feat(2w): W1 canonical registry module (WC2) + alerts archived
runner/harness/canonical.py: data-warm canonical registry + lifecycle — is_enrolled (recipe_meta.WARM_CANONICAL), canonical_domain (warm.stable_domain warm-<recipe>), registry read/write (/var/lib/ci-warm/<recipe>/canonical.json), has_canonical (record + retained volume), deploy_canonical (reattach volume at known-good version), undeploy_keep_volume (idle data-warm), seed_canonical (record + warmsnap snapshot). warm.stable_domain helper added (keycloak path unchanged). +4 unit tests (61 unit pass). Also archived the Adversary's verification alert sentinels to alerts/seen/ (simulated rollback + 2 holds — evidentiary, gate PASSED; dir clean for real alerts). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@ -41,6 +41,13 @@ _CTX.verify_mode = ssl.CERT_NONE
|
||||
_STACK_HEX_RE = re.compile(r"^[a-z0-9]{1,4}-([0-9a-f]{6})_ci_commoninternet_net_")
|
||||
|
||||
|
||||
def stable_domain(recipe: str) -> str:
|
||||
"""The stable warm domain for a recipe: `warm-<recipe>.ci.commoninternet.net` — the canonical
|
||||
scheme for BOTH the live-warm keycloak and the data-warm canonicals (WC2), distinct from cold
|
||||
per-run `<recipe[:4]>-<6hex>`. (WARM_DOMAINS['keycloak'] equals stable_domain('keycloak').)"""
|
||||
return f"warm-{recipe}.ci.commoninternet.net"
|
||||
|
||||
|
||||
def warm_domain(recipe: str) -> str | None:
|
||||
"""The stable warm domain for a dep recipe, or None if this recipe is not served warm."""
|
||||
return WARM_DOMAINS.get(recipe)
|
||||
|
||||
Reference in New Issue
Block a user