From 03b0a3b44d75b60901c68f88f18782704133346f Mon Sep 17 00:00:00 2001 From: autonomic-bot Date: Fri, 29 May 2026 22:19:55 +0100 Subject: [PATCH] deferred(2): Q4.10 drone blocked on host /etc/timezone deploy (gitea SCM dep); integration scoped Co-Authored-By: Claude Opus 4.8 (1M context) --- machine-docs/DEFERRED.md | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/machine-docs/DEFERRED.md b/machine-docs/DEFERRED.md index 1b3ad12..1f1158a 100644 --- a/machine-docs/DEFERRED.md +++ b/machine-docs/DEFERRED.md @@ -290,3 +290,29 @@ before the build is called done) — but does **not** force closure. - **Re-entry trigger:** Adversary §7.1 sign-off accepting P4-N/A for mailu, OR operator approves a cc-ci-authored mailu backupbot recipe-PR. - **Linked IDEA / BACKLOG:** Q4.9. + +### 2026-05-29 — drone (Q4.10) blocked on host /etc/timezone deploy (gitea SCM dep) + scoped integration +- [ ] **What:** drone (Q4.10, LAST §5 recipe) cannot be enrolled until two things land: + (1) **HOST FIX — operator-deploy needed:** drone is a CI server that REQUIRES a git-provider SCM + to boot; the only viable dep is **gitea**, which the recipe binds `/etc/timezone:ro` from the + host. NixOS `time.timeZone` only creates `/etc/localtime`, NOT `/etc/timezone`, so the gitea + container is REJECTED (`bind source path does not exist: /etc/timezone`) — proven on cc-ci via + the drone+gitea smoke. **Fix committed: `3bde76f`** (`environment.etc."timezone"="UTC\n"` in + `nix/hosts/cc-ci/configuration.nix`). It needs the host config deploy (sync `/root/cc-ci` + + `nixos-rebuild switch --flake /root/cc-ci#cc-ci`) — same operator-managed mechanism that deployed + the immich `time.timeZone` fix (there is NO self-service rebuild path on the host: no script, no + history, `/root/cc-ci` is an operator-synced non-git copy that is currently STALE re this commit). + (2) **INTEGRATION (ready to build once host fix lands):** the full drone+gitea wiring is scoped in + JOURNAL-2 `f86a58a` — tests/gitea/recipe_meta.py (dep) + tests/drone/{recipe_meta DEPS=["gitea"] + DEPS-at-install, install_steps.sh creating a gitea admin+token+OAuth2 app → wiring DRONE_GITEA_* + + client_secret, functional health + SCM-configured}. The §4.3 **build-creation** (create/list + builds) is a separate disproportionate sub-deferral (needs a drone OAuth user-token + synced repo + + .drone.yml + push/webhook trigger) → ship the MAXIMAL SUBSET (drone boots with gitea SCM: + install+upgrade+health+SCM-configured) + Adversary §7.1 sign-off on the build-creation gap. +- **Filed by:** Builder, phase 2 (Q4.10 drone smoke). +- **Reason for deferral:** (1) is an operator/host-deploy action (Nix-declared change committed, awaiting + a host `nixos-rebuild`); (2) is the heaviest Phase-2 integration, ready to execute once (1) lands. +- **Operator action to lift:** deploy commit `3bde76f` to the cc-ci host (sync /root/cc-ci + nixos-rebuild + so /etc/timezone exists). Then the Builder executes the scoped gitea+drone integration (JOURNAL f86a58a). +- **Re-entry trigger:** host /etc/timezone deployed (verify `ssh cc-ci 'cat /etc/timezone'` = UTC). +- **Linked IDEA / BACKLOG:** Q4.10; JOURNAL-2 f86a58a; commit 3bde76f.