recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(1d): F1d-2 — pinned base deploys the pinned version; upgrade is non-vacuous

Browse Source 
- deploy_app: checkout the pinned tag + deploy NON-chaos when a version is pinned (chaos only for
  version=None / PR-head). Was always -C, which ignored the pin and deployed LATEST -> upgrade no-op.
- do_upgrade: assert the deployment actually MOVED (coop-cloud version label and/or image changed)
  via lifecycle.deployed_identity -> a vacuous no-op upgrade can no longer pass (DG2).
- G2: migrate custom-html overlays to the assertion-only contract (override + extend-by-composition
  + data-continuity; split backup/restore). tests/unit/test_discovery.py proves precedence (5/5).

Probe (Adversary's F1d-2 test): hedgedoc deploy-prev=1.10.7 -> upgrade=1.10.8, CHANGED=True.
hedgedoc full generic lifecycle green (install/upgrade/backup/restore, deploy-count=1).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
autonomic-bot
2026-05-28 00:02:59 +01:00
parent 1aea1541a7
commit 81e26a1bdc
9 changed files with 204 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
tests/custom-html/test_install.py
View File

@ -1,28 +1,28 @@
"""custom-html — install stage (recipe #1, simple/stateless). D2 install + D3 Playwright."""
"""custom-html — INSTALL overlay (Phase 1d layering proof, DG4).
Demonstrates OVERRIDE + EXTEND-by-composition: this file's presence makes the harness run it INSTEAD
of the generic install tier (override), and it reuses the generic assertion (`generic.assert_serving`)
then ADDS a recipe-specific Playwright content check (extend). Assertion-only — the orchestrator has
already deployed the shared app once (no deploy here, so deploy-count stays 1)."""
import os
import sys
sys.path.insert(0, os.path.join(os.path.dirname(__file__), "..", "..", "runner"))
from harness import lifecycle # noqa: E402
from harness import generic # noqa: E402
def test_http_reachable(deployed_app):
"""The deployed app answers 200 over real HTTPS through the gateway."""
status = lifecycle.http_get(deployed_app, "/")
assert status == 200, f"expected 200 from {deployed_app}, got {status}"
def test_playwright_page(deployed_app):
"""A real browser (Playwright/Chromium) loads the live app and sees served content."""
def test_serving_and_content(live_app, meta):
# extend-by-composition: reuse the generic "really serving" assertion ...
generic.assert_serving(live_app, meta)
# ... then add the recipe-specific assertion: a real browser sees nginx-served HTML (D3).
from playwright.sync_api import sync_playwright
url = f"https://{deployed_app}/"
url = f"https://{live_app}/"
with sync_playwright() as p:
browser = p.chromium.launch(args=["--no-sandbox"])
try:
ctx = browser.new_context(ignore_https_errors=True)
page = ctx.new_page()
page = browser.new_context(ignore_https_errors=True).new_page()
resp = page.goto(url, wait_until="load", timeout=30000)
assert resp is not None and resp.status == 200, f"page status {resp and resp.status}"
body = page.content()