Skip to main content

Corrected Execution Order - Frontend First

Date: 2025-10-06 Critical Fix: Frontend wrapper MUST be complete before theia deployment

🚨 Why the Previous Order Was Wrong

Previous (Incorrect) Order:

  1. Auth backend first
  2. Pod provisioning
  3. Then theia frontend ← TOO LATE!

Problem: Users would see broken UI, no Header/Footer, no theme consistency

✅ Corrected Execution Order

Phase 0: Pre-requisites (Day 1 - 1 hour)

No code dependencies - just infrastructure setup

StepTaskTimePriority
0.1Create JWT secret in Kubernetes5min🔴 CRITICAL
0.2Create GCP service account10min🔴 CRITICAL
0.3Grant Vertex AI permissions10min🟡 HIGH
0.4Verify FDB cluster operational15min🔴 CRITICAL
0.5Verify Docker registry access5min🔴 CRITICAL

Commands:

# 0.1
kubectl create secret generic jwt-secret \
  --from-literal=secret=$(openssl rand -base64 32) \
  -n coditect-app

# 0.2
gcloud iam service-accounts create coditect-server \
  --project=serene-voltage-464305-n2

# 0.3
gcloud projects add-iam-policy-binding serene-voltage-464305-n2 \
  --member="serviceAccount:coditect-server@serene-voltage-464305-n2.iam.gserviceaccount.com" \
  --role="roles/aiplatform.user"

# 0.4
kubectl get statefulset foundationdb -n coditect-app

# 0.5
gcloud auth configure-docker gcr.io

Phase 1: Frontend Wrapper (Day 1-3 - MUST BE FIRST!)

Goal: Build V4 wrapper that will contain theia Blockers: None - can start immediately Why First: Users will see this wrapper before anything else loads

StepTaskDependenciesTimePriority
1.1Port V4 Header componentNone2h🔴 CRITICAL
1.2Port V4 Footer componentNone1h🔴 CRITICAL
1.3Create theiaEmbed componentNone2h🔴 CRITICAL
1.4Create SidePanel componentNone3h🔴 CRITICAL
1.5Update layout for theia1.1, 1.2, 1.3, 1.42h🔴 CRITICAL
1.6Port V4 Chakra themeNone1h🔴 CRITICAL
1.7Create theia CSS theme (matching)1.62h🔴 CRITICAL
1.8Create theme sync hook1.6, 1.71h🟡 HIGH
1.9Update App routes1.51h🔴 CRITICAL
1.10Port Login/Register pages1.1, 1.22h🔴 CRITICAL
1.11Test wrapper locally (mock theia)All above3h🔴 CRITICAL

Total: ~20 hours (2.5 days)

Deliverables:

  • ✅ Complete V4 wrapper working locally
  • ✅ Header/Footer/SidePanel functional
  • ✅ Theme consistent (Chakra + theia CSS ready)
  • ✅ Login/Register pages styled correctly
  • ✅ Routes configured for /ide

Test Criteria:

# Run locally
npm run dev

# Visit http://localhost:5173
# Should see:
# - Header with logo, theme toggle, user menu
# - SidePanel (even if empty)
# - Footer with links
# - Mock theia area (can be placeholder div)
# - Theme toggle works (light/dark)

Phase 2: theia Container (Day 3-4 - Parallel with Phase 3)

Goal: Build theia with extensions, ready to embed in wrapper Blockers: None - can run parallel with auth backend Why Now: Once wrapper is ready, we need theia to load into it

StepTaskDependenciesTimePriority
2.1Build theia with llm extensionsNone4h🔴 CRITICAL
2.2Add theme sync receiver1.7, 1.82h🔴 CRITICAL
2.3Create Dockerfile for theia2.1, 2.22h🔴 CRITICAL
2.4Build Docker image2.31h🔴 CRITICAL
2.5Push to GCR2.415min🔴 CRITICAL
2.6Test theia in local wrapper1.11, 2.52h🔴 CRITICAL

Total: ~12 hours (1.5 days)

Deliverables:

  • ✅ theia container image in GCR
  • ✅ theia loads in wrapper (local test)
  • ✅ Theme syncs between wrapper and theia
  • ✅ Extensions working (llm chat, model selector)

