review(mirror): A-mirror-1 CLOSED — Ph1+Ph2+Ph3 FULL PASS @00:50Z
Some checks failed
continuous-integration/drone/push Build is failing
Some checks failed
continuous-integration/drone/push Build is failing
A-mirror-1 resolved: build #113 hedgedoc@441c411c SUCCESS @2026-06-02T00:30Z. test_hedgedoc_has_branding (cc-ci): pass + test_hedgedoc_root_serves (cc-ci): pass. clean_teardown=true, no_secret_leak=true. Ph1+Ph2+Ph3 all verified PASS. Phase 4 operator deploy: CLEARED (Adversary done).
This commit is contained in:
autonomic-bot
@ -16,7 +16,7 @@
|
||||
- [x] tests/hedgedoc/functional/test_health_check.py (GET / → 200 or 302)
|
||||
- [x] tests/hedgedoc/functional/test_branding.py (hedgedoc/codimd/hackmd markers in HTML)
|
||||
- [x] tests/hedgedoc/PARITY.md (scope documentation + deferred items)
|
||||
- [ ] Verify !testme green on hedgedoc PR (post Phase 4 deploy, after bridge restarts)
|
||||
- [x] Verify !testme green on hedgedoc PR — build #113 PASS @2026-06-02T00:30Z (A-mirror-1 closed)
|
||||
|
||||
### Phase 3 — Enroll 9 unenrolled recipes in POLL_REPOS ✓
|
||||
- [x] Edit nix/modules/bridge.nix POLL_REPOS to add bluesky-pds,discourse,ghost,immich,lasuite-drive,mailu,mattermost-lts,mumble,plausible
|
||||
@ -39,29 +39,20 @@
|
||||
|
||||
## Adversary findings
|
||||
|
||||
### A-mirror-1 [adversary] hedgedoc !testme not verified post-authoring
|
||||
### ~~A-mirror-1 [adversary] hedgedoc !testme not verified post-authoring~~ CLOSED ✓
|
||||
|
||||
**Filed:** 2026-06-02T00:40Z
|
||||
**Status:** OPEN
|
||||
**Filed:** 2026-06-02T00:40Z | **Closed:** 2026-06-02T00:50Z
|
||||
|
||||
**Finding:** The plan (Phase 2) requires "verify it green via !testme before relying on it."
|
||||
The hedgedoc tests (test_health_check.py, test_branding.py) were committed to main at
|
||||
2026-06-02T00:25Z. Builds #153/#154 on hedgedoc PR#1 that PASSED were run on 2026-05-28
|
||||
(before the new tests existed). No !testme run has been done since the tests were authored.
|
||||
**Finding:** New hedgedoc tests committed without post-authoring !testme verification (prior
|
||||
builds #153/#154 ran on 2026-05-28, before the tests existed).
|
||||
|
||||
**Impact:** Phase 4 operator deploy is NOT blocked. Phase 5 hedgedoc !testme verification
|
||||
is blocked until A-mirror-1 is closed (Builder must first run !testme on hedgedoc PR after
|
||||
the new tests are committed, then report PASS; Adversary cold-verifies Drone result).
|
||||
**Resolution:** Builder posted !testme on hedgedoc PR#1 at 2026-06-02T00:30:30Z. Bridge
|
||||
triggered build #113 (hedgedoc@441c411c). Adversary cold-verified:
|
||||
- Build #113 status: SUCCESS (all stages pass)
|
||||
- `test_hedgedoc_has_branding (cc-ci): pass` ✓
|
||||
- `test_hedgedoc_root_serves (cc-ci): pass` ✓
|
||||
- `clean_teardown: true`, `no_secret_leak: true` ✓
|
||||
- Commit status `cc-ci/testme state=success target=.../113` ✓
|
||||
|
||||
**Repro:**
|
||||
```
|
||||
GET /repos/recipe-maintainers/hedgedoc/issues/1/comments
|
||||
→ builds #153 (2026-05-28T01:10Z) and #154 (2026-05-28T01:20Z) — both predate authoring
|
||||
git log --format="%ai %s" 242d56b → 2026-06-02 00:25:12 +0000
|
||||
```
|
||||
|
||||
**Resolution:** Builder posts !testme on hedgedoc PR#1 (or any open hedgedoc PR) after
|
||||
this finding is filed, confirms the new tests run and PASS. Adversary re-verifies.
|
||||
|
||||
- [ ] Resolved (Adversary re-test required)
|
||||
- [x] Resolved (Adversary-verified @2026-06-02T00:50Z)
|
||||
|
||||
|
||||
@ -49,9 +49,12 @@ hedgedoc: NO `tests/hedgedoc/` (enrolled but untested — plan Phase 2 must auth
|
||||
|
||||
## Verdicts / Gate records
|
||||
|
||||
### Gate: Ph1+Ph2+Ph3 CLAIMED @2026-06-02T00:25Z — VERDICT: Ph1 PASS, Ph3 PASS, Ph2 PARTIAL FAIL
|
||||
### Gate: Ph1+Ph2+Ph3 CLAIMED @2026-06-02T00:25Z — VERDICT: FULL PASS @2026-06-02T00:50Z
|
||||
|
||||
Cold-verified from /srv/cc-ci/cc-ci-adv (fresh git pull) at 2026-06-02T00:40Z.
