache APISIX
+- **Dependencies**: Requires etcd for configuration storage; default proxy port 9080 and Admin API on 9180 (traditional mode). citeturn1search1turn1search4
+- **Cloudron add-ons**: Package etcd as an internal service (local or addon) or provision external managed etcd.
+- **Key tasks**:
+  1. Implement multi-container Docker build that bundles APISIX gateway and colocated etcd with supervised lifecycle.
+  2. Expose Cloudron TCP proxy support for 9080/9443 proxy & 9180 admin, restrict Admin API via Cloudron ACL.
+  3. Template `conf/config.yaml` to align with Cloudron env vars, including dynamic Admin API keys and optional standalone mode for static config.
+  4. Provide smoke test hitting `/apisix/admin/routes` with Cloudron-issued token.
+- **Milestone window**: Design + PoC by 2025-10-16; functional package & review by 2025-11-01.
+
+## 2. NetBox (netbox-docker)
+- **Dependencies**: PostgreSQL 14+, Redis ≥4.0, persistent media storage; official guidance discourages external Redis and highlights resource needs (8 vCPU, 24 GB RAM for HA). citeturn2search0turn2search1turn2search2
+- **Cloudron add-ons**: Postgres, Redis, object storage (optional), mail outbox.
+- **Key tasks**:
+  1. Adapt upstream docker-compose into Cloudron single-image bundle with supervisord orchestrating web, worker, scheduler.
+  2. Configure manifests for dual Redis (cache + rq) using Cloudron Redis addon namespaces.
+  3. Wire migrations into `start.sh`; ensure plugin directories mounted from `/app/data` for persistence.
+  4. Expand smoke tests to include `/api/` health probe and Celery worker queue check.
+- **Milestone window**: Packaging draft by 2025-10-23; regression-tested release candidate by 2025-11-08.
+
+## 3. Jenkins
+- **Dependencies**: Requires Java 17/21 runtime; official Docker images now default to Java 21 with long-term support for Java 17+. citeturn3search0turn3search9turn3search11
+- **Cloudron add-ons**: Local storage (persistent), optional object storage for builds, outbound mail.
+- **Key tasks**:
+  1. Base image customization layering on top of `jenkins/jenkins:lts-jdk21`; harden permissions and align user IDs with Cloudron.
+  2. Inject Cloudron env integration (admin user + credentials in secrets); support optional LDAP via Cloudron directory service when available.
+  3. Provide maintenance script for plugin catalog sync and backup to `/app/data/backups`.
+  4. Smoke test to assert controller readiness on `/login` and verify Java version output.
+- **Milestone window**: Container adaptation by 2025-10-09; plugin bootstrap + documentation by 2025-10-20.
+
+## 4. DataHub
+- **Dependencies**: Core services (GMS, frontend, Kafka, MySQL, Elasticsearch, optional Neo4j) shipped via docker-compose; quickstart expects 2 CPUs, 8 GB RAM. citeturn4search0turn4search3
+- **Cloudron add-ons**: MySQL addon (primary metadata store), optional Kafka/Elasticsearch via external services or sidecar containers; large persistent volumes.
+- **Key tasks**:
+  1. Determine feasibility of multi-container package (supervisord) vs. encouraging managed dependencies; document resource footprint.
+  2. Externalize credentials & admin user provisioning through Cloudron secrets.
+  3. Provide scripted ingestion of sample metadata gated behind env flag.
+  4. Implement health probes for GMS (`/health`), frontend (`/health`) and background consumer status.
+- **Milestone window**: Architecture decision record by 2025-10-18; initial Cloudron package by 2025-11-12.
+
+## Cross-cutting Actions
+- Update Cloudron base image references repo-wide automatically when new base images (currently `cloudron/base:5.0.0` from the 8.3 release) ship. citeturn0search1
+- Use `make lint` and `make status` gates in CI to enforce placeholder removal before PRs merge.
+- Capture app-specific ADRs under `docs/apps/<slug>/ADR-0001.md` as work begins.
+