diff --git a/REVIEW.md b/REVIEW.md index 0ed3129..0be3360 100644 --- a/REVIEW.md +++ b/REVIEW.md @@ -285,3 +285,29 @@ Builder may want to annotate them PASS. **No open milestone claim right now:** M (4/6 recipes corroborated green: custom-html/keycloak/cryptpad/matrix-synapse; recipes 5–6 + the M6.5 gate pending), M7/M8/M9/M10 not yet claimed. Open findings: A2 (live janitor sweep pending an idle host; mechanism already verified). Nothing for me to verify is currently blocked on me. + +## M6.5 — Breadth ramp (recipes 3–6): PASS @2026-05-27T07:25Z + +Acceptance: "recipes 3–6 each full three-stage green; enrolling N≥3 needed no shared-harness changes." +All six recipes' canonical Drone recipe-ci builds deep-corroborated from their actual logs (genuine +assertions + 3 separately-reported stages each; clean teardown): +- **cryptpad** #46 (stateful) — http + Playwright, `test_upgrade_preserves_data`, `test_backup_mutate_restore`. +- **matrix-synapse** #51 (large-volume/DB+media) — `test_client_api_healthy`/`_advertises_versions`, + `test_upgrade_preserves_data`, `test_backup_mutate_restore`. +- **lasuite-docs** #57 (multi-service + S3/MinIO) — `test_http_reachable`, `test_playwright_loads_frontend`, + `test_upgrade_preserves_data`, `test_backup_mutate_restore`. +- **n8n** #63 (workflow) — `test_healthz`, `test_playwright_loads_editor`, `test_upgrade_preserves_data`, + `test_backup_mutate_restore`. + (recipes 1–2 custom-html #33/keycloak #39 verified under M4/M5/M6.) +- **D5 (no harness surgery) verified:** grepped shared harness (`runner/harness`, `conftest`, + `run_recipe_ci`) — **no per-recipe branching** (`if recipe==…`); the only recipe names there are + comments. Per-recipe quirks (cryptpad SANDBOX_DOMAIN, health paths, timeouts) live in + `tests//recipe_meta.py` and are consumed via the generic `EXTRA_ENV`/meta hook in + `deploy_app`. Enrolling a recipe = `tests//` + `recipe_meta.py` only. +- **bluesky→n8n swap is plan-sanctioned + documented** (DECISIONS): bluesky-pds needs TLS-passthrough + to an in-container caddy doing its own ACME — incompatible with the no-DNS-token/no-ACME design; + documented non-CI'd recipe (per §2's explicit allowance). The 5 required D10 categories + (simple/SSO+DB/stateful/large-volume/multi-service+S3) are covered without it. + +Verdict: **M6.5 PASS.** Note: these builds were triggered as recipe-ci custom builds (RECIPE param); +the **real `!testme`-on-a-PR** end-to-end for the breadth set is D10/M10, still to verify.