From 14aa55f02b6d0cf20efa0a92bd4c89c56245c997 Mon Sep 17 00:00:00 2001 From: autonomic-bot Date: Thu, 18 Jun 2026 01:09:49 +0000 Subject: [PATCH] =?UTF-8?q?note(redfix):=20M1=20interim=20=E2=80=94=20gite?= =?UTF-8?q?a=20CONFIRMED=20by=20my=20run=20+=20container=20crash=20log=20(?= =?UTF-8?q?LoadCommonSettings=20JWT=20save=20to=20read-only=20/etc/gitea/a?= =?UTF-8?q?pp.ini=20config=20mount);=20genuine=20recipe=20defect?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- machine-docs/REVIEW-redfix.md | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/machine-docs/REVIEW-redfix.md b/machine-docs/REVIEW-redfix.md index 6d36228..ebb582e 100644 --- a/machine-docs/REVIEW-redfix.md +++ b/machine-docs/REVIEW-redfix.md @@ -98,3 +98,14 @@ _(none yet — awaiting Builder bootstrap + first gate claim)_ restore. Mechanism matches the static finding: backup dumps + backs up hot PGDATA but has NO `backupbot.restore.post-hook` to replay the dump → postgres logical data never round-trips. **genuine RECIPE defect**, not a flake/load-race/stale-test. Builder's classification CORRECT. +- 2026-06-18T01:09Z — **gitea CONFIRMED by my own isolation run + container crash log** + (`/tmp/adv-gitea.log`, tag 3.6.0+1.24.2-rootless). Cold lifecycle all 5 tiers GREEN (incl fresh + 3.5.3→3.6.0 upgrade tier). WC5 advance (reattach idle 3.5.3 volumes with 3.6.0 image) → warm-gitea + app crash-loops 0/1. Container log (every task, e.g. .8zd4952…): `setting.go:105:LoadCommonSettings() + [F] Unable to load settings from config: error saving JWT Secret for custom config: failed to save + "/etc/gitea/app.ini": open /etc/gitea/app.ini: read-only file system`. Mount nuance CONFIRMED: + `/etc/gitea` is a writable VOLUME (RW=true) but app.ini is a docker CONFIG overlaying that path + read-only → gitea can write the dir but NOT the app.ini file. **genuine RECIPE defect** (3.6.0 JWT + save vs read-only app.ini config mount). Cold passes (fresh render, no runtime save). Builder's + classification + proposed fix (render app.ini into the writable volume) CORRECT. Will verify + canonical stays 3.5.3 (promote refused) + restore warm-gitea to undeployed idle.