OpenCode Slack Gateway - Deployment Status
Date: 2026-02-02 Status: ✅ FULLY OPERATIONAL - End-to-End Flow Working!
What’s Deployed
1. Gateway Service (ai-dev namespace)
- Pod:
gateway-656d6ff49-fbfhw- Running (1/1) - Image:
ghcr.io/craigedmunds/ai-dev-gateway:0.1.1-dev - Service:
gateway.ai-dev.svc.cluster.local:8000 - Health: ✅ Responding on
/api/health - Slack Connection: ✅ Socket Mode connected
2. Bridge Plugin (codev pod)
- Location:
/home/coder/src/.builders/0012-slack-gateway/repos/ai-dev/plugins/opencode-bridge/ - Symlink:
~/.config/opencode/node_modules/@opencode/bridge-plugin→ plugin source - NPM Link: ✅ Globally linked
- Status: 📦 Installed but not yet loaded by OpenCode
3. GitHub Actions
- Workflow:
.github/workflows/build-gateway.yml - Build Strategy: Uses Taskfile (
task build) - matches codev pattern - Version: Auto-increments on main branch builds
- Dev Builds:
VERSION-devsuffix (e.g.,0.1.1-dev)
Configuration
Gateway Connection
The plugin expects these environment variables (with defaults):
GATEWAY_URL=http://gateway.ai-dev.svc.cluster.local:8000
GATEWAY_WS=ws://gateway.ai-dev.svc.cluster.local:8000/ws/bridgeDefault values work within the cluster:
http://gateway:8000(needs to begateway.ai-dev.svc.cluster.localfor cross-namespace)ws://gateway:8000/ws/bridge
Kubernetes Secrets
- Slack Credentials:
slack-opencode-credentials(synced via ClusterExternalSecret)SLACK_BOT_TOKENSLACK_APP_TOKENSLACK_CHANNEL_ID
- Docker Registry:
gh-docker-registry-creds(for pulling private images)
Testing Needed
-
Plugin Loading: Restart OpenCode or start a new session to verify plugin loads
- Check for logs:
cat /tmp/slack-bridge-plugin.log - Should see: “Plugin initialized” and “Gateway WebSocket: ws://…”
- Check for logs:
-
WebSocket Connection: Plugin should connect to Gateway on load
- Gateway logs should show: “WebSocket client connected”
-
Permission Flow: Trigger a permission request in OpenCode
- Should flow through Gateway to Slack
- Slack message should appear with approval buttons
Files Changed
ai-dev repo (branch: epic1-story-1.5-state-persistence)
services/gateway/VERSION- Version tracking (current: 0.1.1)services/gateway/Taskfile.yaml- Build automation with version incrementservices/gateway/Dockerfile- Multi-stage build with uv.github/workflows/build-gateway.yml- CI/CD pipelineinfrastructure/kustomize/components/gateway/- K8s manifestsdeployment.yaml- With imagePullSecrets and Slack env varskustomization.yaml- Image tag:0.1.1-dev
pyproject.toml- With slack-bolt, aiohttp, websocketsuv.lock- Regenerated with all dependencies
codev pod
- Installed
uv(0.9.28) at~/.local/bin/uv - Linked Bridge plugin to OpenCode
✅ Testing Complete
End-to-End Flow Verified (2026-02-02 16:46 UTC)
- ✅ OpenCode permission request triggered
- ✅ Bridge Plugin captured and forwarded to Gateway
- ✅ Gateway posted message to Slack
- ✅ User clicked “Allow” in Slack
- ✅ Gateway received decision and returned to Plugin
- ✅ Permission granted in OpenCode
Gateway Logs:
2026-02-02 16:46:10 [info] permission_request_received session_id=ses_3e19f99a7ffeohhvG0q0Pw1d37
2026-02-02 16:46:34 [info] permission_request_answered decision=allow
INFO: POST /api/opencode/permission HTTP/1.1" 200 OK
Configuration Notes
Environment Variables (Required)
These are set in codev pod environment and /home/coder/src/.opencode-env.sh:
GATEWAY_URL=http://gateway.ai-dev.svc.cluster.local:8000GATEWAY_WS=ws://gateway.ai-dev.svc.cluster.local:8000/ws/bridge
Plugin Configuration
- Location:
/home/coder/src/.opencode/config.json(on PVC) - Symlinked to:
~/.config/opencode/config.json - Content:
{"plugin": ["@opencode/bridge-plugin"]}
Completed Improvements
- Add
uvto codev Dockerfile (commit b3d8ad9) - Plugin loads automatically from PVC symlink
- Config persists on PVC across pod restarts
- Cross-namespace DNS working (
gateway.ai-dev.svc.cluster.local)
PR Status
PR #7: [Epic 1] Gateway Deployment: Docker Build + K8s Integration
- Branch:
epic1-story-1.5-state-persistence - Status: Ready to merge after successful test
- All CI checks passing ✅