recipe-maintainers/cc-ci-orchestrator
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

plan §4.1: trigger is webhook-OR-poll (mutually exclusive, flag-selected), + collaborator check

Browse Source 
Record the trigger design: webhook (default/primary, confirmed working) and polling
(kept but disabled behind a flag) are mutually exclusive — only one runs at a time, so no
cross-path dedupe. Poll is the fallback when webhook delivery fails. Also note the
commenter-auth check must count recipe-maintainers org members/admins, not just repo
collaborators (the bot is org admin and was being rejected).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
autonomic-bot
2026-05-27 02:15:32 +01:00
parent 4ffcdda9da
commit ef42e3d922
1 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
cc-ci-plan/plan.md
View File

@ -329,6 +329,19 @@ Bridge posts/updates a Gitea PR comment with the run URL and (on completion) pas
- The bridge is a tiny service (Go or Python+FastAPI). Keep it dependency-light; it's a NixOS
systemd service behind Traefik at e.g. `ci.commoninternet.net/hook` (§4.0).
- **Trigger mode: webhook OR poll, mutually exclusive, flag-selected (SETTLED).** Two
implementations exist, but **only one runs at a time**, chosen by env (e.g. `BRIDGE_TRIGGER_MODE=
webhook|poll`): (1) the Gitea `issue_comment` **webhook** — the default/primary, low-latency push
path (confirmed working); (2) **polling** the Gitea API for new `!testme` comments — kept in the
codebase but **disabled by default**, the fallback you flip on when webhook delivery isn't arriving
(e.g. a gateway/network hiccup, as bit M3 early on). Polling reverses direction (cc-ci →
git.autonomic.zone, outbound — the reliably-working path) at ≤60s to satisfy D1. Because the modes
are exclusive, no cross-path dedupe is needed; just don't re-fire already-seen comments when poll
mode is switched on. Either mode alone satisfies D1.
- **Collaborator check must count org access.** The commenter-authorization step rejects
non-collaborators (correct, per §6) — but it must treat `recipe-maintainers` **org members/admins**
as authorized (the bot is org admin; a naive repo-collaborator check rejects it). Verify real
maintainers pass; don't gate legitimate `!testme` on a too-narrow collaborator lookup.
- Enrollment = registering the Gitea webhook on a recipe repo (script in `runner/` or documented
in `enroll-recipe.md`) + ensuring a `tests/<recipe>/` dir exists. The `autonomic-bot` account is
**admin on the `recipe-maintainers` org**, so it can create repos there and add webhooks to any