Skip to content

feat(kiloclaw): add Northflank provider#2562

Draft
pandemicsyn wants to merge 7 commits intomainfrom
florian/feat/northflank-provider
Draft

feat(kiloclaw): add Northflank provider#2562
pandemicsyn wants to merge 7 commits intomainfrom
florian/feat/northflank-provider

Conversation

@pandemicsyn
Copy link
Copy Markdown
Contributor

@pandemicsyn pandemicsyn commented Apr 17, 2026
edited
Loading

Summary

  • Adds the Northflank KiloClaw provider implementation behind runtime provider rollout config, including provider state schema, registry wiring, SDK-backed Northflank client/config helpers, deterministic resource naming, and lifecycle support for provision/start/stop/restart/inspect/destroy.
  • Implements the Northflank architecture as one deterministic Northflank project per KiloClaw instance, with a persistent /root volume, service creation at instances: 0, restricted project secrets for KILOCLAW_ENV_KEY, trusted edge-header routing, and Postgres restore recovery from deterministic names.
  • Updates dev image publishing so the on-demand KiloClaw dev workflow pushes the same image tag to Fly Registry and GHCR for Northflank pulls, and documents/configures the required NF_* Worker settings.
  • Makes Northflank available for rollout selection while keeping actual traffic gated by runtime rollout percentages and enabled organization IDs; existing Fly instances remain sticky to Fly and docker-local remains development-only.

Verification

  • pnpm --filter kiloclaw format — passed
  • pnpm --filter kiloclaw typecheck — passed
  • pnpm --filter kiloclaw lint — passed
  • pnpm --filter kiloclaw exec vitest run src/providers/northflank/index.test.ts src/providers/index.test.ts src/northflank/config.test.ts src/northflank/client.test.ts src/providers/northflank/names.test.ts src/durable-objects/kiloclaw-instance/state.test.ts — passed
  • pnpm --filter kiloclaw exec vitest run src/providers/rollout.test.ts src/providers/index.test.ts src/northflank/config.test.ts src/providers/northflank/index.test.ts — passed after enabling Northflank rollout availability
  • pnpm --filter kiloclaw exec vitest run src/routes/platform-inbound-email.test.ts src/routes/platform-legacy-routing.test.ts — passed after DB restore shape changes
  • pnpm --filter kiloclaw exec wrangler deploy --dry-run — passed
  • git push pre-push checks — passed
  • Additional user-provided verification details before merge

Visual Changes

N/A

Reviewer Notes

  • NORTHFLANK_ROLLOUT_AVAILABLE is enabled in this PR, but new Northflank selection still requires runtime rollout config to set percentages and enabled org IDs.
  • Live testing still requires configuring NF_API_TOKEN, NF_EDGE_HEADER_VALUE, Northflank private GHCR pull credentials, and NF_IMAGE_CREDENTIALS_ID.
  • @northflank/js-client currently emits a Node punycode deprecation warning in tests from its dependency tree; tests and Wrangler dry-run pass.
  • NF_DEPLOYMENT.md was intentionally left untracked and is not part of this PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@pandemicsyn