recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues 1 Pull Requests 3 Actions Packages Projects Releases Wiki Activity
518 Commits 19 Branches 1 Tag
430d57aac3d947e4c6ffdef4e149e3a42e3df369
Commit Graph

518 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
autonomic-bot
430d57aac3 inbox(2): Adversary running plausible break-it probe on the node (settling Q4.7 §4.3 first-hand); ping to reclaim node 2026-05-30 03:42:06 +01:00
autonomic-bot
e45e0eea71 review(2): Q4.3 bluesky-pds PASS — COLD full lifecycle GREEN (my clone, log adv-bluesky-pr0) 5 tiers+4 custom, deploy-count=1, real upgrade crossover 0.1.1+v0.4→0.2.0+v0.4, clean teardown; P4 atproto-account marker non-vacuous via IN-BAND pre_restore delete+assert-gone (no recipe-PR — bluesky volume restore genuinely round-trips, real recipe diff from postgres recipes); 2 distinct P3 functional (account+post §4.3 round-trip + getSession auth-gating 401); no veto 2026-05-30 02:56:26 +01:00
autonomic-bot
7d69a596a7 status(2): fix Q4.3 bluesky claim text (heredoc had eaten backtick code spans) 2026-05-30 02:51:48 +01:00
autonomic-bot
4760f9676a claim(Q4.3): bluesky-pds full lifecycle GREEN — P4 added (atproto account marker survives backup/restore/upgrade; volume restore works, no recipe-PR); 5 tiers + 4 custom pass, deploy-count=1, clean teardown 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-30 02:50:53 +01:00
autonomic-bot
ad53a7c6c4 status(2): Q4.3 bluesky-pds P4 overlay (atproto account marker) authored, full-lifecycle run in flight 2026-05-30 02:49:27 +01:00
autonomic-bot
74da6dc46b feat(2): bluesky-pds P4 data-integrity overlay — deterministic atproto account marker (recipe-aware; catches running-app-holds-sqlite restore gap) via _p4.py + ops/test_upgrade/backup/restore 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-30 02:46:50 +01:00
autonomic-bot
8e160af997 journal(2): mattermost PASS (3rd this session); next bluesky-pds P4 scoped (account-based marker to catch running-app-sqlite-hold restore gap) 2026-05-30 02:39:05 +01:00
autonomic-bot
32050885a8 status(2): Q4.5 mattermost-lts Adversary PASS — DONE (3rd PASS this session; 2 recipe-PRs fixing real backup/restore bugs) 2026-05-30 02:36:54 +01:00
autonomic-bot
2b4087712d review(2): Q4.5 mattermost-lts PASS — COLD full lifecycle GREEN (my clone, log adv-mattermost-pr1) 5 tiers+4 custom, deploy-count=1, real upgrade crossover 10.11.15→10.11.18, clean teardown; P4 restore proven NON-VACUOUS via negative control (PR=0 published recipe → test_restore_returns_state FAILED 'relation ci_marker does not exist', fail-loud) — recipe-PR #1 is a genuine fix; 2 distinct P3 functional tests (self round-trip + cross-user delivery w/ user_b own token); clean teardown after FAILED run too; no veto 2026-05-30 02:35:50 +01:00
autonomic-bot
1ca7b2328b claim(Q4.5): mattermost-lts full lifecycle GREEN — P4 restore fixed via recipe-PR recipe-maintainers/mattermost-lts#1 (published restore was a no-op); 5 tiers + 4 custom pass, deploy-count=1, clean teardown 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-30 02:11:52 +01:00
autonomic-bot
e9d1e894b2 fix(2): mattermost functional tests share a deterministic admin bootstrap (_mm.bootstrap_admin) — only ONE unauthenticated first-user creation is allowed, so the multi-user test no longer collides with create_message 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-30 01:58:32 +01:00
autonomic-bot
7672f110f6 feat(2): mattermost-lts P3 2nd characteristic test (multi-user message visibility) + PARITY/DECISIONS for the postgres-restore recipe-PR 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-30 01:48:08 +01:00
autonomic-bot
342c3b078f status(2): Q4.5 mattermost recipe-PR #1 opened (pg_backup.sh restore fix), validation run in flight 2026-05-30 01:41:37 +01:00
autonomic-bot
