diff --git a/BACKLOG-shot.md b/BACKLOG-shot.md index a5041db..c4384ed 100644 --- a/BACKLOG-shot.md +++ b/BACKLOG-shot.md @@ -57,21 +57,50 @@ PNG-size note: 4801/4802 B at 1280×800 is a byte-stable blank-frame fingerprint default page at `/` (no content seeded for this recipe's install; only custom-html-tiny seeds via install_steps.sh). Screenshot is an honest representative view of a fresh install. → OK as-is. -### P3 — Fixes +### P3 — Fixes (all merged to main) -- [ ] Harness default improvement (fixes BLANK+LOADING classes): after domcontentloaded nav, bounded - network-idle/paint wait + blank-frame detect (tiny PNG → one retry with stronger wait), all within - NAV_DEADLINE_S=45 / step worst-case ≤ ~60s. Unit tests in tests/unit/test_screenshot.py. -- [ ] plausible SCREENSHOT hook (tests/plausible/recipe_meta.py) to a rendering, credential-free path. -- [ ] Re-audit mattermost-lts / mumble / keycloak / lasuite-* after harness fix; per-recipe hooks only - where the default still can't work. -- [ ] bluesky-pds: document N/A in matrix (Adversary agreement at M1/M2). +- [x] Harness default improvement (ce50f64 + A1 hardening 7ad7d1f): bounded networkidle settle + (10s) + 0.5s render grace after domcontentloaded; blank/spinner-frame detect (<10000 B) → ONE + retry with 4s settle, larger frame kept (A1). Wait budget 45+10+0.5+4+0.5 = 60s, unit-tested. + 8 new unit tests; 207 pass; lint PASS. +- [x] plausible — NOT a hook in the end: the real root cause was EXTRA_ENV SECRET_KEY_BASE being + 62 chars (<64-byte Phoenix cookie-store minimum) → every HTML render 500'd. Fixed to 68 chars + (b98a471); default capture then lands the genuine registration page. Stale auth_controller + comments corrected (no assertion touched). +- [x] mattermost-lts SCREENSHOT hook (80e5713 + 3c33129): interstitial appears on ANY first-visit + route incl /login (proven byte-identical PNG) → hook navigates /login, clicks "View in Browser" + best-effort, settles; lands the real login form. First real hook; public screenshot.settle(). +- [x] keycloak / lasuite-docs / lasuite-drive / lasuite-meet / immich / cryptpad / n8n: fixed by + the harness default alone (no hooks needed — proof PNGs below). +- [x] mumble: NOT fixable harness-side — pinned mumble-web:0.5 client never paints UI for an + anonymous browser (≥90s DOM/console/network observation: no errors, no failed requests, + connect-dialog elements absent, no autoconnect overrides). Loader frame = the genuine anonymous + web view; voice (the recipe's function) fully covered by protocol tests. DEFERRED.md entry filed + (upstream question for the operator). +- [x] bluesky-pds: documented N/A while upstream image broken (rcust DEFERRED; Adversary-agreed at + M1, contingent re-check at M2 — latest failing evidence ab-bluesky-pds-oldmain, 2026-06-11). -### P4 — Proof runs +### P4 — Proof runs (fresh, post-fix; every PNG visually Read by Builder) -- [ ] Fresh real-CI run per fixed recipe (immich, lasuite-meet, n8n, cryptpad, keycloak, lasuite-docs, - lasuite-drive, mumble, mattermost-lts, plausible), ≥2 via drone `!testme`; visual check each PNG; - card + dashboard render. Healthy class: cite existing artifact + visual check (done in P1). +| recipe | proof run (dir on cc-ci) | level (baseline) | PNG B | visual | +|---|---|---|---|---| +| immich | 370 (drone !testme immich#2) | 4 (=356:4) | 234351 | real "Welcome to Immich" onboarding | +| plausible | 371 (drone !testme plausible#3) | 4 (=357:4) | 64132 | real registration form, empty fields | +| keycloak | shot-proof-keycloak | 4 | 215587 | real "Sign in to your account" form | +| cryptpad | shot-proof-cryptpad | 4 | 57310 | real landing + document-type picker | +| lasuite-meet | shot-proof-lasuite-meet | 4 | 225686 | real video-conferencing landing | +| lasuite-docs | shot-proof-lasuite-docs | 4 | 284769 | real Docs landing | +| lasuite-drive | shot-proof2-lasuite-drive | 4 | 132037 | real Drive landing | +| n8n | shot-proof-n8n | 4 | 26433 | real "Set up owner account", empty fields (now deterministic) | +| mattermost-lts | shot-proof3-mattermost-lts | 2 (=m2r:2) | 178367 | real "Log in to your account" form (hook v2) | +| mumble | shot-proof-mumble | 4 | 7980 | loader frame — best-available (see P3/DEFERRED) | + +Drone durations pre/post (same recipe+PR): immich 