Docker Build:

# Dockerfile.theia
FROM node:20-slim

WORKDIR /workspace

# Install theia dependencies
RUN apt-get update && apt-get install -y git python3 build-essential

# Copy package files
COPY package*.json ./
RUN npm ci --production

# Copy theia source
COPY . .

# Build theia
RUN npm run theia:build

EXPOSE 3000
CMD ["npm", "run", "theia:start", "--", "--hostname=0.0.0.0", "--port=3000"]

Phase 3: Auth Backend (Day 3-4 - Parallel with Phase 2)

Goal: JWT + FDB session management working Blockers: Needs Phase 0 (JWT secret) Why Now: Wrapper needs working auth before deployment

StepTaskDependenciesTimePriority
3.1Create JWT middleware0.13h🔴 CRITICAL
3.2Add FDB session lookup0.4, 3.12h🔴 CRITICAL
3.3Implement session storage0.42h🔴 CRITICAL
3.4Create login endpoint3.1, 3.2, 3.32h🔴 CRITICAL
3.5Create register endpoint3.1, 3.2, 3.32h🔴 CRITICAL
3.6Add session expiration3.21h🟡 HIGH
3.7Create session cleanup job3.61h🟡 HIGH
3.8Test auth flow end-to-endAll above2h🔴 CRITICAL

Total: ~15 hours (2 days)

Deliverables:

  • ✅ JWT generation and validation working
  • ✅ Sessions stored in FDB
  • ✅ Login/Register endpoints functional
  • ✅ Session expiration enforced

Test:

# Register user
curl -X POST https://api.coditect.ai/api/v2/auth/register \
  -H "Content-Type: application/json" \
  -d '{"email":"test@example.com","password":"test123","name":"Test User"}'

# Login
curl -X POST https://api.coditect.ai/api/v2/auth/login \
  -H "Content-Type: application/json" \
  -d '{"email":"test@example.com","password":"test123"}'

# Should return JWT + session data

Phase 4: WebSocket Sidecar (Day 5 - Depends on Phase 2, 3)

Goal: Fix WebSocket pod communication Blockers: Needs theia container (Phase 2) to test with Why Now: theia needs real-time communication

StepTaskDependenciesTimePriority
4.1Create WebSocket sidecar containerNone3h🔴 CRITICAL
4.2Update workspace pod template4.12h🔴 CRITICAL
4.3Test localhost communication4.21h🔴 CRITICAL
4.4Update theia WebSocket client2.1, 4.32h🔴 CRITICAL
4.5Test with auth (JWT in WebSocket)3.1, 4.42h🔴 CRITICAL

Total: ~10 hours (1.25 days)

workspace Pod Template (with sidecar):

apiVersion: v1
kind: Pod
metadata:
  name: workspace
  namespace: user-{user_id}
spec:
  containers:
  - name: theia
    image: gcr.io/serene-voltage-464305-n2/t2-theia-ide:latest
    ports:
    - containerPort: 3000
    env:
    - name: WEBSOCKET_URL
      value: "ws://localhost:8765"  # Sidecar

  - name: websocket-gateway
    image: gcr.io/serene-voltage-464305-n2/coditect-websocket:latest
    ports:
    - containerPort: 8765
    env:
    - name: FDB_CLUSTER_STRING
      value: "coditect:production@10.128.0.8:4500"

Phase 5: Pod Provisioning (Day 5-6 - Depends on Phase 3)

Goal: Auto-create user pods on registration Blockers: Needs auth backend (Phase 3) to know which user Why Now: Registration flow needs to provision pods

StepTaskDependenciesTimePriority
5.1Create workspace pod template with CODI24.22h🔴 CRITICAL
5.2Build pod provisioning service3.4, 5.14h🔴 CRITICAL
5.3Integrate with registration3.5, 5.22h🔴 CRITICAL
5.4Store pod info in FDB session3.3, 5.31h🔴 CRITICAL
5.5Test pod lifecycleAll above2h🔴 CRITICAL

Total: ~11 hours (1.5 days)

Integration:

// In auth-service register()
const user = await createUser(email, password);
const pod = await podProvisioningService.createUserPod(user.userId, user.tenantId);
const session = await sessionService.createSession(user.userId, pod);
return { user, token: generateJWT(user, session), sessionId: session.sessionId };