11d6d82aad status/journal(2): Q4.5 mattermost P4 overlay caught a real recipe restore defect (no backupbot.restore.post-hook → DB not reimported); recipe-PR queued (immich pattern); node clean 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-30 01:30:19 +01:00
autonomic-bot
012a477540 fix(2): mattermost-lts P4 overlay — postgres service is named 'postgres' not 'db' (exec_in_app container discovery) 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-30 01:18:57 +01:00
autonomic-bot
21e0b16ac4 status(2): Q4.5 mattermost-lts P4 overlay authored, full-lifecycle run in flight 2026-05-30 01:13:55 +01:00
autonomic-bot
80ad0a9ed1 feat(2): mattermost-lts P4 data-integrity overlay (ops.py postgres ci_marker seed + test_install/upgrade/backup/restore) — verifying recipe's PGDATA-dir restore brings the marker back 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-30 01:11:10 +01:00
autonomic-bot
0599477440 status(2): Q4.1 matrix-synapse Adversary PASS — DONE 2026-05-30 01:08:55 +01:00
autonomic-bot
c503f7d51c review(2): Q4.1 matrix-synapse PASS — COLD first-hand full lifecycle GREEN (my clone, log adv-matrix-cold); 5 tiers + 3 custom, deploy-count=1, real upgrade crossover 7.1.0→7.1.1, P4 restore ci_marker survives; §4.3 register retry verified NON-VACUOUS + reproduced the real post-restore transient (500 attempt1/2 → succeeded attempt3, full register→room→send→readback chain intact, 4xx fail-fast, timeout RAISEs); clean teardown; no veto 2026-05-30 01:07:53 +01:00
autonomic-bot
b73018c9ab journal(2): Q4.1 matrix register-500 root cause (restore DROP DATABASE FORCE closes synapse DB pool) + readiness-retry fix 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-30 01:01:09 +01:00
autonomic-bot
9a8850affa claim(Q4.1): matrix-synapse full lifecycle GREEN — §4.3 register transient post-restore 500 root-caused (synapse DB pool closed by restore DROP DATABASE FORCE) + fixed with bounded readiness-retry (not weakened); 5 tiers + 3 functional pass, P4 ci_marker survives, deploy-count=1, clean teardown 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-30 01:00:38 +01:00
autonomic-bot
db124d5107 fix(2): matrix register test — bounded readiness-retry on transient post-restore 5xx (synapse re-establishing DB pool after restore-tier DROP DATABASE); assertion unchanged, RAISEs on persistent failure 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-30 00:52:18 +01:00
autonomic-bot
cf54fe36a8 status(2): Q4.1 matrix — 4 tiers green; §4.3 register test 500 M_UNKNOWN, diagnosing with synapse log capture (not weakening) 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-30 00:45:31 +01:00
autonomic-bot
f39bae71ea status(2): Q3.5 immich Adversary PASS (P4-restore CLOSED); Q4.1 matrix-synapse full-lifecycle run in flight 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-30 00:39:57 +01:00
autonomic-bot
11c5498bfa review(2): Q3.5 immich PASS — COLD first-hand full lifecycle GREEN (my clone, log adv-immich-cold); 5 tiers + 3 custom, deploy-count=1, P4 restore test_restore_returns_state PASSED (ci_marker survives recipe-PR pg_dump backup→restore; non-vacuous: pre_restore DROPs+asserts), negative control 7eb3937 lacks DB backupbot labels (bug confirmed), real upgrade crossover 1.5.1+v2.6.3→1.6.0+v2.7.5, 2 distinct P3 functional, clean teardown; P4-restore RED CLOSED; no veto 2026-05-30 00:36:17 +01:00
autonomic-bot
191a647dcf journal(2): immich claimed; remaining-recipe scope + backup-capability survey (ghost/bluesky/uptime-kuma/mattermost all backup-capable → P4 overlays required) 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-30 00:22:12 +01:00
autonomic-bot
0487631bac claim(Q3.5): immich full lifecycle GREEN — P4 fixed via recipe-PR recipe-maintainers/immich#1 (recipe backed up NO database); 5 tiers + 3 custom pass, deploy-count=1, clean teardown 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-30 00:20:48 +01:00
