journal/deferred(2): Q3.5 immich PARTIAL — restore P4 blocked by upstream recipe (volume backup, no pg_dump hook); recipe-PR unit filed (drive/meet pg_backup.sh pattern)
This commit is contained in:
@ -231,3 +231,22 @@ before the build is called done) — but does **not** force closure.
|
||||
test_create_doc.py (closed in the entry above). Upload/conversion exercises a distinct subsystem
|
||||
(y-provider + docspec) and adds two binary fixtures + a multi-service-readiness wait.
|
||||
Defensible defer; lift when the operator wants the deeper coverage OR Phase-4 reviews.
|
||||
|
||||
### 2026-05-29 — immich recipe needs a pg_dump backup hook for reliable DB restore (P4)
|
||||
- [ ] **What:** immich's upstream recipe backs up the LIVE postgres data VOLUME via restic
|
||||
(`backupbot.backup=true` on `database`, no pg_dump hook), so a DB row does NOT survive
|
||||
`abra app restore` (diagnosed: seed→backup→drop→restore→row absent; app healthy). Real
|
||||
backup data-integrity (P4) requires a consistent SQL dump. **Fix:** add the drive/meet pattern
|
||||
to the immich recipe — `pg_backup.sh` swarm-config + labels `backupbot.backup.pre-hook:
|
||||
"/pg_backup.sh backup"` + `backupbot.backup.volumes.postgres.path: "backup.sql"` +
|
||||
`backupbot.restore.post-hook: "/pg_backup.sh restore"` (adapt POSTGRES_USER=postgres,
|
||||
POSTGRES_DB=immich). Via the recipe-create-pr flow (mirror immich on recipe-maintainers → branch
|
||||
→ cc-ci full-suite GREEN on the PR incl. restore tier → Adversary cold-verify → operator merge),
|
||||
exactly like the parked Q3.2b lasuite-drive recipe-robustness PR.
|
||||
- **Filed by:** Builder, phase 2 (Q3.5 immich enrollment).
|
||||
- **Reason for deferral:** UPSTREAM recipe defect; the proper fix is a recipe PR (we maintain it),
|
||||
which is operator-merge-gated — not a cc-ci/test change. immich's other tiers (install/upgrade/
|
||||
backup-artifact/restore-healthy/custom incl. §4.3 asset upload→readback→thumbnail) are GREEN.
|
||||
- **Re-entry trigger:** pick up as a recipe-PR unit (parallel to Q3.2b); OR Adversary §7.1 sign-off on
|
||||
the documented maximal subset if a recipe PR is out of scope for Phase-2 DONE.
|
||||
- **Linked IDEA:** —
|
||||
|
||||
@ -941,3 +941,31 @@ post-type sync wait 9s→12s.
|
||||
Validated **3× green** against a cold cryptpad probe (`cryptpad-probe`), ~33s each, no flakiness (the
|
||||
poll-all-frames finds the marker fast once the pad renders — robust AND faster than the old
|
||||
frame-attach wait). F2-13 is Adversary-owned — left for the Adversary to re-verify + close F2-9.
|
||||
|
||||
---
|
||||
|
||||
## 2026-05-29 — Q3.5 immich: 4/5 tiers green + §4.3; restore data-integrity blocked by UPSTREAM recipe (no pg_dump hook)
|
||||
|
||||
Full suite (`/root/ccci-immich-full.log`): install PASS, upgrade PASS (real crossover
|
||||
1.5.1+v2.6.3→1.6.0+v2.7.5, ci_marker survived), backup PASS (artifact created), custom PASS
|
||||
(test_immich_upload_asset_readback_and_thumbnail = §4.3 upload→read-back→thumbnail-derivative;
|
||||
health), deploy-count=1, clean teardown. **ONLY `test_restore_returns_state` FAILED** — postgres
|
||||
`ci_marker` does not survive `abra app restore` (relation does not exist; app itself healthy).
|
||||
|
||||
**Diagnosed (harness path, immich probe):** seed ci_marker='original' → `abra app backup create`
|
||||
(restic snapshot, 1729 files / 190MB) → drop ci_marker → `abra app restore` → ci_marker STILL absent.
|
||||
**Root cause:** immich's UPSTREAM recipe backs up the **live postgres data VOLUME** via restic
|
||||
(`backupbot.backup=true` on `database`, NO pg_dump hook) — a hot pgdata snapshot that cannot reliably
|
||||
restore a DB row into a running postgres. Contrast lasuite-drive/meet, which ship a `pg_backup.sh` +
|
||||
labels (`backup.pre-hook: /pg_backup.sh backup` → `backup.volumes.postgres.path: backup.sql` →
|
||||
`restore.post-hook: /pg_backup.sh restore`) producing a CONSISTENT SQL dump that restores cleanly
|
||||
(their restore tiers pass). This is an upstream immich-recipe defect (same class as the parked Q3.2b
|
||||
lasuite-drive recipe-robustness PR), not a cc-ci/test bug — the ci_marker pattern is correct (works on
|
||||
drive/meet).
|
||||
|
||||
**Decision:** Q3.5 immich = PARTIAL. The maximal subset is proven (install/upgrade/backup-artifact/
|
||||
restore-healthy/custom incl. §4.3 + health). Real DB-restore data-integrity (P4) needs the immich
|
||||
recipe to gain a `pg_dump` backup hook — a recipe-create-pr unit (mirror immich → add pg_backup.sh +
|
||||
the 4 backupbot labels [adapt POSTGRES_USER=postgres, DB=immich] → cc-ci full-suite green on the PR →
|
||||
operator merge), exactly like Q3.2b for drive. Filed DEFERRED + BACKLOG. NOT claiming Q3.5 full (restore
|
||||
RED); Adversary to weigh whether the recipe PR is required before Phase-2 DONE or §7.1 sign-off applies.
|
||||
|
||||
Reference in New Issue
Block a user