chore(uhhcraft): remove accidentally-committed server binary + refresh stale docs

[JacobHaig]

Summary

Two real, hardware-free findings from auditing what remains for UhhCraft.

1. Remove a 24 MB committed binary

platform/services/uhhcraft/deployment/server is a Mach-O arm64 binary — a local go build ./cmd/server artifact that got committed. It's useless (the container builds its own Linux binary from the Dockerfile), bloats the repo, and is the wrong architecture anyway. Root .gitignore only ignored deployment/{bin,dist,tmp}/, so a bare server slipped through.

• Removed the tracked binary.
• Added anchored ignore platform/services/*/deployment/server — won't match the internal/server/ source dir, so it's safe and prevents recurrence.

2. Refresh stale docs (written pre-implementation)

• deployment/README.md "Outstanding integration items" listed Phases 3–8 as pending (all merged) and said ./uhhcraft healthcheck / ./uhhcraft river migrate-up "may not exist yet" — both are implemented (cmd/server/main.go:27–44). Rewrote it to: Phases 1–9 + 11 merged; Phase 10 (validation) is the hardware-gated remainder; listed the open decisions feeding it (Stripe mode, CSP, registry, GPU §1).
• service CLAUDE.md dropped the "should expose" / "add if missing" hedges on those two subcommands.

Validation

Docs + gitignore + a binary deletion; no code/behavior change. Secret/IP audit clean.

Note: this removes the binary going forward only — it stays in git history (rewriting public main history isn't worth the disruption to collaborators).

AI Layer:

• platform/services/uhhcraft/CLAUDE.md: Removed hedge language about River migrate-up and healthcheck subcommands (now confirmed implemented in cmd/server/main.go); clarified that River migrations are invoked from deployment/post-deploy.sh and healthcheck runs from deployment/compose.yml.

Platform Layer:

• .gitignore: Added anchored rule to ignore platform/services/*/deployment/server binary produced by go build ./cmd/server, with comment clarifying it won't match the internal server/ source directory.
• platform/services/uhhcraft/deployment/README.md: Updated scope summary to reflect that Phases 1–9 and 11 of WEBSMITH-INTEGRATION-PLAN are merged; Phase 10 (validation) remains hardware-gated, with open decisions listed (Stripe test-vs-live mode, CSP for 3D canvas, container registry choice, GPU passthrough host decision).
• Removed: 24 MB tracked Mach-O arm64 binary (local build artifact, wrong architecture for container).

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository UI (base), Organization UI (inherited)

Review profile: ASSERTIVE

Plan: Pro

Run ID: ec2a0e5f-968f-48c4-83e2-3f2e469b26fa

📥 Commits

Reviewing files that changed from the base of the PR and between 86ae345 and 1bdfd95.

📒 Files selected for processing (4)

• .gitignore
• platform/services/uhhcraft/CLAUDE.md
• platform/services/uhhcraft/deployment/README.md
• platform/services/uhhcraft/deployment/server

---

📝 Walkthrough

Walkthrough

Updated UhhCraft deployment infrastructure and documentation: .gitignore excludes compiled server binaries, CLAUDE.md specifies River migration and healthcheck subcommand behavior, and deployment README advances integration tracking from Phases 3–8 to Phase 10 validation milestone with concrete deliverables.

Changes

UhhCraft Deployment Configuration and Documentation

Layer / File(s)	Summary
Build artifact management .gitignore	Anchored rule excludes platform/services/*/deployment/server binary with clarifying comment distinguishing it from the source server directory.
Service subcommand specifications platform/services/uhhcraft/CLAUDE.md	River queue documentation specifies river migrate-up invocation from post-deploy.sh as a Go subcommand; healthcheck section clarifies /app/uhhcraft healthcheck behavior as single /healthz GET with exit 0 on HTTP 200, otherwise 1.
Integration phase and decision tracking platform/services/uhhcraft/deployment/README.md	Phases 1–9 and 11 marked complete; Phase 10 "validation" identified as remaining work: hardware-gated VM branch-deploy, end-to-end walkthrough, validate-all.yml passing, central Caddy integration with valid cert, and rollback exercise. Specific open decisions enumerated.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

• uhstray-io/agent-cloud#38: Updates UhhCraft deployment guidance around the uhhcraft river migrate-up subcommand implementation during River upgrade.

Suggested labels

platform

Poem

📦 Binary files tucked away, safe from git's view,
🔄 River runs smooth, healthchecks ring true,
📋 Phase 10 validation looms on the horizon,
One rollback to practice, then victory risen! 🎯

---

Important

Pre-merge checks failed

Please resolve all errors before merging. Addressing warnings is optional.

❌ Failed checks (1 error)

Check name	Status	Explanation	Resolution
Pr Title Check	❌ Error	PR title exceeds 72-character limit (81 chars). Type and scope valid, format correct, but length constraint violated.	Shorten description to ≤72 chars total, e.g.: "chore(uhhcraft): remove server binary and refresh stale docs" (59 chars).

✅ Passed checks (9 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the PR's main objectives: removing an accidentally-committed binary and updating stale documentation.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
No Leaked Secrets Or Ips	✅ Passed	No secrets or IPs leaked in PR. Changes are .gitignore documentation, docs updates, and binary deletion—no credentials, AWS keys, GitHub PATs, SSH keys, or private IP ranges detected.
Deploy.Sh Does Not Manage Secrets	✅ Passed	No deploy scripts modified in PR. Existing scripts contain no vault/bao/openbao/secret management calls; correctly delegate secrets to Ansible per architectural boundary.
No Direct-To-Main Commits	✅ Passed	PR source branch is 'chore/uhhcraft-remove-committed-binary', not 'main', and follows the required 'chore/*' naming convention.
Semaphore Config Is Code Managed	✅ Passed	Semaphore configuration is code-managed: templates.yml and setup-templates.yml are present, no manual UI or ad-hoc API calls evident in commit.

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch chore/uhhcraft-remove-committed-binary

• 🛠️ Enforce Secrets Boundary
• 🛠️ Validate Composable Pattern
• 🛠️ Check deploy script conventions

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[JacobHaig]

Merging despite the red Security Scan — deliberate, with evidence that the failure is external and not a finding:

• The only failing step is Secret scan - all detectors (trufflehog), at the curl|sh install (http_download_curl received HTTP status 404). The Action-based Secret scan - verified step in the same job passed.
• Root cause is upstream: trufflehog published v3.95.4 (06:20Z) and v3.95.5 (16:10Z) today with zero release assets (their release automation hit 422 Cannot upload assets to an immutable release). Acknowledged by a maintainer in trufflesecurity/trufflehog#5004. It worked on every run until 06:20Z today and is unrelated to this change.
• This PR is docs + a binary deletion — zero secret-introduction surface. The local secret/IP audit (all RFC1918 ranges + credential patterns) is clean, and Security Scan is not a required check.

Everything else is green (Go build/lint/test, Static Analysis, CodeQL, Analyze, 0 CodeRabbit findings). We'll re-check the trufflehog release in a few hours; once they ship assets, normal PRs go green again — no workflow change made on our side.