199s→198s; plausible 209s→166s (faster — capture +no longer burns 45s failing). Healthy class (ghost, hedgedoc, discourse, custom-html, +custom-html-tiny, mailu, matrix-synapse, uptime-kuma): existing artifacts cited in P1 matrix, each +visually verified real + credential-free; no new runs needed per plan §3 P4. +Dashboard/card: grid thumbnails for runs 370/371 served 200, summary.html embeds screenshot.png, +/badge/immich.svg 200. ## Adversary findings diff --git a/JOURNAL-shot.md b/JOURNAL-shot.md index 909445f..b2f1644 100644 --- a/JOURNAL-shot.md +++ b/JOURNAL-shot.md @@ -72,3 +72,28 @@ mumble: proof run still spinner after settle+retry (7980B). Probing live what mu because the websocket voice path may not be browser-reachable). Orchestrated probe2 running. Also in flight: n8n + lasuite-docs proofs from the A1-fixed tree. Queue: lasuite-drive, mattermost re-run; then ghost/hedgedoc/etc. healthy-class citations + dashboard/card check + runtime compare. + +## 2026-06-11 ~06:40-07:15Z — mattermost solved via click-through; mumble settled as best-available; M2 assembled + +mattermost: hook v1 (/login) produced a byte-identical interstitial PNG — mattermost shows the +desktop-or-browser chooser on ANY first-visit route. Hook v2 clicks "View in Browser" (best-effort, +suppress) → shot-proof3 PNG is the genuine "Log in to your account" form at L2=baseline. That's +watch-list item 3 satisfied the hard way. + +mumble: three live probes. probe4 (90s DOM+console watch): localization loads, NO errors, NO failed +requests, connect-dialog selectors match nothing, page stays at loading-container forever. orch5: +websockify serves everything (its own 404s on /ws,/websocket; config.local.js = untouched sample, no +autoconnect). Conclusion: the pinned mumble-web:0.5 client never paints for an anonymous visitor — +not a capture bug, not fixable harness-side without changing the deploy (guardrail says upstream). +Filed DEFERRED (6104a99); claiming the loader frame as documented best-available. Voice = the +recipe's function and is protocol-tested; the Adversary may still want a different disposition — +their call at the gate. + +Ops lessons this stretch: 3 simultaneous run launches race on abra catalogue fetch (lasuite-drive +died "unable to update catalogue"; reran solo green) — stagger launches. Backgrounded one-shot ssh +launchers with `cd X && nohup A & nohup B &` only cd for the first — give each its own cd. + +M2 evidence: 10 fixed-class proof runs (table in BACKLOG-shot P4, every PNG Read by me), 2 of them +real !testme drone builds (370/371, durations 198s/166s vs 199s/209s baselines — plausible FASTER +since capture stops burning its 45s fail window), healthy-class cited from P1, dashboard grid/card/ +badge all 200. Claiming M2. diff --git a/STATUS-shot.md b/STATUS-shot.md index 6179396..3563f74 100644 --- a/STATUS-shot.md +++ b/STATUS-shot.md @@ -4,34 +4,54 @@ SSOT: /srv/cc-ci/cc-ci-plan/plan-phase-shot-screenshots.md ## Current section -Gate: M1 CLAIMED, awaiting Adversary. -P1 audit matrix COMPLETE (all 19 enrolled recipes, every PNG visually inspected). -P2 diagnoses COMPLETE (see BACKLOG-shot.md P2 — each with evidence). -Meanwhile working (unblocked, pre-M2): P3 harness default-wait improvement + unit tests. +Gate: M1 PASS (REVIEW-shot.md ae10b55). Finding A1 CLOSED (5fc8699). +Gate: M2 CLAIMED, awaiting Adversary. -## M1 claim — verification map (WHAT/HOW/EXPECTED/WHERE) +## M2 claim — verification map (WHAT/HOW/EXPECTED/WHERE) -WHAT: M1 = full audit matrix (19/19 enrolled recipes, BACKLOG-shot.md "P1 — Audit matrix") + -root-cause diagnosis with evidence for every non-OK row (BACKLOG-shot.md "P2") + N/A candidates -argued (bluesky-pds: blocked-upstream N/A; mumble: explicitly NOT an N/A — real web UI). -Claimed at commit 8978fa6 (matrix+diagnoses) — claim commit follows. +WHAT: every enrolled recipe (19) is OK or Adversary-agreed N/A; fixes merged to main; fresh proof +runs incl. 2 via drone !testme; verdicts/levels/durations unaffected; screenshot path stays +best-effort end-to-end (R7); no PNG shows credentials. -- Enrolled set (19): `ls tests/*/recipe_meta.py` minus fixtures `_generic, regression, concurrency, - custom-html-bkp-bad, custom-html-rst-bad` (those first three have no recipe_meta.py; the two - `-bad` ones do but are harness canaries). -- Matrix: BACKLOG-shot.md "P1 — Audit matrix". Reproduce any row: - `ssh cc-ci 'grep -o "\"screenshot\": *[^,}]*" /var/lib/cc-ci-runs//results.json; stat -c%s /var/lib/cc-ci-runs//screenshot.png'` - then scp the PNG and Read it. Run ids are in the matrix "latest run" column. -- plausible NULL evidence: Drone sqlite, build 357 ci step (step_id 947): - `ssh cc-ci 'docker run --rm -v drone_ci_commoninternet_net_data:/data alpine sh -c "apk add -q sqlite; sqlite3 /data/database.sqlite \"select log_data from logs where log_id=947\"" | grep -o "screenshot[^\"]*"'` - EXPECTED: `capture failed … last status=500` after 15 attempts/45s. -- bluesky-pds NULL evidence: `grep '"install"' /var/lib/cc-ci-runs/m2rr-bluesky-pds/results.json` - → fail, level=0; capture is gated on deploy_ok (runner/run_recipe_ci.py:1024). -- Default capture path under audit: runner/harness/screenshot.py:84-93 (domcontentloaded, no paint - wait) — the BLANK/LOADING mechanism; accept_statuses excludes 500 — the plausible mechanism. -- mumble web UI exists: tests/mumble/recipe_meta.py header (compose.mumbleweb.yml, HEALTH_PATH "/"). -- custom-html fresh install serves nginx default: no install_steps.sh in tests/custom-html/ (only - pre_backup/pre_upgrade seeds in ops.py, which run AFTER the capture moment). +Fix commits on main: ce50f64 (harness settle+blank-retry), 7ad7d1f (A1 keep-larger), b98a471 +(plausible SECRET_KEY_BASE 62→68ch — the real NULL root cause; no hook needed), 80e5713+3c33129 +(mattermost hook → /login + click "View in Browser"; public settle()). Unit: 207 pass +(`cc-ci-run -m pytest tests/unit -q`), lint PASS (`nix develop .#lint --command scripts/lint.sh`). + +HOW to verify per recipe — artifacts on cc-ci `/var/lib/cc-ci-runs//{results.json, +screenshot.png,summary.html}`; scp the PNG and Read it. Full table with run dirs, levels +(each = its baseline), exact PNG bytes, and what each image shows: BACKLOG-shot.md "P4 — Proof +runs". Fixed-class proofs: immich=370 (drone !testme immich#2, posted 05:56:32Z), plausible=371 +(drone !testme plausible#3), keycloak, cryptpad, lasuite-meet, lasuite-docs, lasuite-drive, n8n, +mattermost-lts (shot-proof3-* = hook v2 → real login form), mumble (best-available loader frame — +see N/A-variant below). Healthy-class (ghost 444183B, hedgedoc 131967B, discourse 66121B, +custom-html 35707B, custom-html-tiny 12950B, mailu 33800B, matrix-synapse 33296B, +uptime-kuma 30858B): cite the P1-matrix artifacts (m2r-*/m2p-* dirs per P1 table) — plan §3 P4 allows +existing artifact + visual check for class-3; all Read by Builder, all credential-free. + +EXPECTED on re-run of any fixed recipe: results.json `screenshot: "screenshot.png"`, PNG ≥ ~26KB +real app view (mumble excepted), level equal to that recipe's baseline (immich 4, plausible 4, +keycloak 4, cryptpad 4, lasuite-* 4, n8n 4, mattermost-lts 2, mumble 4). + +R7 / budget: wait components 45(nav, only-on-failure)+10(settle)+0.5+4(blank retry)+0.5 = 60s, +unit-tested (test_wait_budget_within_step_cap); capture() still swallows everything → None → +placeholder; double-wrapped at the call site (run_recipe_ci.py:1024-1037, unchanged). + +Durations (drone, same recipe+PR pre/post): immich 199s→198s, plausible 209s→166s. Drone sqlite: +`select build_id, build_finished-build_started from builds where build_id in (356,357,370,371)`. + +Dashboard/card: `https://ci.commoninternet.net/` grid references runs/370+371 screenshot.png (both +HTTP 200); summary.html embeds screenshot.png; /badge/immich.svg 200. + +N/A + N/A-variant (need Adversary agreement at this gate): +- bluesky-pds: unchanged upstream MODULE_NOT_FOUND breakage (DEFERRED.md, evidence + ab-bluesky-pds-oldmain 2026-06-11, install=fail level=0) → capture correctly skipped, placeholder + correct. +- mumble: web client (rankenstein/mumble-web:0.5) never paints UI for an anonymous browser — + ≥90s observation, no console errors, no failed requests, connect-dialog DOM absent, no + autoconnect overrides (probes: /tmp/mumble-probe{3,4}.out, /tmp/mumble-orch{4,5}.log on cc-ci). + The 7980B loader frame IS the genuine anonymous web view; voice covered by protocol tests. + DEFERRED.md entry filed (upstream question). Claimed as documented best-available, not a defect. ## Blocked