recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

machine-docs: move all per-phase coordination files out of repo root
Some checks failed
continuous-integration/drone/push Build is failing
Details

Browse Source 
STATUS/BACKLOG/REVIEW/JOURNAL for bsky/conc/dstamp/kuma/lvl5/mailu/rcust/shot
(32 files) were at the repo root; move them into machine-docs/ to match the
mandated file-location rule (DECISIONS/DEFERRED/INBOX + older phases already
live there). AGENTS.md gains an explicit File-location rule. No content change.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
autonomic-bot
2026-06-11 20:57:03 +00:00
parent 560e772b5f
commit 85a781368a
33 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

184
machine-docs/REVIEW-kuma.md Normal file
View File

@ -0,0 +1,184 @@
# REVIEW — phase `kuma` (uptime-kuma create-a-monitor functional test)
Adversary verdict log. Append-only. SSOT: `cc-ci-plan/plan-phase-kuma-monitor.md`.
## Phase orientation (2026-06-11T18:03Z)
Builder clone: `/srv/cc-ci/cc-ci`; Adversary clone: `/srv/cc-ci/cc-ci-adv`.
Phase goal: add functional test that completes uptime-kuma's first-run setup wizard and exercises
its core function — create a monitor, see it probe a target, assert UP + real probe timestamp.
Negative test (monitor → dead target → DOWN) required if it fits the runtime budget.
Two gates:
- **M1** — test implemented + green locally; approach justified; bounded waits; real assertions
- **M2** — drone-path green (≥2 consecutive runs); flake check; DEFERRED closed
Pre-phase independent research notes:
- uptime-kuma uses Socket.IO for ALL management operations (setup wizard, login, monitor CRUD)
- Existing tests: Socket.IO handshake (EIO v4), SPA branding, health check — NONE exercise wizard/monitor
- Two viable approaches per plan: (a) python-socketio client speaking events; (b) Playwright UI
- Key verification concerns for M1:
- Probe reality: must confirm a *real* HTTP check occurred (timestamp advance + status from
uptime-kuma's state, not echo of config)
- Secret safety: generated admin creds must not appear in logs or test output
- Budget: target ≤90s added to functional tier; must use bounded poll not sleep
- Negative teeth: dead-target monitor must go DOWN (proves probe isn't stub) — required unless
runtime budget forces explicit justification
- Existing `tests/uptime-kuma/functional/` dir has 3 files: health_check, socketio_handshake,
spa_branding — all pass in CI (build #91 was green for uptime-kuma level 5)
- Phase plan says new test goes in `tests/uptime-kuma/functional/` (or `playwright/` if option b)
## Adversary pre-flight checks (2026-06-11T18:03Z)
uptime-kuma Socket.IO event map (from source / prior investigation):
- Setup wizard: `setup` event with `{username, password}` → response `{ok: true}`
- Login: `login` event with `{username, password, token: ""}` → response `{ok: true, token: "..."}`
- Add monitor: `add` event with monitor config → response `{ok: true, monitorID: N}`
- Heartbeat list: `heartbeatList` event or `uptime` event to check recent probe status
- Monitor status: `getMonitorList` or heartbeat events contain `{status: 1}` (UP) or `{status: 0}` (DOWN)
Adversary independent acceptance criteria (what I will cold-verify for M1):
1. Test file in correct location per plan (tests/uptime-kuma/functional/ or playwright/)
2. Setup wizard completed and login token obtained (not hardcoded)
3. Monitor created pointing at a harness-controlled URL (not a stub/no-op)
4. Wait loop is BOUNDED (deadline/max_wait, not open-ended sleep)
5. Assertion is on ACTUAL probe data: at minimum one heartbeat with status=1 + timestamp > deploy time
6. Admin credentials NOT printed/logged in test output
7. Negative test included OR explicit runtime-budget justification in DECISIONS.md
8. Runtime ≤ ~90s added (measure from CI timing)
## Independent pre-flight findings (2026-06-11T18:05Z)
**Critical: python-socketio NOT available on cc-ci.**
```
cc-ci-run -c 'import socketio' # → ModuleNotFoundError: No module named 'socketio'
cc-ci-run -c 'from playwright.sync_api import sync_playwright; print("ok")' # → ok
```
Implication: option (a) python-socketio requires a harness.nix + nixos-rebuild change; option (b)
Playwright works immediately from existing infrastructure. Builder must justify their choice in
DECISIONS.md regardless.
**uptime-kuma recipe pinned at 2.2.1** (image `louislam/uptime-kuma:2.2.1`).
Socket.IO port 3001, routed through Traefik `web-secure` entrypoint.
**uptime-kuma Gitea mirror exists** (recipe-maintainers/uptime-kuma), no open PRs yet. Builder
will need to create a test PR.
**Real probe evidence requirements I will enforce at M1 cold-verify:**
- heartbeat data must contain entries with `status` field (1=UP, 0=DOWN)
- heartbeat timestamps must be AFTER test start (not from config echo)
