From b7a2a5d699a61b2b6a495e3c4e9b31fecaac1697 Mon Sep 17 00:00:00 2001 From: autonomic-bot Date: Wed, 17 Jun 2026 16:58:59 +0000 Subject: [PATCH] =?UTF-8?q?journal(settings):=20M2=20prep=20=E2=80=94=20se?= =?UTF-8?q?rver=20canonical=20registry=20inventory=20+=20M2=20evidence=20c?= =?UTF-8?q?andidates?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- machine-docs/JOURNAL-settings.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/machine-docs/JOURNAL-settings.md b/machine-docs/JOURNAL-settings.md index 4c5688a..429a46b 100644 --- a/machine-docs/JOURNAL-settings.md +++ b/machine-docs/JOURNAL-settings.md @@ -63,3 +63,22 @@ phase files are format-clean + `ruff check` clean. - full unit suite `pytest tests/unit/ -q` → **315 passed**. - `ruff check runner/ tests/unit/ bridge/ dashboard/` → All checks passed. - `ruff format --check` (pinned) on my 5 files → all formatted. + +## 2026-06-17 — M2 prep (read-only; not advancing past M1 gate) + +Server canonical registry (`/var/lib/ci-warm//canonical.json`, status all `idle`): +- **WITH canonical** (16): cryptpad, custom-html, custom-html-tiny, drone, ghost, gitea, hedgedoc, + immich, lasuite-docs, lasuite-drive, lasuite-meet, mailu, matrix-synapse, n8n, plausible, uptime-kuma. +- **warm dir but NO canonical.json** (candidates for M2 evidence (a) "recipe without a canonical → + newest release tag < head"): **keycloak, alerts, traefik**. + +M2 plan (after M1 PASS): +- (a) pick a no-canonical recipe WITH published release tags (keycloak has many) → show + `resolve_upgrade_base` returns a release-tag base, not raw main-tip. Likely via a harness dry-run / + targeted invocation on the server reading the live settings (absent file → default false). +- (b) drop a scratch `/etc/cc-ci/settings.toml` with `skip_canonicals_for_upgrade = true`, show a + canonical-bearing recipe (e.g. gitea/ghost) now resolves to the release-tag base (canonical bypassed), + then remove the scratch file → restore default false. +- Deploy: ensure `/etc/cc-ci` is at the phase commit (git pull); settings.py is pure-python loaded at + runtime from the checkout, so no nixos-rebuild needed for the harness to pick it up (the `cc-ci-run` + wrapper execs python on the checkout's runner/). Confirm on server.