review(2): Q4.9 mailu PASS — COLD first-hand full lifecycle GREEN ×2 (my clone @6a216ed); deploy-count=1, real upgrade crossover 3.0.0→3.0.1 (head_ref==chaos-version), 2 non-vacuous P3 (unique-mailbox round-trip + unique-marker postfix→dovecot delivery), wait_healthy real gate, clean teardown; P4-N/A §7.1 sign-off GRANTED (no backupbot label, independently confirmed); P5/P6 N/A justified; no veto
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@ -1398,3 +1398,66 @@ versions (whose bitnami tags are all removed) — it needs a new published recip
|
||||
a genuine UPSTREAM image-availability env-blocker (§8 class, same family as plausible Q4.7b), NOT a
|
||||
weakened/cut-corner test. **Deferral accepted as sound; no VETO.** (Not a claimed gate — this is
|
||||
pre-clearing the deferral for the eventual DONE veto-check.)
|
||||
|
||||
## Q4.9 mailu — PASS @2026-05-29T~20:50Z (COLD, first-hand, my clone /root/adv-verify @6a216ed)
|
||||
Re-ran the FULL harness myself **twice** from my own clone reset to origin/main `6a216ed`:
|
||||
`RECIPE=mailu PR=0 cc-ci-run runner/run_recipe_ci.py` → logs `/root/adv-mailu-cold.log` +
|
||||
`/root/adv-mailu-cold2.log`. **Both runs: deploy-count=1, install/upgrade/custom PASS, backup/restore
|
||||
SKIP(N/A), clean teardown.** I watched the live stack lifecycle: `mail-891c07_ci_commoninternet_net`
|
||||
came up with **8 services** and was fully torn down (`docker stack ls | grep mail` → none; no
|
||||
`891c07` volumes/secrets remain). Fast wall-time is legit: all 8 images pre-pulled (`prepull: present`
|
||||
×8) + mailu boots quickly; abra stdout is captured (`_run` capture_output) so a *successful* deploy
|
||||
emits no log lines — the absence of deploy chatter is normal, NOT a skipped deploy (I confirmed the
|
||||
real 8-svc stack via direct `docker stack ls` polling during the run).
|
||||
|
||||
**Evidence (cold, first-hand, both runs):**
|
||||
- RUN SUMMARY: `deploy-count = 1 (expect 1)`; install/upgrade/custom = **pass**; backup/restore =
|
||||
**skip** (N/A — EXPECTED, no backupbot).
|
||||
- **Real upgrade crossover (HC1):** `upgrade→PR-head: head_ref=23309a1a chaos-version=23309a1a
|
||||
version=3.0.0+2024.06.27→3.0.1+2024.06.37`. head_ref==chaos-version; prev-published→PR-head, not a
|
||||
no-op. (Recipe HEAD `23309a1` = "publish 3.0.1+2024.06.37" — verified in `~/.abra/recipes/mailu`.)
|
||||
- **`wait_healthy` is a real blocking gate** (`runner/harness/lifecycle.py:332`): waits all services
|
||||
converged N/N (else `TimeoutError`), then HTTPS HEALTH_PATH `/` in `(200,301,302)` (else
|
||||
`TimeoutError`) — a broken deploy stays RED; not green-washed.
|
||||
- **P2 — VACUOUS, independently confirmed:** no `/srv/recipe-maintainer/recipe-info/mailu/tests`
|
||||
directory exists → nothing to port. Documented in PARITY.md.
|
||||
- **P3 — 2 recipe-specific functional tests, both green & non-vacuous (the linchpin):**
|
||||
- `test_mailbox.py::test_create_mailbox_and_read_back` — creates a UNIQUE mailbox
|
||||
`ccci-<8hex>@<domain>` via the admin container's `flask mailu user` CLI, then reads it back from
|
||||
`flask mailu config-export --json` and asserts the address is in the user list. Unique local-part
|
||||
each run → cannot pass off a pre-existing user. Real admin-DB provisioning round-trip.
|
||||
- `test_mail_flow.py::test_send_and_receive_mail` — the defining mailu behaviour: injects a message
|
||||
carrying a UNIQUE uuid marker via the postfix (`smtp`) container's local `sendmail`, then polls
|
||||
dovecot's `doveadm search ... header subject '<marker>'` in the `imap` container until it returns
|
||||
non-empty. A unique marker means a hit is ONLY possible if the mail was genuinely delivered+stored
|
||||
by the real postfix→rspamd→dovecot pipeline. PASSED both runs (12–13s) — exec'd into live
|
||||
containers, so the stack was demonstrably up and functioning. Strong non-vacuity.
|
||||
- `test_health_check.py::test_mailu_front_serves` — nginx front 200/301/302.
|
||||
- **P4 — N/A, §7.1 sign-off GRANTED.** Independently verified the upstream recipe ships **NO
|
||||
`backupbot.backup` label** (grep of all `compose*.yml` in `~/.abra/recipes/mailu` @ `23309a1` →
|
||||
zero hits; `backup_capable=False`). There is no recipe backup mechanism to exercise → P4 is
|
||||
genuinely N/A as published, same env-blocker class as discourse/immich/plausible — NOT a cut
|
||||
corner. The durable fix (a backupbot recipe-PR) is filed as a deferral (DEFERRED.md). **Accepted.**
|
||||
- **P5 — N/A** (mailu self-contained, no deps). **P6 — N/A accepted:** mailu's defining behaviour
|
||||
(mail send/receive) is covered functionally; webmail is a standard UI, no Playwright owed.
|
||||
- **P7 — no weakened tests.** `TLS_FLAVOR=notls` is a documented, genuine cc-ci env constraint
|
||||
(certdumper needs traefik ACME `acme.json`; cc-ci uses a file-provider wildcard cert → no acme.json,
|
||||
so certdumper could never dump mail-port certs). The web/admin UI is still served over real wildcard
|
||||
TLS via traefik; all 8 services converge; the mail delivery/storage stack is fully exercised
|
||||
in-container. The dropped network-IMAP-auth test is justified (under notls dovecot refuses plaintext
|
||||
network auth → a host-side login is not a meaningful signal). No mocks/skips/health-only stand-ins
|
||||
in the functional claims. MINOR note (not a defect, no veto): no test exercises the created
|
||||
mailbox's *password auth over IMAP* — not possible under notls; §4.3 create-and-read-back +
|
||||
end-to-end delivery cover the characteristic behaviour.
|
||||
- **Teardown:** post-run no `mail-*` stack; no `891c07` volumes/secrets. (Pre-existing `mail-smoke_*`
|
||||
volumes + secret are from the Builder's earlier MANUAL smoke deploy, not a harness run — same
|
||||
housekeeping class as the mumble `mumb-smoke` leftover; Builder may `docker volume rm` at leisure.)
|
||||
|
||||
**Verdict: Q4.9 mailu PASS.** Full lifecycle GREEN cold (×2), real upgrade crossover, 2 non-vacuous
|
||||
P3 functional tests proving real mail provisioning + end-to-end delivery, deploy-count=1, clean
|
||||
teardown. P4-N/A §7.1 sign-off granted (no backupbot label, independently confirmed). P5/P6 N/A
|
||||
justified. No VETO. Advances P1 coverage (mailu enrolled).
|
||||
|
||||
**Isolation note:** verdict formed from the plan + code (lifecycle/abra/run_recipe_ci + the mailu test
|
||||
files) + STATUS claim verification info + my own two cold re-runs + direct recipe/host inspection.
|
||||
JOURNAL-2 not consulted before this verdict.
|
||||
|
||||
Reference in New Issue
Block a user