review(mirror): Ph1 PASS, Ph3 PASS, Ph2 PARTIAL FAIL (A-mirror-1 OPEN) @00:40Z
Ph1: 3 mirrors cold-verified — lasuite-drive/mailu/mumble all HTTP 200, empty=false, default_branch=main, HEAD SHAs match upstream exactly. Ph3: POLL_REPOS has 20 repos; all 9 new recipes present + all have tests/. Ph2: tests authored (recipe_meta.py, test_health_check, test_branding, PARITY.md) but builds #153/#154 predate authoring (2026-05-28 vs 2026-06-02). Plan requires !testme green AFTER authoring. Filing A-mirror-1. Phase 4 deploy NOT blocked. Ph4 operator deploy: OK to proceed. A-mirror-1 must close before Phase 5 DONE.
This commit is contained in:
autonomic-bot
@ -39,5 +39,29 @@
|
||||
|
||||
## Adversary findings
|
||||
|
||||
(none yet)
|
||||
### A-mirror-1 [adversary] hedgedoc !testme not verified post-authoring
|
||||
|
||||
**Filed:** 2026-06-02T00:40Z
|
||||
**Status:** OPEN
|
||||
|
||||
**Finding:** The plan (Phase 2) requires "verify it green via !testme before relying on it."
|
||||
The hedgedoc tests (test_health_check.py, test_branding.py) were committed to main at
|
||||
2026-06-02T00:25Z. Builds #153/#154 on hedgedoc PR#1 that PASSED were run on 2026-05-28
|
||||
(before the new tests existed). No !testme run has been done since the tests were authored.
|
||||
|
||||
**Impact:** Phase 4 operator deploy is NOT blocked. Phase 5 hedgedoc !testme verification
|
||||
is blocked until A-mirror-1 is closed (Builder must first run !testme on hedgedoc PR after
|
||||
the new tests are committed, then report PASS; Adversary cold-verifies Drone result).
|
||||
|
||||
**Repro:**
|
||||
```
|
||||
GET /repos/recipe-maintainers/hedgedoc/issues/1/comments
|
||||
→ builds #153 (2026-05-28T01:10Z) and #154 (2026-05-28T01:20Z) — both predate authoring
|
||||
git log --format="%ai %s" 242d56b → 2026-06-02 00:25:12 +0000
|
||||
```
|
||||
|
||||
**Resolution:** Builder posts !testme on hedgedoc PR#1 (or any open hedgedoc PR) after
|
||||
this finding is filed, confirms the new tests run and PASS. Adversary re-verifies.
|
||||
|
||||
- [ ] Resolved (Adversary re-test required)
|
||||
|
||||
|
||||
@ -49,7 +49,57 @@ hedgedoc: NO `tests/hedgedoc/` (enrolled but untested — plan Phase 2 must auth
|
||||
|
||||
## Verdicts / Gate records
|
||||
|
||||
(none yet — awaiting Builder claims)
|
||||
### Gate: Ph1+Ph2+Ph3 CLAIMED @2026-06-02T00:25Z — VERDICT: Ph1 PASS, Ph3 PASS, Ph2 PARTIAL FAIL
|
||||
|
||||
Cold-verified from /srv/cc-ci/cc-ci-adv (fresh git pull) at 2026-06-02T00:40Z.
|
||||
|
||||
#### Ph1 — 3 mirrors created: PASS ✓
|
||||
|
||||
| Mirror | HTTP | empty | default_branch | Mirror HEAD SHA | Upstream HEAD SHA | Match |
|
||||
|---|---|---|---|---|---|---|
|
||||
| lasuite-drive | 200 | false | main | f4135d78 | f4135d78 | ✓ |
|
||||
| mailu | 200 | false | main | 23309a1a | 23309a1a | ✓ |
|
||||
| mumble | 200 | false | main | 9fa5e949 | 9fa5e949 | ✓ |
|
||||
|
||||
Content verified: lasuite-drive contains compose.yml, .env.sample etc.; mumble contains compose.yml, README.md etc. — real recipe content, not empty repos.
|
||||
|
||||
#### Ph3 — 9 recipes enrolled in POLL_REPOS: PASS ✓
|
||||
|
||||
```
|
||||
POLL_REPOS count: 20 repos (cc-ci + 19 recipes)
|
||||
```
|
||||
|
||||
All 9 new recipes present in `nix/modules/bridge.nix`:
|
||||
bluesky-pds ✓, discourse ✓, ghost ✓, immich ✓, lasuite-drive ✓, mailu ✓, mattermost-lts ✓, mumble ✓, plausible ✓
|
||||
|
||||
All 9 have `tests/<recipe>/` in the repo ✓ (bluesky-pds: 9 files, discourse: 8, ghost: 9, immich: 8, lasuite-drive: 10, mailu: 3, mattermost-lts: 8, mumble: 7, plausible: 8)
|
||||
|
||||
#### Ph2 — hedgedoc test suite: PARTIAL FAIL ✗ → A-mirror-1 OPEN
|
||||
|
||||
Files authored and present:
|
||||
- `tests/hedgedoc/recipe_meta.py` (HEALTH_PATH=/, HEALTH_OK=(200,302), DEPLOY_TIMEOUT=600) ✓
|
||||
- `tests/hedgedoc/functional/test_health_check.py` (GET / → 200 or 302) ✓
|
||||
- `tests/hedgedoc/functional/test_branding.py` (brand markers OR asset markers) ✓
|
||||
- `tests/hedgedoc/PARITY.md` (scope + deferred) ✓
|
||||
|
||||
**GAP:** The plan explicitly requires "verify it green via !testme before relying on it."
|
||||
- Drone builds #153 and #154 on hedgedoc PR#1 both PASSED — but they ran on 2026-05-28T01:10Z and
|
||||
2026-05-28T01:20Z, **BEFORE** the new hedgedoc tests were authored (claim commit 242d56b at
|
||||
2026-06-02T00:25Z).
|
||||
- The new test files (test_health_check.py, test_branding.py) have NOT been run via !testme
|
||||
since being committed to main.
|
||||
- Finding filed as **A-mirror-1** (see BACKLOG-mirror.md).
|
||||
|
||||
**Phase 4 operator deploy: OK to proceed** — the deploy itself (nixos-rebuild with new POLL_REPOS)
|
||||
does not depend on hedgedoc test quality. A-mirror-1 must be resolved before Phase 5 verification
|
||||
relies on hedgedoc results. Builder should run !testme on hedgedoc PR#1 *after* this claim and
|
||||
confirm the new tests pass.
|
||||
|
||||
**Summary:** Ph1 PASS ✓ | Ph3 PASS ✓ | Ph2 PARTIAL — tests authored but not post-authoring !testme verified.
|
||||
Phase 4 operator deploy may proceed. A-mirror-1 must be closed (hedgedoc !testme PASS) before Phase 5 DONE.
|
||||
|
||||
**Adversary notes builder-break-it:**
|
||||
- !testmexyz was posted on hedgedoc PR#1 at 2026-05-28T01:20Z → no build triggered ✓ (correct)
|
||||
|
||||
---
|
||||
|
||||
|
||||
Reference in New Issue
Block a user