04. Infrastructure Ops: Environments & Deployment
Status: Active / Evergreen Version: 2.0 (Two-Project Model - Feb 2026)
"The Plumbing: Optimized for Velocity and Cost via the Two-Project Model."
1. The Two-Project Environment Model
We have consolidated our GCP infrastructure into two primary projects to reduce management overhead while maintaining production isolation.
| Ring | Environment | Project ID | Database ID | Service Level |
|---|---|---|---|---|
| 1 | Local | singular-dream-dev |
(default) |
Emulator / Local |
| 2 | Test (CI/CD) | singular-dream-dev |
singular-dream-tst |
Shared Dev Project |
| 3 | Staging | singular-dream-dev |
singular-dream-stg |
Shared Dev Project |
| 4 | Production | singular-dream |
(default) |
Isolated Production Project |
2. Serverless Build Infrastructure (The Beast)
The Beast has transitioned from a standalone Compute Engine VM to a Unified Cloud-Native Service. It now runs on Google Cloud Run for orchestration and uses Google Cloud Build for offloading heavy compilation tasks.
| Property | Value |
|---|---|
| Service Name | sysops-core-[env] |
| Compute Type | Serverless (Cloud Run) |
| Build Engine | Google Cloud Build (E2-HighCPU-8) |
| Logic Layer | @sd/sysops (Universal API & Job Processor) |
| Scaling | Automatic (0 to 10 instances based on concurrency) |
| Region | us-central1 |
Build Orchestration (The New Workflow)
- Trigger: Triggered by
deploy.sh --cloudor via CI/CD. - Cloud Build: Source code is shipped to GCP. A high-performance temporary VM (
E2_HIGHCPU_8) installs dependencies and bundles the code. - Containerize: Cloud Build creates the Docker image and pushes it to GCR.
- Deploy: Cloud Run pulls the new image and performs a zero-downtime rolling update.
- Efficiency: Zero-cost idle (only pay when the service is active or jobs are processing).
4. Persistent Caching & State (Upstash Redis)
We utilize a single, high-availability Upstash Redis instance for all domains.
| Property | Strategy | Support |
|---|---|---|
| Connection Model | Indestructible Shared Client | Auto-recovers from EPIPE and ECONNRESET. |
| Lifecycle | Global Lifecycle Management | Client is initialized once and shared across components. |
| Monitoring | Heartbeat Pings | 60-second pings to prevent Upstash idle disconnection. |
| Logic Roles | Job Queue, Context Stash, Rate Limiting | Unified state across Brain, Muscle, and Console. |
5. Secret Management (Google Secret Manager)
Google Secret Manager is the authoritative source for all secrets across environments.
- Storage: Secrets are stored in the
singular-dream(Prod) orsingular-dream-dev(Dev/Stage) projects. - Injection: Secrets are mounted as environment variables or files into Cloud Run services at runtime.
- Identity: Access is controlled via IAM Roles (
Secret Manager Secret Accessor) assigned to thefirebase-adminsdkservice account.
4. Deployment Pipeline
A. TST / STG Promotion
- Branch:
tst->stg - Strategy: Beast-First (Local Build -> Vercel Prebuilt)
- Automation: Auto-promotion from
tsttostgupon successful verification.
B. Production Release
- Branch:
main - Strategy: Clean Room (Vercel Cloud Build)
- Constraint: Requires manual trigger/approval for safety.
Version History
| Version | Date | Author | Change |
|---|---|---|---|
| 2.2.0 | 2026-02-09 | Antigravity | Added Unified Redis/Upstash strategy |
| 2.1.0 | 2026-02-09 | Antigravity | Unified Beast: Migrated to Cloud Run & Cloud Build |
| 2.0.0 | 2026-02-08 | Antigravity | Re-aligned to Two-Project Model & Beast Scaling |