- For uptime-kuma 2.x: `heartbeatList` socket event OR API poll at `/api/status-page/heartbeat/...`
carries real probe results; event `uptime` also carries historical data
- The monitor's first heartbeat entry is sufficient if it has: `status: 1`, `time` > deploy timestamp
Builder has not yet started (no STATUS-kuma.md, no kuma commits). Waiting for M1 claim.
---
## M1: PASS @2026-06-11T18:26Z
**Claim commit:** `fe8922c claim(kuma): M1 PASS — test_monitor_wizard green at LEVEL 5 via drone build #460`
**Test commit:** `8da59cf feat(kuma): implement wizard+monitor Playwright test`
### Cold-verify evidence (Adversary-independent, from own clone + ssh cc-ci)
**1. Test file location and content**
- File: `tests/uptime-kuma/playwright/test_monitor_wizard.py` (167 lines)
- Correct placement per plan §2 "option b" + discovery.py `playwright/` subdir
- Discovery confirmed: `runner/harness/discovery.custom_tests` recurses into `playwright/`
- `live_app` fixture from root `tests/conftest.py` works (session-scoped, reads `CCCI_APP_DOMAIN`)
**2. Drone build #460 results (read from /var/lib/cc-ci-runs/460/results.json on cc-ci)**
```
level: 5
recipe: uptime-kuma ref: eb4521cc5d77
functional.test_uptime_kuma_root_serves [pass] 20ms
functional.test_socketio_polling_handshake [pass] 26ms
functional.test_uptime_kuma_spa_has_branding [pass] 27ms
playwright.test_monitor_wizard_and_probe [pass] 2817ms
clean_teardown: True
no_secret_leak: True
playwright count: 1
```
All tiers PASS: install/upgrade/backup/restore/custom/lint = Level 5.
**3. Probe reality**
- `test_monitor_wizard_and_probe` PASSED with both positive and negative assertions:
- Self-probe monitor → status "Up" (requires real Socket.IO heartbeat from uptime-kuma server)
- Dead-port monitor (`127.0.0.1:19999`) → status "Down" (proves probe engine not a stub)
- Heartbeat datetime row present (regex `\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}`) — real timestamp
- 2.817s runtime proves fast connection-refused (dead-port negative check confirmed real)
**4. Secret safety**
- `_pw` (64-char UUID hex) used only in `.fill()` calls — never printed, never in assertion messages
- `no_secret_leak: True` confirmed by independent results.json read
**5. Approach justification**
- `machine-docs/DECISIONS.md` entry "2026-06-11 — uptime-kuma: Playwright (option b)" present
- Confirms python-socketio absent, Playwright handles Socket.IO transparently, selectors confirmed
in 2.2.1 compiled bundle `dist/assets/index-D_mnxLA0.js`
**6. Runtime budget**
- 2.817s actual ≪ 90s target
**7. Nothing weakened**
- All 3 existing custom tests still PASS (health_check, socketio_handshake, spa_branding)
- No existing assertions removed or softened
**8. PR comment**
- git.autonomic.zone/recipe-maintainers/uptime-kuma/pulls/3 shows:
`🌻 cc-ci — uptime-kuma @ eb4521cc ✅ passed`
### M1 verdict: **PASS** — Builder cleared to proceed to M2.
Note: build #462 (flake-check second run for M2) was already in progress at time of this verdict.
DEFERRED close + PARITY.md update are M2 pre-conditions per BACKLOG.
---
## M2: PASS @2026-06-11T18:32Z
**Claim commit:** `9afdf3d claim(kuma): M2 — build #462 LEVEL 5 PASS (flake #2); DEFERRED closed; PARITY updated`
### Cold-verify evidence (Adversary-independent)
**1. Build #462 results (read from /var/lib/cc-ci-runs/462/results.json on cc-ci)**
```
level: 5 recipe: uptime-kuma ref: eb4521cc5d77
functional.test_uptime_kuma_root_serves [pass] 16ms
functional.test_socketio_polling_handshake [pass] 26ms
functional.test_uptime_kuma_spa_has_branding [pass] 27ms
playwright.test_monitor_wizard_and_probe [pass] 2746ms
clean_teardown: True no_secret_leak: True playwright count: 1
```
**2. 2 consecutive green runs**
- Build #460: Level 5, `test_monitor_wizard_and_probe` PASS 2817ms
- Build #462: Level 5, `test_monitor_wizard_and_probe` PASS 2746ms
- Both same ref (eb4521cc), same recipe, same PR #3
**3. DEFERRED.md closed**
```
[x] CLOSED @2026-06-11 (Builder, phase kuma): tests/uptime-kuma/playwright/test_monitor_wizard.py
implemented and proven in real CI … Drone builds #460 + #462 both LEVEL 5 …
```
**4. PARITY.md updated**
- New row for `tests/uptime-kuma/playwright/test_monitor_wizard.py` with full rationale
- Documents Up/Down probe, heartbeat datetime, Socket.IO-driven status
**5. PR comment build #462**
- `🌻 cc-ci — uptime-kuma @ eb4521cc ✅ passed`
### Phase DoD check
Per `plan-phase-kuma-monitor.md` §5:
- ✅ uptime-kuma proves actual function (wizard + real probe — Up AND Down confirmed)
- ✅ Flake-checked (2 consecutive Level 5 green runs #460 + #462)
- ✅ Budget held (2.752.82s actual ≪ 90s target)
- ✅ DEFERRED checked off (entry `[x] CLOSED @2026-06-11`)
- ✅ M1 fresh PASS (filed 2026-06-11T18:26Z)
- ✅ M2 fresh PASS (this entry)
- No VETO standing
### M2 verdict: **PASS** — all DoD satisfied. Builder may write `## DONE`.