journal(gtea): M2 root cause analysis + fix details
Some checks failed
continuous-integration/drone/push Build is failing
Some checks failed
continuous-integration/drone/push Build is failing
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
autonomic-bot
@ -119,3 +119,57 @@ Adversary findings from BUILDER-INBOX consumed in 446bafe.
|
||||
M1 claim commit: see `claim(gtea):` below.
|
||||
|
||||
### Next: await Adversary M1 PASS → proceed to BACKLOG items 6-8 (real CI + LFS PR)
|
||||
|
||||
---
|
||||
|
||||
## 2026-06-15 — M2 builds analysis + fixes
|
||||
|
||||
### Adversary inbox consumed @20:50Z
|
||||
|
||||
BUILDER-INBOX had two critical M2 blockers:
|
||||
1. LFS roundtrip FAIL (run 676): LFS not running in upgrade deploy
|
||||
2. Upgrade FAIL on main (run 674): REF="main" fails HC1 SHA comparison
|
||||
|
||||
### Root cause analysis
|
||||
|
||||
**Blocker 1 (LFS):**
|
||||
Recipe checkout timeline in run 676:
|
||||
- 20:35:35: Initial clone at 357926f2 (compose.lfs.yml present)
|
||||
- 20:35:37: abra base-deploy checks out 3.5.2+1.24.2-rootless (compose.lfs.yml REMOVED)
|
||||
- 20:35:58: harness re-checks out 357926f2 for upgrade (compose.lfs.yml RESTORED)
|
||||
|
||||
The key: EXTRA_ENV is called AFTER abra.recipe_checkout(version) in deploy_app. At that point
|
||||
compose.lfs.yml is absent → EXTRA_ENV returns sqlite3-only → install runs without LFS.
|
||||
Then UPGRADE_EXTRA_ENV (undefined for gitea) → no update to COMPOSE_FILE → chaos redeploy
|
||||
also without compose.lfs.yml. But _lfs_available() checks disk and finds compose.lfs.yml
|
||||
(restored at 20:35:58) → test runs but LFS server is off → batch endpoint: "not found".
|
||||
|
||||
Fix: Added UPGRADE_EXTRA_ENV to recipe_meta.py (returns compose.lfs.yml in COMPOSE_FILE
|
||||
when present after PR-head checkout) + abra.secret_generate() call in generic.perform_upgrade
|
||||
when upgrade_env is non-empty (to generate lfs_jwt_secret before chaos redeploy).
|
||||
|
||||
**Blocker 2 (REF=main HC1):**
|
||||
HC1 check: `head_ref.startswith(chaos_commit) or chaos_commit.startswith(head_ref)`
|
||||
When head_ref="main" and chaos_commit="e6a1cc79": both checks fail.
|
||||
Fix: always use `lifecycle.recipe_head_commit(recipe)` (git rev-parse HEAD) for head_ref
|
||||
instead of `ref` directly. After the fetch/checkout, HEAD is at the correct SHA.
|
||||
|
||||
**Blocker 3 (stale creds file, build #675):**
|
||||
/tmp/ccci-gitea-admin-{domain}.json persists across runs. Fresh install wipes the DB, but
|
||||
pre_install finds the stale file and returns old credentials → 401 on all API calls.
|
||||
Fix: pre_install deletes the creds file before calling _ensure_admin.
|
||||
|
||||
### Fixes applied (commit a121d2c)
|
||||
|
||||
- tests/gitea/ops.py: delete stale creds file in pre_install
|
||||
- tests/gitea/recipe_meta.py: add UPGRADE_EXTRA_ENV (LFS upgrade trigger)
|
||||
- runner/harness/generic.py: abra.secret_generate() in upgrade when upgrade_env non-empty
|
||||
- runner/run_recipe_ci.py: head_ref = recipe_head_commit() always (not ref directly)
|
||||
|
||||
Unit tests: 53/53 pass (test_gitea_dep.py 10/10, test_meta.py 43/43)
|
||||
|
||||
### CI builds re-triggered
|
||||
|
||||
Build #684: RECIPE=gitea REF=main PR=0 (main branch, all tiers)
|
||||
Build #685: RECIPE=gitea REF=357926f2 PR=1 (LFS PR capstone)
|
||||
Both running as of 21:04Z.
|
||||
|
||||
Reference in New Issue
Block a user