autonomic-bot
ecd770b9ca feat(2): immich P3 2nd functional test (asset-processing: metadata extraction + library statistics) + PARITY/DECISIONS for immich postgres-backup recipe-PR 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-30 00:08:10 +01:00
autonomic-bot
4f0eeb54bd status(2): immich P4 — mechanism validated, recipe-PR recipe-maintainers/immich#1 opened, full-lifecycle run in flight 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-29 23:59:39 +01:00
autonomic-bot
6241e735ca review(2): drone leftover CLOSED (Builder removed stack+vol, node clean); immich Q3.5 P4 recipe-PR deploy in flight (immi-074f69); no gate pending; drone still operator-blocked (/etc/timezone absent) 2026-05-29 23:49:51 +01:00
autonomic-bot
a4a2e60b87 status(2): immich Q3.5 P4 in-flight — recipe-PR for postgres backup (recipe backs up no DB); inbox consumed, node clean 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-29 23:45:08 +01:00
autonomic-bot
7e2a5bc09c journal(2): immich Q3.5 P4 decision — recipe-PR to add postgres backup (recipe backs up NO DB as published); validate vchord dump/restore empirically first 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-29 23:44:47 +01:00
autonomic-bot
9b2ce09a67 inbox(2): consume adversary heads-up — removed forgotten drone smoke stack+volume (NOT pre-staging; drone integration awaits operator /etc/timezone host-deploy). Node clean: only infra stacks (traefik/bridge/dashboard/backups/warm-keycloak). 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-29 23:39:23 +01:00
autonomic-bot
dd45e9555e revert(2): drop adversary scratch probe scripts accidentally staged by git add -A (runner/adv_*.py are local-only adversary scratch, not Builder code) 2026-05-29 23:37:48 +01:00
autonomic-bot
af94708de4 review(2): resume checkpoint — no gate pending; drone block genuine (/etc/timezone still absent on host); leftover drone smoke stack flagged (housekeeping); immich P4-restore still OPEN, unsigned 2026-05-29 23:37:17 +01:00
autonomic-bot
18577336f0 docs(2): Q5.1 — enroll-recipe.md §2.4 non-HTTP/multi-service/host-dependent recipes + mumble/mailu examples 
Documents the Phase-2 Q4 patterns proven this session: EXTRA_ENV callable, READY_PROBE (HTTP+TCP),
CHAOS_BASE_DEPLOY, recipe_checkout -f, install_steps overlay-drop; non-HTTP protocol tests (mumble
host-ports + _mumble_proto), in-container functional tests (mailu flask/sendmail/doveadm under
TLS_FLAVOR=notls), and P4-N/A when a recipe ships no backupbot label. Worked-example pointers to
tests/mumble + tests/mailu.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-29 22:33:43 +01:00
autonomic-bot
1d99f91b44 status/backlog(2): Q4.10 drone BLOCKED on operator host /etc/timezone deploy (3bde76f); surfaced 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-29 22:20:35 +01:00
autonomic-bot
03b0a3b44d deferred(2): Q4.10 drone blocked on host /etc/timezone deploy (gitea SCM dep); integration scoped 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-29 22:19:55 +01:00
autonomic-bot
3bde76f239 fix(2): cc-ci host — declare /etc/timezone (gitea + Debian-image recipes bind it) 
gitea (drone's SCM dep) binds /etc/timezone:ro; NixOS time.timeZone only creates /etc/localtime, so
the bind failed ('bind source path does not exist: /etc/timezone') → container rejected. Declare
environment.etc.timezone=UTC. Enables drone Q4.10's gitea dep.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-29 22:16:24 +01:00
autonomic-bot
f86a58addf journal(2): drone+gitea integration fully scoped (gitea dep config + admin/token/OAuth-app + install_steps wiring; §4.3 build-creation deferred) 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-29 21:59:07 +01:00
autonomic-bot
25ae2935b9 status(2): Q4.9 mailu Adversary PASS (REVIEW-2 2958eb6, P4-N/A signed off) — DONE; next drone Q4.10 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-29 21:51:57 +01:00
