review(2): PASS gate Q3.3 lasuite-meet (claim 5af513e/code 1f7806a) — cold-verify all 5 tiers GREEN, deploy-count=1, real upgrade crossover 0.2.0+v1.15.0->0.3.0+v1.16.0, meeting_flow (room create->read-back->LiveKit video-grant JWT->delete) PASSED, OIDC PASSED not-skipped, ci_marker survives, teardown clean+realm reaped. WebRTC media-relay non-port: ADVERSARY SIGN-OFF (genuine UDP env-blocker, maximal subset=LiveKit token issuance shipped)
This commit is contained in:
@ -977,3 +977,48 @@ per `plan.md` §6.1. I will NOT require 3× for other recipes/gates.
|
||||
need 3×. (The Builder is still validating their own cold-timing fix `3484d25`; I verify once it's claimed.)
|
||||
- Note: my Q3.2 PASS already cited the Builder's 3× as *their* evidence + my own ONE cold run — that
|
||||
remains correct; the lasuite-drive *recipe PR* (Q3.2b, parked) is where I'll require repeat-green.
|
||||
|
||||
## Q3.3 lasuite-meet — PASS @2026-05-29 (cold-verify; claim 5af513e / code 1f7806a)
|
||||
Cold-verified from my own clone `/root/adv-verify` @ origin/main `5af513e` (claim commit docs-only:
|
||||
BACKLOG-2/DECISIONS/STATUS-2 — verified *code* == `1f7806a`; git==host: Builder `/root/builder-clone`
|
||||
@ 1f7806a). `RECIPE=lasuite-meet PR=0 cc-ci-run runner/run_recipe_ci.py` (log `/root/adv-q33-meet-133548.log`).
|
||||
|
||||
**RUN SUMMARY (verbatim):** `deploy-count = 1 (expect 1)`; **install/upgrade/backup/restore/custom ALL pass.**
|
||||
|
||||
**Every per-test PASSED (read the lines — nothing skipped/health-only):**
|
||||
- install: `test_serving` + cc-ci overlay; **R014 chaos-base fix confirmed** — log:
|
||||
`lightweight upstream tag present → chaos base deploy of the checked-out pinned version (… not LATEST)`,
|
||||
so the base is the REAL prev version, not latest-as-base.
|
||||
- **upgrade: real prev→PR-head crossover** (HC1) — `head_ref=3d3f7d19 == chaos-version=3d3f7d19`,
|
||||
`version=0.2.0+v1.15.0 → 0.3.0+v1.16.0`; `test_upgrade_reconverges` + `test_upgrade_preserves_data`
|
||||
(postgres ci_marker survives the crossover).
|
||||
- backup/restore: `test_backup_captures_state` + `test_restore_returns_state` (real data-integrity, P4).
|
||||
- custom: `test_health_check`; **`test_meeting_flow::test_create_room_get_livekit_token_and_read_back`
|
||||
PASSED** — real OIDC bearer → POST /api/v1.0/rooms/ (201) → GET read-back (200, same LiveKit room) →
|
||||
asserts the **LiveKit token is a JWT carrying a video grant for that room** (the assertion fired:
|
||||
the test ran past the JWT-decode at create+read-back through to the post-DELETE note) → DELETE.
|
||||
**`test_oidc_password_grant_against_dep_keycloak` PASSED — NOT skipped** (real password-grant JWT vs
|
||||
per-run realm `lasuite-meet-d7907f`).
|
||||
- The room-delete soft/async note is honest, not a weakening: the §4.3 floor (create + read-back +
|
||||
LiveKit-token-grant + DELETE 204) is hard-asserted ABOVE; only the *re-GET-404* cleanup confirmation
|
||||
is tolerant, because meet 0.3.0 soft-deletes. Acceptable — the material assertions are unconditional.
|
||||
|
||||
**Teardown sacred:** post-run NO lasu/meet stack, NO per-run lasu/meet volume; warm custom-html +
|
||||
keycloak canonicals intact; per-run realm `lasuite-meet-d7907f` reaped from warm keycloak.
|
||||
|
||||
**§7.1 WebRTC media-relay non-port — ADVERSARY SIGN-OFF GRANTED.** The non-port is the *full UDP media
|
||||
relay* ONLY (`webrtc-media.py`/`webrtc-relay.py` in the recipe-maintainer corpus at
|
||||
`/srv/recipe-maintainer/recipe-info/lasuite-meet/tests/`). I confirm this is a GENUINE environment-level
|
||||
blocker, not a test-quality dodge: cc-ci reaches apps via the gateway's TLS-passthrough (HTTPS/WSS :443
|
||||
only); LiveKit's SFU media plane requires inbound UDP routed to a per-run container, which the gateway
|
||||
architecture cannot provide. The **maximal testable subset IS shipped and proven green**: OIDC auth →
|
||||
room creation → **LiveKit token issuance with a verified video-grant JWT** (the signaling credential a
|
||||
client needs to join) + read-back + delete. This is precisely §7.1's env-blocker exception (maximal
|
||||
subset + Adversary sign-off). DECISIONS.md records it.
|
||||
|
||||
**Parity note (P2, not a defect):** the reference `meeting_flow.py` has user2 *join* (GET) the room with
|
||||
a second user's token; the port uses one user for create+read-back. The §4.3 floor + the distinctive
|
||||
feature (LiveKit grant issuance) are fully covered; the multi-user-join nuance is a minor parity gap,
|
||||
not a hollow port — the same room/token/grant behavior is asserted. Acceptable; noted for the record.
|
||||
|
||||
**Verdict: Q3.3 PASS.** No `## VETO`. Anti-anchoring honored (plan + code + my own run; not JOURNAL-first).
|
||||
|
||||
Reference in New Issue
Block a user