The watchdog is spawned into the existing tmux server and didn't reliably inherit a custom PHASES_SPEC — it would fall back to the default 11-phase spec and mis-detect completion. Forward PHASES_SPEC/PHASE_IDX_FILE/ LOOP_BACKEND/LOOP_MODEL explicitly in the watchdog command so custom single-phase runs (like the mirror-enroll plan) work end-to-end. Also make the mirror-enroll plan's live-host-deploy step an explicit claim-and-wait operator gate for the loops. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
5.8 KiB
Plan — mirror + enroll ALL recipes (then resume per-recipe debugging)
Status: PROPOSED — awaiting operator go-ahead on the live-host deploy (Phase 4). Owner: orchestrator (can delegate authoring to a Builder/upgrader session). Created: 2026-06-02. Author: Claude Sonnet 4.6 orchestrator session.
Goal & rationale
Get every recipe mirrored in recipe-maintainers/<recipe> AND enrolled in the !testme bridge,
so all of them are CI-triggerable, before resuming debugging of individual recipes (matrix-synapse
re-run failure, ghost backup PR, etc.). Operator directive: "make sure all recipes are mirrored and
enrolled before we continue debugging particular recipes."
Target end-state: 19 recipes — the 18 with tests/ coverage today, plus hedgedoc (operator
chose "add a test suite" for it) — each mirrored, enrolled in POLL_REPOS, and test-covered.
Current state (surveyed 2026-06-02)
Canonical set = recipes with a tests/<recipe>/ dir = 18:
bluesky-pds, cryptpad, custom-html, custom-html-tiny, discourse, ghost, immich, keycloak, lasuite-docs, lasuite-drive, lasuite-meet, mailu, matrix-synapse, mattermost-lts, mumble, n8n, plausible, uptime-kuma. (+ hedgedoc, enrolled but no tests — see Phase 2.)
| Dimension | State |
|---|---|
Enrolled in bridge POLL_REPOS (9) |
custom-html, custom-html-tiny, keycloak, cryptpad, matrix-synapse, lasuite-docs, lasuite-meet, n8n, uptime-kuma (+ hedgedoc, + cc-ci) |
| NOT enrolled (9) | bluesky-pds, discourse, ghost, immich, lasuite-drive, mailu, mattermost-lts, mumble, plausible |
| Mirror missing (3) | lasuite-drive, mailu, mumble (all real recipes — verified) |
| Enrolled but untested | hedgedoc (mirror+enrollment exist, no tests/hedgedoc/) |
Where things live:
- Bridge enrollment:
recipe-maintainers/cc-ci→nix/modules/bridge.nix, thePOLL_REPOS=CSV (~line 43). - Tests:
recipe-maintainers/cc-ci→tests/<recipe>/(template:recipe_meta.py,functional/test_*.py,PARITY.md). - Mirror create + main-sync logic:
recipe-upgrade/open-recipe-pr.sh(create at lines 53-70, force-sync at 75-77). - Live deploy target:
nixos-rebuild switch --flake .#cc-cion the cc-ci host (now safe —be4f451mapped#cc-ci→ the Hetzner host config).
Phases
Phase 0 — pre-flight (no writes)
- Confirm each of
lasuite-drive, mailu, mumbleresolves viaabra recipe fetch <recipe>on the cc-ci host (upstream exists). All three havetests/so they were exercised in phase 2; expected to pass. - Snapshot current
POLL_REPOSand the live bridge unit state for rollback reference.
Phase 1 — create the 3 missing mirrors
For each of lasuite-drive, mailu, mumble: create recipe-maintainers/<recipe> (Gitea API) and
force-sync its main to true upstream main. Reuse the create+sync path in open-recipe-pr.sh
(run on the cc-ci host with bot creds), or --reconcile-only after the repo exists. No PRs opened.
Phase 2 — author the hedgedoc test suite
hedgedoc is enrolled+mirrored but has no tests/hedgedoc/. Author one mirroring a simple recipe
(template = tests/uptime-kuma/): recipe_meta.py, functional/test_*.py (health-check + a
content/branding probe at minimum), PARITY.md. Open a cc-ci PR for the new suite; verify it green
via !testme before relying on it. (This is the larger sub-task; can be delegated to a Builder session.)
Phase 3 — enroll the 9 unenrolled recipes
Edit nix/modules/bridge.nix POLL_REPOS to add: bluesky-pds, discourse, ghost, immich, lasuite-drive, mailu, mattermost-lts, mumble, plausible. Confirm each has a tests/<recipe>/ (all 9
do). Commit to the cc-ci product repo. Final POLL_REPOS = cc-ci + all 19 recipes.
Phase 4 — deploy to the live cc-ci host ⚠️ OPERATOR GO-AHEAD GATE
cd /root/cc-ci && nixos-rebuild switch --flake .#cc-ci on the cc-ci host (or the repo's deploy path).
Restarts the bridge with the new poll set. This is the one high-impact step (live CI server).
LOOPS: do NOT run this yourselves. CLAIM this gate in STATUS — state the exact command, that
/root/cc-ci is at the committed head, and that Phases 1-3 are Adversary-verified — then WAIT for the
operator to perform/approve the rebuild. (Footgun is mitigated now that #cc-ci → the Hetzner host
config via be4f451, but the live-host rebuild stays an operator action.) Note: /root/cc-ci is an
operator-synced copy — there is no self-service host rebuild path (a known gap).
Phase 5 — verify !testme triggerability
For 2-3 newly-enrolled recipes, post !testme on an open PR (or a scratch PR) and confirm a Drone
build starts and reports back. Spot-check the bridge poll log shows all 19 repos.
Phase 6 — resume per-recipe debugging (was blocked on the above)
Only after Phases 1-5: pick up the deferred per-recipe work — matrix-synapse upgrade re-run failure,
ghost backup PRs (#1 reopened, #2 upgrade), discourse bitnamilegacy re-pin, immich/mattermost/plausible
backup fixes, etc. (See DEFERRED.md + the build-audit summary.)
Risks & rollback
- Live-host rebuild (Phase 4): mitigated now that
#cc-ci→ Hetzner config (be4f451); still the highest-risk step. Rollback =nixos-rebuild switch --rollbackor redeploy the prior generation. - Bridge poll widening: more repos polled = more API calls; negligible at 19 repos. A bad recipe enrollment can't break others (per-recipe runs are isolated).
- hedgedoc tests (Phase 2): authoring risk only; gated by its own
!testme-green PR before trust.
Open items / decisions
- hedgedoc: author tests (operator-chosen). Scope it as its own PR.
bluesky-pds #1open PR looks like arecipe-create-prsmoke-test artifact — close separately (flagged to @notplants).- Host self-service rebuild path for cc-ci is still a gap (Phase 4 depends on an operator-synced
/root/cc-ci); worth a durable fix later.