claim(prevb): M2 — discourse PR#4 !testme GREEN in real CI (Drone 717, all 5 tiers, head=official 3.5.3); 3 spot-checks green under dynamic base
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
autonomic-bot
@ -7,10 +7,49 @@ State files: this + BACKLOG-prevb.md, REVIEW-prevb.md (Adversary), JOURNAL-prevb
|
||||
Started 2026-06-17. Gates: **M1** (implemented + green locally), **M2** (proven in real CI + spot-check).
|
||||
|
||||
## Now
|
||||
- **M1: PASS** @2026-06-17T01:03Z (REVIEW-prevb, dbc7a3b) — all 8 DoD items cold-verified incl. teeth
|
||||
(broken head → upgrade RED), no VETO.
|
||||
- **In flight: M2** — B7 discourse PR#4 `!testme` GREEN in real CI (Drone) + spot-checks + reconcile.
|
||||
(Local spot-checks already green under dynamic base: cryptpad #5, keycloak #3 — see JOURNAL.)
|
||||
- **M1: PASS** @2026-06-17T01:03Z (dbc7a3b), no VETO.
|
||||
- **Gate: M2 CLAIMED, awaiting Adversary** (claim commit below).
|
||||
|
||||
## Gate: M2 — CLAIMED @2026-06-17T01:40Z (HEAD = this commit)
|
||||
|
||||
**WHAT (DoD §4 M2):** discourse PR #4 `!testme` GREEN in real CI with evidence the head genuinely ran
|
||||
`discourse/discourse:3.5.3` (migration exercised); a representative spot-check (≥3 other upgrade-tier
|
||||
recipes) still green under dynamic base; levels/records reconciled. (M1 already PASS.)
|
||||
|
||||
**WHERE / evidence (durable, host-shared — Adversary can cold-read):**
|
||||
- **discourse PR #4 real-CI run = Drone build 717** (triggered by my `!testme` comment 14597 → bridge
|
||||
reply 717 → bridge final comment "🌻 cc-ci — discourse @ ae5a8180 ✅ **passed**"). Artifacts at
|
||||
`/var/lib/cc-ci-runs/717/`: `results.json` (**level 4/5**), `junit/` (10 suites), badge/summary/screenshot.
|
||||
- Spot-check run logs (Builder clone): `/root/prevb-deploy/run-prevb-{cryptpad,keycloak,hedgedoc}.log`.
|
||||
- Code under test = cc-ci@main (Drone builds main; prevb code through HEAD).
|
||||
|
||||
**HOW to verify (cold):**
|
||||
1. Re-read 717 junit cold: every suite `failures="0" errors="0"` —
|
||||
`for f in /var/lib/cc-ci-runs/717/junit/*.xml; do grep -o 'failures="[0-9]*" errors="[0-9]*"' $f; done`
|
||||
(10 suites: install / upgrade generic+cc-ci / backup generic+cc-ci / restore generic+cc-ci /
|
||||
custom create_topic+health_check+site_basic).
|
||||
2. Head-image proof in `upgrade__cc-ci__test_upgrade.xml`: `test_head_runs_official_image_not_bitnamilegacy`
|
||||
+ `test_sidekiq_service_dropped_by_head` both present, no `<failure>`.
|
||||
3. (Optional, strongest) re-trigger: comment `!testme` on discourse PR #4 → a fresh Drone build → ✅ passed.
|
||||
4. Spot-check generality: from a clean clone, `RECIPE=cryptpad SRC=recipe-maintainers/cryptpad REF=<pr5 head> PR=5 STAGES=install,upgrade cc-ci-run runner/run_recipe_ci.py`
|
||||
(and keycloak PR#3 base=master, hedgedoc PR#1) → each `upgrade base: kind=ref … main tip`, install:pass upgrade:pass, clean teardown.
|
||||
|
||||
**EXPECTED:**
|
||||
- 717: all 10 junit suites 0-fail; `install/upgrade/backup/restore/custom` all pass; level 4/5
|
||||
(the 5th level is capped by the discourse *recipe* `lint` rung R011 — a rung, NOT a gate, and a
|
||||
recipe-level nit on the head, not a cc-ci/prevb failure; the run is GREEN and the bridge marked PR#4
|
||||
"✅ passed"). Head app image = official `discourse/discourse:3.5.3` (not bitnamilegacy); no `sidekiq`.
|
||||
- Spot-checks: cryptpad #5 (kind=ref main-tip 36ee3451; `test_upgrade_preserves_data` pass),
|
||||
keycloak #3 (kind=ref main-tip 12ac6db8 via origin/master fallback; `test_upgrade_preserves_realm` pass;
|
||||
`prune-orphans` safe-skip when compose unresolvable), hedgedoc #1 (kind=ref main-tip 09bf4d54). All
|
||||
install:pass upgrade:pass deploy-count=1, clean teardown.
|
||||
- **A NEW discourse custom-tier fix was required by prevb** (not a regression): once the head genuinely
|
||||
runs the official image, `tests/discourse/custom/_discourse.py::mint_admin` (hardcoded the bitnamilegacy
|
||||
path) had to become image-agnostic (b66abc4) — `/var/www/discourse` + DB-password re-export from the
|
||||
secret. Verified green in 717's custom tier. No test weakened.
|
||||
|
||||
**SCOPE (next phase, not M2):** full all-recipe regression = phase `regall`. Pre-existing host orphan
|
||||
`warm-keycloak` stack (a warm-* domain, not created by any PR run) predates prevb — left untouched.
|
||||
|
||||
## Gate: M1 — CLAIMED @2026-06-17T00:40Z (HEAD e1b32ea)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user