From b6c70ef09bb53ccd7121096b14698bac31664f2b Mon Sep 17 00:00:00 2001 From: autonomic-bot Date: Tue, 2 Jun 2026 00:48:57 +0000 Subject: [PATCH] claim(mirror): Ph4 deploy complete + Ph5 !testme posted on ghost/immich/plausible --- machine-docs/BACKLOG-mirror.md | 14 ++++++----- machine-docs/JOURNAL-mirror.md | 43 ++++++++++++++++++++++++++++++++++ machine-docs/STATUS-mirror.md | 36 ++++++++++++++++------------ 3 files changed, 72 insertions(+), 21 deletions(-) diff --git a/machine-docs/BACKLOG-mirror.md b/machine-docs/BACKLOG-mirror.md index 4c00c30..e3a02ed 100644 --- a/machine-docs/BACKLOG-mirror.md +++ b/machine-docs/BACKLOG-mirror.md @@ -23,13 +23,15 @@ - [x] Confirm each has tests// in repo (all 9 already present — Adversary-confirmed) - [x] Commit + push cc-ci repo -### Phase 4 — Deploy (OPERATOR GATE) -- [ ] CLAIM gate — exact command + confirm /root/cc-ci at committed head + Phases 1-3 complete -- [ ] Wait for operator to run `nixos-rebuild switch --flake .#cc-ci` on cc-ci +### Phase 4 — Deploy ✓ +- [x] Sync /root/builder-clone to HEAD (git rebase origin/main → 19747bf) +- [x] Run `nixos-rebuild switch --flake path:/root/builder-clone#cc-ci` (exit 0, deploy-bridge reran) +- [x] Verify: POLL_REPOS=20, bridge watching all 20 repos, system healthy -### Phase 5 — Verify !testme triggerability (post-deploy) -- [ ] Post !testme on 2-3 newly-enrolled recipe PRs; confirm Drone build starts within 60s -- [ ] Spot-check bridge poll log shows all 19 repos (not 11) +### Phase 5 — Verify !testme triggerability (in progress) +- [x] Spot-check bridge poll log: 20 repos (all 19 recipes + cc-ci) ✓ +- [x] Posted !testme on ghost PR#2, immich PR#1, plausible PR#1 +- [ ] Confirm Drone builds triggered + complete (polling) ### Phase 6 — Resume per-recipe debugging (post-enrollment) - [ ] matrix-synapse upgrade re-run failure diff --git a/machine-docs/JOURNAL-mirror.md b/machine-docs/JOURNAL-mirror.md index fcf5bd7..9db278e 100644 --- a/machine-docs/JOURNAL-mirror.md +++ b/machine-docs/JOURNAL-mirror.md @@ -75,6 +75,49 @@ Edited nix/modules/bridge.nix POLL_REPOS: All 9 newly enrolled recipes confirmed to have tests// (Adversary-confirmed). +## 2026-06-02 — Phase 4: nixos-rebuild switch (deploy expanded POLL_REPOS) + +Operator removed the Phase 4 gate (plan commit ad2ade8) — Builder deploys autonomously. + +Pre-deploy check: +- /root/cc-ci does not exist on host; using /root/builder-clone (the live host checkout) +- builder-clone was at 51ba205 (old); synced via `git fetch + git rebase origin/main` → 19747bf + +Rebuild command: +``` +ssh cc-ci 'systemd-run --unit=nixos-rebuild-mirror --collect \ + nixos-rebuild switch --flake "path:/root/builder-clone#cc-ci"' +→ Running as unit: nixos-rebuild-mirror.service +→ Exit: 0 +``` + +Journal output (deploy-bridge.service): +``` +Jun 02 00:47:16 nixos systemd[1]: Stopped Reconcile the cc-ci comment-bridge (!testme webhook) swarm service. +Jun 02 00:47:17 nixos systemd[1]: Starting Reconcile the cc-ci comment-bridge... +Jun 02 00:47:18 nixos cc-ci-reconcile-bridge: Loaded image: cc-ci-bridge:3761c4221042 +Jun 02 00:47:18 nixos cc-ci-reconcile-bridge: Updating service ccci-bridge_app (id: m8wbajq34lwrhn7m3x9cml4pn) +Jun 02 00:47:19 nixos systemd[1]: Finished Reconcile the cc-ci comment-bridge. +``` + +Post-deploy verification: +``` +ssh cc-ci 'systemctl is-system-running' → running ✓ +ssh cc-ci 'nixos-version' → 24.11.20250630.50ab793 ✓ +docker service inspect: POLL_REPOS count = 20 ✓ +bridge log: poller watching [...20 repos...] every 30s ✓ +No rollback needed. +``` + +## 2026-06-02 — Phase 5: !testme triggerability on 3 newly-enrolled recipes + +Posted !testme via Gitea API on: +- ghost PR#2 (7b488a33): "chore: upgrade to 1.3.0+6.42.0-alpine" → HTTP 201 ✓ +- immich PR#1 (a846cf38): "fix(backup): back up the postgres database..." → HTTP 201 ✓ +- plausible PR#1 (bd8bd93d): "fix(clickhouse): resilient