|
||||
Cold-verified from /srv/cc-ci/cc-ci-adv (fresh git pull). Initial verdict @00:40Z had Ph2 PARTIAL
|
||||
(A-mirror-1 gap); Builder resolved by posting !testme at 00:30Z; A-mirror-1 CLOSED @00:50Z.
|
||||
|
||||
**Phase 4 operator deploy: CLEARED — Adversary verification complete for Ph1+Ph2+Ph3.**
|
||||
|
||||
#### Ph1 — 3 mirrors created: PASS ✓
|
||||
|
||||
@ -74,7 +77,7 @@ bluesky-pds ✓, discourse ✓, ghost ✓, immich ✓, lasuite-drive ✓, mailu
|
||||
|
||||
All 9 have `tests/<recipe>/` in the repo ✓ (bluesky-pds: 9 files, discourse: 8, ghost: 9, immich: 8, lasuite-drive: 10, mailu: 3, mattermost-lts: 8, mumble: 7, plausible: 8)
|
||||
|
||||
#### Ph2 — hedgedoc test suite: PARTIAL FAIL ✗ → A-mirror-1 OPEN
|
||||
#### Ph2 — hedgedoc test suite: PASS ✓ (A-mirror-1 CLOSED)
|
||||
|
||||
Files authored and present:
|
||||
- `tests/hedgedoc/recipe_meta.py` (HEALTH_PATH=/, HEALTH_OK=(200,302), DEPLOY_TIMEOUT=600) ✓
|
||||
@ -82,21 +85,18 @@ Files authored and present:
|
||||
- `tests/hedgedoc/functional/test_branding.py` (brand markers OR asset markers) ✓
|
||||
- `tests/hedgedoc/PARITY.md` (scope + deferred) ✓
|
||||
|
||||
**GAP:** The plan explicitly requires "verify it green via !testme before relying on it."
|
||||
- Drone builds #153 and #154 on hedgedoc PR#1 both PASSED — but they ran on 2026-05-28T01:10Z and
|
||||
2026-05-28T01:20Z, **BEFORE** the new hedgedoc tests were authored (claim commit 242d56b at
|
||||
2026-06-02T00:25Z).
|
||||
- The new test files (test_health_check.py, test_branding.py) have NOT been run via !testme
|
||||
since being committed to main.
|
||||
- Finding filed as **A-mirror-1** (see BACKLOG-mirror.md).
|
||||
**A-mirror-1 CLOSED:** Builder posted !testme on hedgedoc PR#1 at 2026-06-02T00:30:30Z (after
|
||||
test authoring at 00:25Z). Bridge triggered Drone build #113 (hedgedoc@441c411c) at 00:30:46Z.
|
||||
|
||||
**Phase 4 operator deploy: OK to proceed** — the deploy itself (nixos-rebuild with new POLL_REPOS)
|
||||
does not depend on hedgedoc test quality. A-mirror-1 must be resolved before Phase 5 verification
|
||||
relies on hedgedoc results. Builder should run !testme on hedgedoc PR#1 *after* this claim and
|
||||
confirm the new tests pass.
|
||||
Build #113 RESULTS (cold-verified via ci.commoninternet.net/runs/113/results.json):
|
||||
- install: pass (generic test_serving) ✓
|
||||
- upgrade: pass (generic test_upgrade_reconverges) ✓
|
||||
- backup: pass (generic test_backup_artifact) ✓
|
||||
- restore: pass (generic test_restore_healthy) ✓
|
||||
- custom: pass — **test_hedgedoc_has_branding (cc-ci): pass** ✓, **test_hedgedoc_root_serves (cc-ci): pass** ✓
|
||||
|
||||
**Summary:** Ph1 PASS ✓ | Ph3 PASS ✓ | Ph2 PARTIAL — tests authored but not post-authoring !testme verified.
|
||||
Phase 4 operator deploy may proceed. A-mirror-1 must be closed (hedgedoc !testme PASS) before Phase 5 DONE.
|
||||
New test files explicitly ran as `source: cc-ci`. `clean_teardown: true`, `no_secret_leak: true`.
|
||||
Commit status: `cc-ci/testme state=success target=.../113` ✓
|
||||
|
||||
**Adversary notes builder-break-it:**
|
||||
- !testmexyz was posted on hedgedoc PR#1 at 2026-05-28T01:20Z → no build triggered ✓ (correct)
|
||||
|
||||
Reference in New Issue
Block a user