autonomic-bot
2958eb6c97 review(2): Q4.9 mailu PASS — COLD first-hand full lifecycle GREEN ×2 (my clone @6a216ed); deploy-count=1, real upgrade crossover 3.0.0→3.0.1 (head_ref==chaos-version), 2 non-vacuous P3 (unique-mailbox round-trip + unique-marker postfix→dovecot delivery), wait_healthy real gate, clean teardown; P4-N/A §7.1 sign-off GRANTED (no backupbot label, independently confirmed); P5/P6 N/A justified; no veto 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-29 21:51:06 +01:00
autonomic-bot
3c79e3de32 journal(2): drone Q4.10 analysis — needs gitea SCM dep + OAuth + build-trigger pipeline (heaviest §4.3) 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-29 21:46:06 +01:00
autonomic-bot
6a216ed73b claim(2): Q4.9 mailu full lifecycle GREEN (P4 N/A) — awaiting Adversary 
mailu (full email stack) install+upgrade(3.0.0→3.0.1 real crossover, head_ref==chaos-version)+custom
all green; deploy-count=1; clean teardown. backup/restore N/A-skip (no backupbot → P4 N/A; PARITY.md+
DEFERRED.md; Adversary §7.1 sign-off requested). P2 vacuous. P3: create-mailbox (flask→config-export)
+ mail-flow (in-container sendmail→doveadm deliver/store/fetch). TLS_FLAVOR=notls; in-container tools.
HOW/EXPECTED/WHERE in STATUS-2 Gate Q4.9. Logs ccci-mailu-full2 + smoke/smoke2.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-29 21:39:02 +01:00
autonomic-bot
88449431e1 fix(2): Q4.9 mailu — rewrite mail-flow via in-container sendmail+doveadm; drop network IMAP-auth test 
Root cause of the 2 failing custom tests: TLS_FLAVOR=notls → dovecot refuses plaintext auth over
network 143, so host-side IMAP login/auth isn't a meaningful signal. Smoke2 PROVED the in-container
path: sendmail (postfix container) local-injects a marker mail → doveadm search (imap container) finds
it in INBOX. test_mail_flow now exercises the real postfix→rspamd→dovecot deliver/store/fetch via
exec_in_app(service=smtp/imap). Dropped test_imap_login (network plaintext-auth disallowed under notls).
test_mailbox (create+config-export read-back) unchanged. PARITY.md updated.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-29 21:33:11 +01:00
autonomic-bot
916bdd8b68 feat(2): Q4.9 mailu — recipe_meta + health + 3 functional (create-mailbox/imap-login/mail-flow); P4 N/A deferred 
mailu (full email stack). TLS_FLAVOR=notls avoids certdumper/ACME dep (cc-ci file-provider cert);
MAIL_DOMAIN/HOSTNAMES=run domain; TRAEFIK_STACK_NAME for the letsencrypt-volume mount. P2 vacuous (no
corpus). P3: test_mailbox (flask mailu user create + config-export read-back), test_imap_login
(mailbox authenticates over dovecot IMAP:143), test_mail_flow (SMTP submission send → IMAP retrieve,
auth to avoid greylisting). P4 N/A (no backupbot label) — DEFERRED.md + PARITY.md, Adversary §7.1
sign-off pending. Smoke-validated: 8 services converge, mail ports 25/587/143/993 host-open, flask CLI.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-29 21:13:56 +01:00
autonomic-bot
3ab04cd07a journal(2): mailu Q4.9 deeper recon — certdumper/ACME TLS friction; start with TLS_FLAVOR=notls 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-29 20:57:39 +01:00
autonomic-bot
594f2d3389 review(2): Q4.6 discourse deferral VERIFIED SOUND — bitnami/discourse:3.3.1 + :3.1.2 both GONE, bitnamilegacy present; genuine upstream env-blocker (§8), pre-cleared for DONE; no veto 2026-05-29 20:56:01 +01:00
autonomic-bot
7282caef30 journal(2): mailu Q4.9 enrollment plan + discourse Q4.6 block recorded (handoff to next iteration) 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-29 20:54:21 +01:00
autonomic-bot
bdc05e24c4 status/backlog(2): Q4.6 discourse blocked (bitnami images gone); pivot to Q4.9 mailu (images pullable) 
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
 2026-05-29 20:53:09 +01:00