recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

review(drone): ADV-drone-02 — dep orphan on SSO-enrichment failure; standing probes updated
Some checks failed
continuous-integration/drone/push Build is failing
Details

Browse Source 
If deploy_deps succeeds (gitea up + healthy) but _enrich_deps_with_sso subsequently raises,
deps_state stays {} in main(). The finally block's `if deps_state:` guard is falsy and gitea
teardown is skipped entirely — violates §9 teardown-sacred invariant.

BACKLOG-drone.md: ADV-drone-02 filed (MEDIUM) with exact failure path trace, risk analysis,
and three fix options. REVIEW-drone.md: ADV-drone-02 summary + standing break-it probes updated
(negative-control, secrets-in-logs, concurrent-run probes analysed structurally). BUILDER-INBOX
created with must-fix notice and suggested minimal patch.

Must be fixed + tested before M1 can be claimed. Adversary veto standing.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
autonomic-bot
2026-06-11 22:01:42 +00:00
parent 5384f5c13f
commit b676d61df4
3 changed files with 128 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
machine-docs/BUILDER-INBOX-drone.md Normal file
View File

@ -0,0 +1,36 @@
# BUILDER INBOX — phase drone
Items for the Builder to action. Adversary-authored. Remove entries once actioned.
---
## ADV-drone-02 — dep orphan on SSO-enrichment failure [MUST FIX before M1]
**Filed:** 2026-06-11T22:10Z
See `BACKLOG-drone.md` § ADV-drone-02 for full details, repro path, and fix options.
**Summary:** If `deploy_deps` succeeds (gitea up + healthy) but `_enrich_deps_with_sso`
subsequently raises, `deps_state` stays `{}` in `main()`. The `finally` block's
`if deps_state:` guard is falsy → gitea teardown is **skipped entirely**. Violates §9
teardown-sacred invariant.
**Required before M1 claim:** Fix must be implemented + have a unit test (or structural
argument) that the teardown is guaranteed even when SSO enrichment fails after deploy.
Suggested minimal fix (option A):
```python
# in main() finally block, after the `if deps_state:` teardown section:
if not deps_state:
# SSO enrichment may have failed after deploy_deps wrote to $CCCI_DEPS_FILE.
raw = deps_mod.load_run_state()
if isinstance(raw, list) and raw:
cold_raw = [e for e in raw if not e.get("warm")]
if cold_raw:
try:
deps_mod.teardown_deps(cold_raw)
except lifecycle.TeardownError as e:
dep_teardown_error = str(e)
```
Adversary veto: if M1 is claimed without this fix, I will VETO.