GloriousFlywheel tinyland.dev First Patch Playbook 2026-04-16
Snapshot date: 2026-04-16
Purpose
Define the first concrete downstream patch target for tinyland-inc/tinyland.dev
under #210.
GitHub owner: #210
Why tinyland.dev Goes Second
tinyland.dev is the best org-owned product-repo example in tranche 1:
- it is a cleaner representative product repo than
blahajorlab - it has distinct Nix, container, and deploy workflows
- if it uses the shared runner contract cleanly, it becomes the best reference example for other org repos
Observed Workflow Reality
From direct workflow inspection on 2026-04-16:
nix.yml- runs
nix-checkonubuntu-latest - runs
nix-buildontinyland-nix - still points at stale
https://nix-cache.fuzzy-dev.tinyland.devvalues - still manages Attic push configuration manually
- runs
container.yml- stays on
ubuntu-latest - uses GitHub-hosted Buildx/GHCR flow
- stays on
staging-deploy.yml- still uses
CIVO_KUBECONFIG - still uses a Civo/S3-shaped staging path
- is not the right first proof point for the shared runner contract
- still uses
First Patch Goal
Make tinyland.dev the canonical example of an org product repo using the
shared GitHub runner contract, without dragging in the old cloud-deploy path.
That means:
- fix the Nix runner path first
- move it onto current cache/runtime truth
- leave the staging deploy workflow out of the first migration proof
Recommended Patch Order
Patch 1: Normalize the Nix workflow
Target file:
nix.yml
Desired outcome:
tinyland-nixremains the shared runner label- stale fuzzy-dev cache URLs are removed
- the workflow uses the current GloriousFlywheel cache/runtime contract instead of carrying older manual cache setup assumptions
Patch 2: Keep container workflow separate
Target file:
container.yml
Desired outcome:
- no unnecessary self-hosted migration pressure
- keep GHCR container publishing independent from the first shared-runner proof
Patch 3: Reclassify staging deploy as separate work
Target file:
staging-deploy.yml
Desired outcome:
- clearly treat the Civo-shaped staging deploy as a separate deployment-lane migration, not as the first downstream runner-contract example
Execution Status
Current execution state on 2026-04-16:
nix.ymlis patched in a real local checkout at/tmp/tinyland.dev/.github/workflows/nix.yml- the patch updates stale
https://nix-cache.fuzzy-dev.tinyland.devreferences tohttps://nix-cache.tinyland.dev/main - the patch moves the self-hosted
nix-buildjob ontotinyland-inc/GloriousFlywheel/.github/actions/setup-flywheel@main - direct Attic push setup now uses injected
ATTIC_SERVERinstead of a hard-coded fuzzy-dev endpoint container.ymlandstaging-deploy.ymlremain intentionally untouched in this first pass
Verification completed for the local checkout patch:
- workflow YAML parses cleanly
- no stale fuzzy-dev cache references remain in the patched
nix.yml git diff --checkpasses in the local checkout- the patch has been pushed upstream as
tinyland-inc/tinyland.dev#136
Current blocker after PR execution:
Lint & Typecheckwas cleared by the lockfile refresh- the PR then exposed a broader container-build issue in
ContainerFile pnpm-lock.yamlnow contains23locallink:../...workspace package resolutions- at least
tinyland-admin-validation -> tinyland-authandtinyland-caldav-client -> tinyland-calendarare being installed as local workspace links while their package manifests still use semver ranges instead ofworkspace:* - that means the runner-contract PR is currently blocked on a repo-level internal package resolution/build-order policy decision, not on GloriousFlywheel runner setup itself
What Not To Do First
- do not start by migrating
staging-deploy.yml - do not use the old fuzzy-dev cache coordinates as a reference for new repos
- do not make the canonical product-repo example depend on the residual cloud path
Acceptance Criteria
tinyland.devhas one clean shared-runner Nix workflow that matches the current GloriousFlywheel contract- the repo can be cited as the reference org product-repo consumer
- the old staging deploy path is clearly separated from the shared-runner story
- the PR is either green on its own merits or explicitly split from the broader internal workspace package-resolution fix