Skip to content
Tasuku

Operations & Configuration

Tasuku runs as a Cloudflare Worker with D1 and a Durable Object. Configuration and operational scripts live at the repo root; deployments are performed by the maintainer.

Runtime configuration

Section titled “Runtime configuration”
  • wrangler.jsonc — Worker config: the main entry (src/worker.ts, which re-exports the SyncInbox Durable Object), the durable_objects binding + migration, and D1 bindings. The DO binding is repeated under env.staging (non-inheritable) (ADR-011).
  • Bindings are the only way Worker code reaches external resources (D1, the DO) — injected via env at request time (constitution §7.8).
  • Secrets (e.g. Clerk keys) are provided via .dev.vars locally and Wrangler secrets in deployed environments; .dev.vars* are never committed.
  • Environments — production (tasuku-db) and an isolated tasuku-staging Worker + tasuku-db-staging (spec 020).

Build & local CI

Section titled “Build & local CI”

Key package.json scripts:

ScriptPurpose
devastro dev
buildastro build + service-worker patch (scripts/build-sw.mjs)
db:migrate:localapply D1 migrations locally (never --remote from the assistant)
test / test:e2eVitest unit/contract; Playwright E2E
ci:localthe full local mirror of the CI gates

npm run ci:local runs install → validate (typecheck/lint/format/test) → build → docs site (build + coverage, spec 022) → supply-chain (SBOM, osv-scanner incl. the docs-site lockfile, npm-audit, gitleaks). It is the single verification the project relies on locally.

Deployment

Section titled “Deployment”
  • The app Worker is deployed with Wrangler by the maintainer (wrangler deploy; staging via npm run deploy:staging). D1 migrations are applied with db:migrate:*.
  • The documentation site (this site) is built with npm run build --prefix docs-site and deployed by the maintainer as a separate Cloudflare Pages project — independent of the app Worker (ADR-012).

CI-cost discipline

Section titled “CI-cost discipline”

The project runs on a hard compute cap. Assistant commits use [ci skip] and git push -o ci.skip, only to non-default, MR-free branches; the maintainer opens merge requests and performs all merges and deploys. ci:local is the only verification the assistant relies on (CONTRIBUTING → “CI cost discipline”).

Supporting tooling (not individual module guides)

Section titled “Supporting tooling (not individual module guides)”

Several knowledge-graph communities are tooling/governance rather than runtime modules and are summarized here rather than given their own guides: the GitLab CI pipeline (spec 006), supply-chain scanners (ADR-007), spec-kit workflow/shell helpers, Renovate config, dependency sets, npm scripts, and the i18n message catalogs (en/de; ADR-008). The repository’s test suites (unit/contract/E2E) are likewise cross-cutting and documented alongside the subsystems they exercise.