Phase 6: Full Integration & Deploy (Day 6-7 - Depends on ALL above)

Goal: Deploy complete V5 to GKE Blockers: Needs ALL previous phases complete Why Now: Everything is ready, deploy the full stack

StepTaskDependenciesTimePriority
6.1Build production frontend bundle1.1130min🔴 CRITICAL
6.2Create combined Dockerfile1.11, 2.31h🔴 CRITICAL
6.3Build production image6.230min🔴 CRITICAL
6.4Create Kubernetes deploymentsAll2h🔴 CRITICAL
6.5Update ingress for /ide route6.430min🔴 CRITICAL
6.6Deploy to GKE6.51h🔴 CRITICAL
6.7Test complete user flow6.63h🔴 CRITICAL
6.8Fix bugs6.74h🔴 CRITICAL

Total: ~13 hours (1.5 days)

Deployment:

# Build production image
docker build -f Dockerfile.production -t gcr.io/serene-voltage-464305-n2/t2-v5-ide:latest .
docker push gcr.io/serene-voltage-464305-n2/t2-v5-ide:latest

# Deploy to GKE
kubectl apply -f k8s/v5-deployment.yaml -n coditect-app
kubectl apply -f k8s/v5-ingress.yaml -n coditect-app

# Verify
curl -I https://coditect.ai/ide

Phase 7: Blue-Green Rollout (Day 7-10 - Gradual)

Goal: Migrate traffic from V4 to V5 Blockers: Needs Phase 6 (V5 deployed and tested) Why Now: Safe production rollout

StepTaskDependenciesTimePriority
7.1Configure canary (10% traffic)6.630min🔴 CRITICAL
7.2Monitor 24 hours7.1-🔴 CRITICAL
7.3Increase to 50%7.215min🔴 CRITICAL
7.4Monitor 48 hours7.3-🔴 CRITICAL
7.5Increase to 100%7.415min🔴 CRITICAL
7.6Decommission V47.51h🟡 HIGH

Total: 3 days (mostly monitoring)

📊 Corrected Timeline

Solo Developer (12-15 days)

PhaseDaysWhat
Phase 00.5Pre-requisites
Phase 12.5Frontend wrapper (FIRST!)
Phase 21.5theia container (parallel with 3)
Phase 32.0Auth backend (parallel with 2)
Phase 41.25WebSocket sidecar
Phase 51.5Pod provisioning
Phase 61.5Deploy & test
Phase 73.0Blue-green rollout
Total13.25 days+ 2 days buffer = 15 days

2-Person Team (8-10 days)

Person 1 (Frontend):

  • Day 1-3: Phase 1 (frontend wrapper)
  • Day 4-5: Phase 2 (theia container)
  • Day 6-7: Phase 6 (integration)
  • Day 8-10: Phase 7 (rollout)

Person 2 (Backend):

  • Day 1: Phase 0 (pre-requisites)
  • Day 2-4: Phase 3 (auth backend)
  • Day 5: Phase 4 (WebSocket)
  • Day 6: Phase 5 (pod provisioning)
  • Day 7: Phase 6 (integration)
  • Day 8-10: Phase 7 (rollout)

🔑 Key Insight

Frontend wrapper is NOT just UI - it's the foundation:

  1. Users see wrapper first - Before theia even loads
  2. Auth happens in wrapper - Login/Register pages are part of wrapper
  3. Theme is set by wrapper - theia inherits theme from wrapper
  4. layout contains everything - Header/Footer/SidePanel wrap theia

Without the wrapper complete, we can't deploy anything to production.

✅ Corrected Dependencies

Phase 0 (Infrastructure)

Phase 1 (Frontend Wrapper) ← MUST BE FIRST

Phase 2 (theia) ←┐
                 ├→ Phase 4 (WebSocket)
Phase 3 (Auth)   ←┘           ↓
    ↓                    Phase 5 (Pods)
    └────────────────────────────┐

                         Phase 6 (Deploy)

                         Phase 7 (Rollout)

Bottom Line: Build the wrapper first, then build what goes inside it (theia + backend).