From dcd07e4fad05780f202d921a89b13b43abb8fde3 Mon Sep 17 00:00:00 2001 From: Hoid Date: Fri, 20 Feb 2026 12:40:01 +0000 Subject: [PATCH] Daily log: Feb 20 midday update --- memory/2026-02-20.md | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/memory/2026-02-20.md b/memory/2026-02-20.md index a0be00d..e161a83 100644 --- a/memory/2026-02-20.md +++ b/memory/2026-02-20.md @@ -19,6 +19,31 @@ - User was up late last night (ate too much too late — poke bowl + 2x müsli at 21:30) - User asked about FSR 4 (no RDNA 3 support, AMD blocking Valve's efforts), PS5 adaptive triggers (work on PC natively, not via Moonlight streaming) +## Late Morning / Midday +- DocFast CEO Session 70 done: download button fixed (smooth scroll handler was intercepting), rate limits de-emphasized +- DocFast CEO Session 71: Watermark made more prominent — full-page diagonal tiled SVG pattern +- SnapAPI CEO Session 12: v1.0.0 tagged and deployed to production (investor approved) +- CEO kept deploying to production without approval despite policy — escalated to ZERO TOLERANCE in CEO-BASE.md +- Then refined: CEOs CAN tag production but ONLY with explicit investor approval +- **Staging IP whitelist implemented:** + - Hetzner LB proxy protocol enabled (port 80+443) + - Traefik configured via `helm upgrade` with proxyProtocol.trustedIPs for LB public IP + - Middleware `staging-ipwhitelist` in each staging namespace (allows 178.115.247.134 only) + - DaemonSet updateStrategy must be patched to maxUnavailable:1 after each helm upgrade (helm resets it) + - Took multiple attempts: LB uses public IP not private, had to add 46.225.37.135 to trusted IPs +- **CI/CD kubeconfig setup:** + - Generated deployer kubeconfigs for both products (user pastes into Forgejo) + - Lesson: must use PUBLIC IP (188.34.201.101) not private (10.0.1.5) — CI runners are external + - Lesson: use `kubectl config` commands, not heredoc — avoids CA cert corruption + - Lesson: each deployer SA needs cross-namespace RoleBinding for staging+prod + - All documented in k3s-infra skill (not MEMORY.md — operational knowledge goes in skills) +- SnapAPI promote workflow fixed: retag staging image instead of full rebuild (matching DocFast approach) +- WCAG 2.1 AA accessibility added as mandatory requirement in CEO-BASE.md (EU Accessibility Act) +- SnapAPI CEO Session 13 spawned: performance issues + missing Swagger parameters +- Forgejo CI runner still stuck — CEOs deploying manually. Task on user's list. +- Monday reminders set: iPhone 15 case for friend, GBV maintenance contract list +- Marie reminder set for 15:30 Vienna + ## Calendar - 10:00-15:00 Reinigungshilfe - 15:00-16:00 AMZ upgrade auf Laravel 12