fix(2): Q4.2 mumble — CHAOS_BASE_DEPLOY meta flag for chaos base deploy (clean-tree gate)
mumble's pinned base deploy (prev version 0.2.0) FATAs 'has locally unstaged changes' because install_steps provides an untracked compose.host-ports.yml. New recipe_meta CHAOS_BASE_DEPLOY=True + lifecycle._recipe_meta_flag + deploy_app branch -> base uses chaos (skips clean-tree/lint, deploys the checked-out pinned version, not LATEST), mirroring the lightweight-tag chaos-base path. DECISIONS.md records the full mumble enrollment design. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@ -857,3 +857,34 @@ under an active throttle. Therefore the gate's full-lifecycle green still depend
|
||||
the install-tier deploy's first download (achievable after a rate-limit cooldown with a single clean
|
||||
run). The recipe PR is filed as a deferred robustness follow-up (Q4.7b), mirroring the Q3.2b/immich
|
||||
pattern; Adversary/operator weigh whether it gates Phase-2 DONE.
|
||||
|
||||
## mumble: TCP/voice recipe enrollment — mumbleweb HTTP readiness + host-ports + CHAOS_BASE_DEPLOY (2026-05-29)
|
||||
|
||||
**Decision (settled):** mumble is a non-HTTP TLS voice server (port 64738). To enroll it in cc-ci's
|
||||
HTTP-readiness + on-host (cc-ci-run) test model, deploy it with the two upstream overlays
|
||||
`COMPOSE_FILE=compose.yml:compose.mumbleweb.yml:compose.host-ports.yml` (recipe_meta.EXTRA_ENV):
|
||||
- **compose.mumbleweb.yml** — the upstream mumble-web HTTP client, routed through Traefik on the app
|
||||
domain. Gives the generic harness a real HTTP serving/readiness signal (HEALTH_PATH "/") AND the
|
||||
web_client.py parity surface. Present in every published mumble version.
|
||||
- **compose.host-ports.yml** — publishes 64738 (tcp+udp, mode:host) on the cc-ci host, so the on-host
|
||||
protocol tests connect to 127.0.0.1:64738. The voice server has NO HTTP API and cc-ci's Traefik only
|
||||
exposes 80/443 (no `mumble` TCP entrypoint; the gateway forwards 443 only, out of our control), so a
|
||||
host-published port is the reachable path. The `proxy` overlay is attachable (an ephemeral-container
|
||||
path was considered) but host-ports is simpler and needs no extra image.
|
||||
|
||||
**Two enrollment hazards + their fixes:**
|
||||
1. The upstream `compose.host-ports.yml` exists only from version **1.0.0+**, but the upgrade tier's
|
||||
base deploy is the **previous** published version (0.2.0+), which predates it → COMPOSE_FILE fails
|
||||
to resolve on the base deploy. Fix: `tests/mumble/install_steps.sh` provides a cc-ci-owned identical
|
||||
`compose.host-ports.yml` to the recipe checkout when absent (no-op when the version ships it natively).
|
||||
2. That provided file is UNTRACKED in the older checkout → abra's PINNED base-deploy clean-tree check
|
||||
FATAs ("has locally unstaged changes"). Fix: new recipe_meta flag **`CHAOS_BASE_DEPLOY=True`** +
|
||||
harness support (`lifecycle._recipe_meta_flag` + a `deploy_app` branch) → the base deploy uses chaos
|
||||
(skips lint/clean-tree, deploys the EXPLICITLY-checked-out pinned version — not LATEST), mirroring the
|
||||
existing lightweight-tag chaos-base mechanism. HC1/deploy-count unaffected (upgrade still chaos-redeploys
|
||||
to PR-head; base chaos-version=prev-commit != head → real crossover).
|
||||
|
||||
**P4 (backup data-integrity):** mumble persists server state in `/data/mumble-server.sqlite` (the exact
|
||||
file the recipe's backupbot hooks `.backup`/restore). ops.py seeds a `ci_marker` row there (using
|
||||
`PRAGMA busy_timeout` to wait out the running murmur server's transient sqlite locks), backup, drop,
|
||||
restore, assert the row survived.
|
||||
|
||||
Reference in New Issue
Block a user