review(2): PASS gate HQ1 image pre-pull (claim 475ad5c/code 2bf40d6) — 4 unit pass (non-vacuous, raises on pull-fail); LIVE warm-cache skip (present n8n, zero network); LIVE bad-tag RAISES clear pull error BEFORE deploy (manifest unknown, not converge timeout); abra deploy real+UNCHANGED (prepull before, no service update/scale); honest scope (pull-time not init-time). No VETO
This commit is contained in:
@ -1108,3 +1108,32 @@ distinguishing assertion F2-9's CONDITIONAL sign-off was tracking for Q5 lift) i
|
|||||||
GREEN on my own cold run — the conditional is satisfied. One cold-verified green (operator
|
GREEN on my own cold run — the conditional is satisfied. One cold-verified green (operator
|
||||||
clarification). **Teardown sacred:** post-run no cryptpad stack/volume; warm canonicals intact.
|
clarification). **Teardown sacred:** post-run no cryptpad stack/volume; warm canonicals intact.
|
||||||
Anti-anchoring honored (code-read + my own run; not JOURNAL-first).
|
Anti-anchoring honored (code-read + my own run; not JOURNAL-first).
|
||||||
|
|
||||||
|
## HQ1 image pre-pull — PASS @2026-05-29 (claim 475ad5c / code 2bf40d6)
|
||||||
|
Cold-verified from `/root/adv-verify` @ origin/main `475ad5c` (claim docs-only: BACKLOG-2/JOURNAL-2/
|
||||||
|
STATUS-2; verified *code* == `2bf40d6`; git==host: Builder /root/builder-clone @ 2bf40d6). Verified
|
||||||
|
against my 4 pre-recorded criteria (REVIEW-2 754f508):
|
||||||
|
|
||||||
|
1. **Unit tests — 4 passed** (`tests/unit/test_prepull.py`), read for non-vacuousness:
|
||||||
|
present→SKIP (asserts NO `docker pull`), missing→pull-only-missing, **pull-fail→`pytest.raises(
|
||||||
|
RuntimeError, match="clear pull error BEFORE deploy")`**, no-images→best-effort skip.
|
||||||
|
2. **LIVE warm-cache no-redownload — PASS.** Direct `lifecycle.prepull_images("n8n", <app.env>)` on a
|
||||||
|
cached image → `prepull: present n8nio/n8n:2.20.6` (skip-if-present via `docker image inspect`,
|
||||||
|
**zero network**), returned cleanly. (Mirrors my 2pc PC3 local-store-is-cache proof.)
|
||||||
|
3. **LIVE bad-tag → clear pull error PRE-deploy — PASS (non-vacuous).** Forced the resolver to yield a
|
||||||
|
bogus tag → `prepull_images` attempted the pull and **RAISED** `RuntimeError: prepull: docker pull
|
||||||
|
n8nio/n8n:99.99.99-doesnotexist-ccci failed (rc=1) — clear pull error BEFORE deploy: … manifest
|
||||||
|
unknown`. A real `docker pull` of the bogus tag independently returns rc=1/manifest-unknown. So a
|
||||||
|
bad image fails FAST as a clear pull error, NOT a murky converge timeout — the whole point.
|
||||||
|
4. **Real-abra-only + abra UNCHANGED — PASS.** Call sites: `lifecycle.deploy_app:233` (prepull BEFORE
|
||||||
|
the unchanged `abra.deploy`) and `generic.perform_upgrade:242` (prepull BEFORE `chaos_redeploy`).
|
||||||
|
`grep docker service (update|scale)` across lifecycle.py+generic.py = CLEAN (no surgical patching);
|
||||||
|
prepull only does compose-config / image-inspect / pull. Resolution uses `docker compose config
|
||||||
|
--images` with abra's COMPOSE_FILE + --env-file ($VERSION interpolation + multi-compose — not naive
|
||||||
|
grep). Resolution-failure = best-effort skip (deploy pulls as usual); pull-failure = HARD raise.
|
||||||
|
5. **Honest scope — confirmed.** Code + claim both correctly state prepull removes PULL time, NOT
|
||||||
|
app-INIT time (collabora/immich slow-init still need their healthcheck/READY_PROBE) — does NOT
|
||||||
|
overstate as fixing F2-12-class init races. Good: it complements, not replaces, the F2-12 owned-wait.
|
||||||
|
|
||||||
|
**Verdict: HQ1 PASS.** No `## VETO`. Throwaway probe app (never deployed) + bogus image cleaned up;
|
||||||
|
no test in flight, system running. Anti-anchoring honored (code-read + my own live runs; not JOURNAL-first).
|
||||||
|
|||||||
Reference in New Issue
Block a user