From a48543f57bf505d1bdba3b79814357fd595ac199 Mon Sep 17 00:00:00 2001 From: autonomic-bot Date: Fri, 29 May 2026 13:11:35 +0100 Subject: [PATCH] =?UTF-8?q?status/journal/deferred(2):=20cryptpad=20F2-9?= =?UTF-8?q?=20RESOLVED=20=E2=80=94=20roundtrip=20green=20in=20full=20harne?= =?UTF-8?q?ss=20custom=20tier=20(cold=20deploy);=20awaiting=20Adversary=20?= =?UTF-8?q?close?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-Authored-By: Claude Opus 4.8 (1M context) --- machine-docs/DEFERRED.md | 11 ++++++++++- machine-docs/JOURNAL-2.md | 29 +++++++++++++++++++++++++++++ machine-docs/STATUS-2.md | 10 +++++++--- 3 files changed, 46 insertions(+), 4 deletions(-) diff --git a/machine-docs/DEFERRED.md b/machine-docs/DEFERRED.md index 38f469b..10fc7a5 100644 --- a/machine-docs/DEFERRED.md +++ b/machine-docs/DEFERRED.md @@ -90,7 +90,16 @@ before the build is called done) — but does **not** force closure. `upload_conversion.py` parity (.md/.docx upload+conversion via authenticated `/api/v1.0/documents//upload`) remains as a Phase-2 follow-up below. -### 2026-05-28 — cryptpad create-a-pad + content round-trip Playwright test +### 2026-05-28 — cryptpad create-a-pad + content round-trip Playwright test — ✅ RESOLVED @2026-05-29 +- [x] **RESOLVED @2026-05-29 (Builder, commits `05d0dc1` test + `656b68b` cold-timing fix).** + `tests/cryptpad/playwright/test_pad_content_roundtrip.py` lands the §4.3 create-pad → type → + FRESH-context read-back, **green in the full harness custom tier** (`/root/ccci-cryptpad-full3.log`: + install/upgrade/backup/restore/custom all pass; `test_cryptpad_pad_content_survives_fresh_session` + PASSED; deploy-count=1; clean teardown). Mapped empirically against CryptPad 2026.2.0 (the prior + deferral cited 5.7.0 fragility): editor in nested `…/pad/ckeditor-inner.html`; `/pad/` DOES + auto-create a fragment-keyed pad after ~15s cold init; patience-tuned (`goto_with_retry` + 240s + hash-wait + reload). F2-9 (Adversary-owned) satisfied — left for the Adversary to close on + cold-verify. (Detail below retained for audit.) - [ ] **What:** Add `tests/cryptpad/playwright/test_pad_content_roundtrip.py` — exercise the full "open /pad/, type uniquely-marked content, reload, assert marker survives in the decrypted pad" lifecycle. The §4.3 prescribed CryptPad test. diff --git a/machine-docs/JOURNAL-2.md b/machine-docs/JOURNAL-2.md index 066be1d..66cb84c 100644 --- a/machine-docs/JOURNAL-2.md +++ b/machine-docs/JOURNAL-2.md @@ -858,3 +858,32 @@ collabora cleanly instead of killing it mid-boot. Launching runs 2 + 3 for the A repeat-green before claiming Q3.2. (Part B — recipe-level WOPI healthcheck/gunicorn-perms PR — is no longer required for CI green; will reassess whether to still file it as upstream robustness once 3× green holds.) + +--- + +## 2026-05-29 — cryptpad F2-9 RESOLVED: create-pad content roundtrip green in full harness custom tier + +The §4.3 create-an-object+read-it-back test three prior drafts couldn't land (cited CryptPad +version-fragility) is now working. Empirically mapped CryptPad 2026.2.0 against a live probe instance: +the pad editor is the deeply-nested frame `…/pad/ckeditor-inner.html` (top → `#sbox-iframe` on the +sandbox domain → CKEditor frame); visiting `/pad/` auto-creates a fragment-keyed pad +(`#/2/pad/edit//`) after ~15s cold init (LESS compile). `tests/cryptpad/playwright/ +test_pad_content_roundtrip.py`: create pad → type unique marker into the CKEditor body → wait for +encrypted sync → open a FRESH browser context (no shared localStorage) → navigate to the captured pad +URL → assert the marker survives in the re-decrypted body. Proves genuine E2E-encrypted server-side +persistence (the fresh session carries only the URL+fragment key). + +Validation path: +- 3/3 green standalone against a warm probe instance (commit 05d0dc1). +- First full-suite run did NOT exercise it (I'd `rm`'d the file from builder-clone to unblock a pull; + the ff left it deleted → discovery skipped it — LESSON: `git checkout -- ` after pull, never + leave a tracked test locally-deleted). +- Second full-suite run RAN it but it FAILED on the fresh COLD deploy: the pad `#/2/pad/edit` fragment + didn't appear within `_open_pad`'s 80s wait (cold server datastore + first-ever websocket slower + than the warm probe). Fix `656b68b`: bump `_open_pad` hash-wait to ~240s + a mid-way reload. +- Third full-suite run (`/root/ccci-cryptpad-full3.log`) GREEN: install/upgrade/backup/restore/custom + all pass; **test_cryptpad_pad_content_survives_fresh_session PASSED in the custom tier**; deploy-count=1; + clean teardown. + +F2-9 (Adversary-owned conditional sign-off) is satisfied — left for the Adversary to close on +cold-verify. DEFERRED.md cryptpad create-pad entry marked resolved. diff --git a/machine-docs/STATUS-2.md b/machine-docs/STATUS-2.md index 1f2a3de..6a12d18 100644 --- a/machine-docs/STATUS-2.md +++ b/machine-docs/STATUS-2.md @@ -54,9 +54,13 @@ re-run all 5 tiers GREEN, upgrade tier passes, deploy-count=1, ready-probe OK(20 data-integrity survives, clean teardown; `-c`+owned-wait/READY_PROBE proven non-vacuous. The standing veto-eligible obligation (lasuite-drive upgrade-tier green) is CLEARED. Q3.1/Q3.3/Q3.5 remain for Q3. -**cryptpad F2-9 — roundtrip test in custom tier: fixing cold-deploy timing.** Full-suite custom tier -showed `test_pad_content_roundtrip` needs more patience for pad creation on a fresh cold deploy (passed -3/3 on the warm probe); bumped `_open_pad` wait to ~240s + reload (`656b68b`); re-validating full suite. +**cryptpad F2-9 — ✅ RESOLVED (awaiting Adversary close).** `test_pad_content_roundtrip.py` (§4.3 +create-pad → type → fresh-context read-back; commits `05d0dc1`+`656b68b`) is **green in the full +harness custom tier on a fresh cold deploy** — `/root/ccci-cryptpad-full3.log`: 5 tiers pass, +`test_cryptpad_pad_content_survives_fresh_session` PASSED, deploy-count=1, clean teardown. F2-9 is +Adversary-owned — left for the Adversary to close on cold-verify (HOW: `ssh cc-ci 'cd /root/ && +git pull && RECIPE=cryptpad PR=0 cc-ci-run runner/run_recipe_ci.py'` → custom tier roundtrip PASSED). +DEFERRED.md cryptpad create-pad entry marked resolved. Working next unblocked items (next Q4 recipe) meanwhile.