From 6a2464469f9e80b92c92757f32c5e39a2c38b4ca Mon Sep 17 00:00:00 2001 From: autonomic-bot Date: Mon, 15 Jun 2026 17:00:28 +0000 Subject: [PATCH] upgrade-all: skip 'external' recipes (uptime-kuma) + add used-recipes.md inventory MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Operator: uptime-kuma is maintained elsewhere — drop it from the weekly upgrade but keep it in the used-recipes inventory. New cc-ci-plan/used-recipes.md is the canonical list of every recipe cc-ci deploys/tests, with a weekly|external tier; upgrade-all §1 now excludes 'external' rows from the candidate list (explicit --args still override). uptime-kuma = external; all others weekly. --- .claude/skills/upgrade-all/SKILL.md | 17 ++++++++++---- cc-ci-plan/used-recipes.md | 36 +++++++++++++++++++++++++++++ 2 files changed, 49 insertions(+), 4 deletions(-) create mode 100644 cc-ci-plan/used-recipes.md diff --git a/.claude/skills/upgrade-all/SKILL.md b/.claude/skills/upgrade-all/SKILL.md index 02522c6..df56750 100644 --- a/.claude/skills/upgrade-all/SKILL.md +++ b/.claude/skills/upgrade-all/SKILL.md @@ -1,6 +1,6 @@ --- name: upgrade-all -description: Weekly autonomous upgrade run for the cc-ci CI server. Surveys every enrolled recipe for available upstream upgrades, then runs /recipe-upgrade on each upgradeable one via a subagent — plan, implement, verify green on cc-ci, open a recipe PR (and, only if a cc-ci test went stale, a verified cc-ci test PR). Collects results into one summary listing every PR to review. Rolling pool by default — works through recipes ALPHABETICALLY keeping DRONE_RUNNER_CAPACITY (the drone runner's slots, currently 2) subagents running at once, starting the next as each finishes; --sequential for one-at-a-time, --capacity N to override the pool size, --parallel to start all at once, --dry-run to preview. NEVER merges. Built to run once weekly on a cron. Invoke as /upgrade-all. +description: Weekly autonomous upgrade run for the cc-ci CI server. Surveys every enrolled recipe (except those tagged `external` in cc-ci-plan/used-recipes.md — used/tested but maintained elsewhere, e.g. uptime-kuma) for available upstream upgrades, then runs /recipe-upgrade on each upgradeable one via a subagent — plan, implement, verify green on cc-ci, open a recipe PR (and, only if a cc-ci test went stale, a verified cc-ci test PR). Collects results into one summary listing every PR to review. Rolling pool by default — works through recipes ALPHABETICALLY keeping DRONE_RUNNER_CAPACITY (the drone runner's slots, currently 2) subagents running at once, starting the next as each finishes; --sequential for one-at-a-time, --capacity N to override the pool size, --parallel to start all at once, --dry-run to preview. NEVER merges. Built to run once weekly on a cron. Invoke as /upgrade-all. --- # upgrade-all @@ -82,11 +82,20 @@ remains as belt-and-suspenders even after the /16 fix: it fires on the exact err docker to reclaim leaked endpoints if VIP exhaustion ever recurs despite the larger subnet.) ## 1. Build the candidate list -Enrolled recipes = the cc-ci `tests//` dirs (same set `ci-test-review` sweeps): +Enrolled recipes = the cc-ci `tests//` dirs (same set `ci-test-review` sweeps), **MINUS any +recipe tagged `external` in `cc-ci-plan/used-recipes.md`** — recipes cc-ci uses/tests but does NOT +maintain (someone else upgrades them, e.g. **uptime-kuma**). `used-recipes.md` is the canonical +inventory of every recipe we use; only its `weekly` rows get an upgrade survey + PR here. ``` -ssh cc-ci 'cd /root/cc-ci/tests && ls -d */' | sed 's#/##' | grep -vE '^(_generic|unit|__pycache__)$' +EXTERNAL=$(awk '!/^[[:space:]]*#/ && $2=="external"{print $1}' /srv/cc-ci/cc-ci-plan/used-recipes.md) +ssh cc-ci 'cd /root/cc-ci/tests && ls -d */' | sed 's#/##' \ + | grep -vE '^(_generic|unit|__pycache__)$' \ + | grep -vxF -f <(printf '%s\n' "$EXTERNAL") # drop externally-maintained recipes ``` -(or the names passed in `$ARGUMENTS`). For each, on cc-ci, check availability — skip dirty/up-to-date. +(or the names passed in `$ARGUMENTS` — an explicit recipe name overrides the `external` skip, so you +can still upgrade one on request.) For each candidate, on cc-ci, check availability — skip +dirty/up-to-date. (If `/root/cc-ci` isn't present on the host, stage it first — see +`cc-ci-plan/plan-proxy-vip-exhaustion-fix.md` / the host-rebuild memory for the staging step.) > ⚠️ **Four things that silently skip recipes — handle ALL FOUR per recipe before the version check:** > 1. **pseudo-TTY:** abra FATAs `inappropriate ioctl for device` under plain ssh — wrap every abra call diff --git a/cc-ci-plan/used-recipes.md b/cc-ci-plan/used-recipes.md new file mode 100644 index 0000000..473a9e6 --- /dev/null +++ b/cc-ci-plan/used-recipes.md @@ -0,0 +1,36 @@ +# Used recipes — the canonical inventory of every recipe cc-ci deploys/tests + +Format: ` [note]` — one row per recipe. Tier: + +- **`weekly`** — cc-ci maintains it: included in the weekly `/upgrade-all` survey **and** upgrade + (an upgrade PR is opened when a new upstream version exists). +- **`external`** — cc-ci **uses/tests** it (it's deployed + has `tests//`), but **someone + else maintains/upgrades it**, so it is **excluded from the weekly upgrade** — no upgrade PR is + opened for it. It still runs in CI like any other recipe; we just don't version-bump it. + +`/upgrade-all` reads this file and upgrades only the `weekly` rows (see the skill §1). This list is +the source of truth for "what recipes do we use" — keep it in sync when recipes are enrolled/retired. + +``` +bluesky-pds weekly +cryptpad weekly +custom-html weekly +custom-html-tiny weekly +discourse weekly +drone weekly +ghost weekly +gitea weekly +hedgedoc weekly +immich weekly +keycloak weekly +lasuite-docs weekly +lasuite-drive weekly +lasuite-meet weekly +mailu weekly +matrix-synapse weekly +mattermost-lts weekly +mumble weekly +n8n weekly +plausible weekly +uptime-kuma external # maintained elsewhere — used/tested by cc-ci but NOT weekly-upgraded +```