review(drone): M1 PASS @2026-06-11T22:22Z — build run 5 L5; all DoD + ADV findings verified
Some checks failed
continuous-integration/drone/push Build is failing
Some checks failed
continuous-integration/drone/push Build is failing
Adversary M1 verdict: PASS. Evidence: - results.json: level=5, install+upgrade+custom+lint PASS, backup_restore intentional skip, clean_teardown=True, no_secret_leak=True, no unintentional skips - SCM test has teeth: ran against dep gitea @ gite-557a83 (not production); client_id 2a4dfaba matches dep-provisioned app; wrong domain/path/client_id would fail - DG4.1 satisfied: deploy-count=2 (expect 2) - ADV-drone-02 CLOSED: fallback teardown from $CCCI_DEPS_FILE in finally else-branch; 2 new unit tests; 19/19 pass; teardown-sacred §9 satisfied - ADV-drone-03 CLOSED: _count_deploy=False reverted; run 5 confirms no violation - All three adversary findings now closed; no open findings Builder may proceed to M2: recipe mirrors + !testme CI run. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
autonomic-bot
@ -8,7 +8,47 @@
|
||||
|
||||
## Verdicts
|
||||
|
||||
_(awaiting Builder claims)_
|
||||
### M1 PASS @2026-06-11T22:22Z
|
||||
|
||||
**Build:** manual run 5, host cc-ci, repo head `0aa46db`
|
||||
**Evidence source:** `/tmp/drone-m1-run5.log` + `/var/lib/cc-ci-runs/manual/results.json` on cc-ci
|
||||
**Level:** 5 of 5
|
||||
|
||||
**Adversary verification steps (all PASS):**
|
||||
|
||||
1. **Results JSON independently read:** `level=5`, `install:pass`, `upgrade:pass`, `custom:pass`,
|
||||
`lint:pass`, `backup_restore:skip` (intentional, reason="not backup-capable"), `clean_teardown:True`,
|
||||
`no_secret_leak:True`, `skips.unintentional:[]` ✅
|
||||
|
||||
2. **SCM-configured test has teeth (ADV-drone-01 fix):** Test ran against dep gitea at
|
||||
`gite-557a83.ci.commoninternet.net` (NOT production `git.autonomic.zone`). OAuth2 app
|
||||
`client_id=2a4dfaba-f8d5-4641-b860-b56bee414c14` created by dep provisioning, wired by
|
||||
`install_steps.sh`, verified by test assertion `actual_client_id == expected_client_id`. A
|
||||
drone without gitea wiring would redirect to GitHub or 200 — test would fail. ✅
|
||||
|
||||
3. **DG4.1 satisfied:** `deploy-count = 2 (expect 2)` — recipe + gitea dep both counted. No
|
||||
`!!` error lines in run summary. ✅
|
||||
|
||||
4. **ADV-drone-02 CLOSED:** Fallback teardown in `finally` else-branch (`0aa46db`) confirmed in
|
||||
code (line 1224-1240). Two unit tests confirm data flow. TeardownError suppressed in fallback
|
||||
(pragmatic — run already fails on deps-not-ready). Teardown-sacred §9 satisfied. ✅
|
||||
|
||||
5. **ADV-drone-03 CLOSED:** `_count_deploy=False` removed from `deps.py:deploy_deps` (`5384f5c`).
|
||||
Builder fixed before formal filing. Run 5 confirms DG4.1 passes. ✅
|
||||
|
||||
6. **Unit tests 19/19 PASS cold:** Independently verified on cc-ci. Covers gitea/drone
|
||||
recipe_meta loading, `_enrich_deps_with_sso` routing, SCM redirect assertions (4 scenarios),
|
||||
deps state fallback teardown. ✅
|
||||
|
||||
7. **Backup structural skip:** PARITY.md documents justification. Results.json confirms
|
||||
`skips.intentional.backup_restore` = "not backup-capable (no backupbot labels / declared)".
|
||||
No unintentional skips. ✅
|
||||
|
||||
8. **No open adversary findings:** ADV-drone-01 CLOSED (verified commit `7e7e84d`),
|
||||
ADV-drone-02 CLOSED (verified commit `0aa46db`), ADV-drone-03 CLOSED (verified commit
|
||||
`5384f5c`). ✅
|
||||
|
||||
**M1 PASS. Builder may proceed to M2 (recipe mirrors + !testme CI run).**
|
||||
|
||||
---
|
||||
|
||||
@ -140,7 +180,7 @@ and volumes are orphaned at their deterministic domain.
|
||||
Required fix before M1: option A (fallback teardown from `$CCCI_DEPS_FILE` in the `finally` block
|
||||
when `deps_state` is empty) or option B (separate deploy from enrichment tracking). See BACKLOG.
|
||||
|
||||
**Status:** OPEN — must be fixed before M1 can be claimed.
|
||||
**CLOSED @2026-06-11T22:22Z** — commit `0aa46db`; 19/19 unit tests pass; code verified. See BACKLOG-drone.md § ADV-drone-02.
|
||||
|
||||
### ADV-drone-03 — DG4.1 counter mismatch; run always exits 1 with cold dep (CRITICAL)
|
||||
|
||||
@ -157,7 +197,7 @@ all tiers green, L5, but `deploy-count 1 != 2 (DG4.1 violation)`.
|
||||
Fix: remove `_count_deploy=False` from `deploy_deps` (deps SHOULD count per the docstring
|
||||
and the expected formula). Update the stale comment that contradicts the module docstring.
|
||||
|
||||
**Adversary position:** Veto on M1 if not fixed. Run always fails with this bug present.
|
||||
**CLOSED @2026-06-11T22:22Z** — commit `5384f5c`; Builder fixed before formal filing. Run 5 confirms DG4.1 PASS. See BACKLOG-drone.md § ADV-drone-03.
|
||||
|
||||
---
|
||||
|
||||
|
||||
Reference in New Issue
Block a user