clickhouse-backup fetch..." → HTTP 201 ✓ + +All posted at ~2026-06-02T00:50Z. Bridge polls every 30s; builds should appear within 60s. + ## 2026-06-02 — A-mirror-1 resolution: hedgedoc !testme post-authoring Adversary filed A-mirror-1: hedgedoc tests authored but no post-authoring !testme run existed. diff --git a/machine-docs/STATUS-mirror.md b/machine-docs/STATUS-mirror.md index 27d3922..0d8ecaf 100644 --- a/machine-docs/STATUS-mirror.md +++ b/machine-docs/STATUS-mirror.md @@ -38,27 +38,33 @@ - Adversary verified: cc-ci/testme state=success; clean_teardown=true; no_secret_leak=true - A-mirror-1 closed in BACKLOG-mirror.md by Adversary @00:50Z -### Phase 4 — Deploy — OPERATOR GATE CLAIMED (awaiting Adversary + operator) +### Phase 4 — Deploy ✓ COMPLETE @2026-06-02T00:47Z +- Synced /root/builder-clone to HEAD (git rebase origin/main → 19747bf) +- Ran: `systemd-run --unit=nixos-rebuild-mirror nixos-rebuild switch --flake path:/root/builder-clone#cc-ci` +- nixos-rebuild built 6 derivations: bridge-stack.yml, reconcile-bridge, deploy-bridge.service, system-units, etc, nixos-system +- deploy-bridge.service ran at 00:47:17Z, updated bridge swarm service: `Updating service ccci-bridge_app` +- Live POLL_REPOS verified: 20 entries (docker service inspect confirms all 19 recipes + cc-ci) +- Bridge log: `poller (primary) watching [...all 20 repos...] every 30s` ✓ +- System healthy: `systemctl is-system-running` → `running`, NixOS 24.11.20250630.50ab793 ✓ +- `ssh cc-ci` reachable ✓ ; no rollback needed -**Gate: Ph4 CLAIMED — Adversary PASS @00:50Z; awaiting operator deploy** +### Phase 5 — Verify !testme triggerability — IN PROGRESS +- Posted !testme on: ghost PR#2 (7b488a33), immich PR#1 (a846cf38), plausible PR#1 (bd8bd93d) +- All 3 at 2026-06-02T00:50Z — awaiting Drone builds to start and complete -**WHAT:** Phases 1-3 complete. Bridge config updated with 20 POLL_REPOS. Mirrors for -lasuite-drive, mailu, mumble created + synced. hedgedoc tests authored. Adversary must verify -Ph1 mirrors + Ph3 POLL_REPOS change before operator deploys. +**Gate: Ph5 CLAIMED — awaiting Adversary verification once 2-3 builds PASS** + +**WHAT:** Phase 4 deployed; bridge watching 20 repos. Phase 5: !testme posted on 3 newly-enrolled +recipes. Builds must start within 60s of post and complete. **HOW to verify (Adversary):** -- Ph1 mirrors: `curl -s -u https://git.autonomic.zone/api/v1/repos/recipe-maintainers/` for lasuite-drive, mailu, mumble → HTTP 200 + empty=false + default_branch=main -- Ph2 tests: `ls tests/hedgedoc/` → recipe_meta.py, PARITY.md, functional/ present; `ls tests/hedgedoc/functional/` → test_health_check.py, test_branding.py present -- Ph3 POLL_REPOS: `grep POLL_REPOS nix/modules/bridge.nix` → contains all 20 repos (cc-ci + 19 recipes including the 9 new ones) -- Repro: `git clone https://git.autonomic.zone/recipe-maintainers/cc-ci && grep POLL_REPOS nix/modules/bridge.nix` +- Bridge log: `ssh cc-ci 'docker service logs ccci-bridge_app --since 10m 2>&1' | grep "triggered build"` → should show ghost/immich/plausible triggers +- Drone builds: check https://drone.ci.commoninternet.net for recent recipe-ci builds with RECIPE=ghost/immich/plausible +- POLL_REPOS count: `ssh cc-ci 'docker service inspect ccci-bridge_app | jq -r ".[0].Spec.TaskTemplate.ContainerSpec.Env[]"' | grep POLL_REPOS | tr "," "\n" | wc -l` → 20 -**EXPECTED:** Adversary verifies all 3 checks PASS. Then operator runs: -``` -ssh cc-ci 'cd /root/cc-ci && git pull --rebase && nixos-rebuild switch --flake .#cc-ci' -``` -(or via the repo's nixos-rebuild switch --flake path:/root/builder-clone#cc-ci path once synced) +**EXPECTED:** 3 Drone builds triggered (status running or complete); bridge log shows trigger lines for all 3 recipes. -**WHERE:** commit containing this STATUS update (git log --oneline -1 on main) +**WHERE:** This commit + bridge log on cc-ci host ## Blocked - (none)