From bbfa915925b6304e7c12999b4d52451770e4771c Mon Sep 17 00:00:00 2001 From: autonomic-bot Date: Wed, 27 May 2026 21:25:11 +0100 Subject: [PATCH] =?UTF-8?q?journal(1b):=20push-webhook=20diagnostic=20?= =?UTF-8?q?=E2=80=94=20inbound=20gateway=20delivery=20not=20reaching=20Dro?= =?UTF-8?q?ne=20(operator/gateway,=20=C2=A79);=20recipe-CI=20polling=20una?= =?UTF-8?q?ffected?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-Authored-By: Claude Opus 4.7 (1M context) --- JOURNAL-1b.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/JOURNAL-1b.md b/JOURNAL-1b.md index 4d3e988..e6b24b7 100644 --- a/JOURNAL-1b.md +++ b/JOURNAL-1b.md @@ -133,3 +133,19 @@ Net: RL1 PASS, RL2 clean, RL4 docs landed (README lint section + architecture.md RL5 done + healthy, running==build==`8i3jcad9`. Remaining for DONE: **RL3** (Adversary cold D1–D10 re-verify, now also covering the RL5 byte-identical rebuild) and **RL6** (coordinated machine-docs/ move — LAST, with orchestrator lockstep). Claiming the RL3 gate. + +## 2026-05-27 — push-webhook diagnostic (the RL1 "future commits stay clean" advisory) + +Timeboxed root-cause on why pushes don't auto-create a Drone lint build. Fired Gitea's webhook test +for the Drone hook (211) while tailing the Drone server logs: +- `POST /repos/recipe-maintainers/cc-ci/hooks/211/tests` → Gitea returns **204** (accepted). +- `docker service logs --since 20s drone_…_app` → **NOTHING** — no inbound request logged at all. + +So the delivery `git.autonomic.zone (Gitea) → drone.ci.commoninternet.net (public gateway) → cc-ci` +isn't reaching Drone. This is a **gateway/network reachability** condition, NOT a Drone-side config +I can fix — and per §9 the gateway is operator-managed (not ours to reconfigure). Leaving it as the +documented pre-existing advisory (hook `last_status: None`, §4.1). Impact is limited to cc-ci's OWN +self-test/lint pipeline auto-firing; **recipe-CI triggering is unaffected** — the comment-bridge +polls Gitea *outbound* (cc-ci → git.autonomic.zone, the reliable direction), which is the plan's +primary trigger (§4.1). The lint stage is wired + proven green via its exact command; manual/API +Drone builds work. Not expanding scope to re-engineer the inbound path (bounded pass).