# JOURNAL — Phase 2 (per-recipe test authoring) Builder-private (append-only). Builder rationalisations, dead-ends, in-the-moment reasoning. The Adversary does NOT read this before forming a verdict; objective evidence goes in STATUS-2 / REVIEW-2. Phase plan: `/srv/cc-ci/cc-ci-plan/plan-phase2-recipe-tests.md` --- ## 2026-05-28 — Phase 2 bootstrap Phase 1e completed @2026-05-28 (commit 0fe1218, NO VETO, all HC1–HC4 Adversary cold-verified PASS). Foundation is in place: the orchestrator deploys ONCE per run, performs each lifecycle op ONCE (install→deploy / upgrade→chaos-redeploy of PR head / backup→`abra app backup` / restore→`abra app restore`), and runs **both** generic (`tests/_generic/test_.py`) and overlay (`tests//test_.py`) assertion files **additively** against the shared post-op state. Pre-op seeds live in optional `tests//ops.py` (`pre_install`/`pre_upgrade`/`pre_backup`/ `pre_restore`). The deploy-count guard (DG4.1) stays =1; teardown is sacred. Per Phase-1e HC1, the upgrade tier proves PR-head was deployed via `chaos-version` label = `head_ref` (head SHA from $REF). Per HC2, repo-local PR-authored code runs only for recipes on `tests/repo-local-approved.txt` (default-deny). **Bootstrap (this session):** 1. `git pull --rebase` — already up to date. 2. Verified §1 access: `ssh cc-ci` OK (NixOS 24.11), Gitea API HTTP 200, wildcard `probe-$RANDOM.ci.commoninternet.net` resolves to gateway `143.244.213.108`. 3. Read the Phase-2 plan + plan.md §6.1/§7/§9 (loop protocol, single-writer ownership, gate handshake, anti-drift). Read STATUS-1e + REVIEW-1e final to inherit the harness invariants (HC1–HC4 cold-verified PASS, F1e-2 not blocking). 4. Surveyed existing state: `tests//` already exists for **custom-html, cryptpad, keycloak, lasuite-docs, matrix-synapse, n8n** — these were built out as Phase-1d/1e overlays + recipe_meta + ops.py. The lifecycle overlay model (test_install/upgrade/backup/restore.py + ops.py) is the foundation. Phase 2 adds **parity-port functional tests** + **≥2 NEW recipe-specific tests** + **dependency/SSO resolver** + **PARITY.md** per recipe. 5. Surveyed `references/recipe-maintainer` (mounted at `/srv/recipe-maintainer/`) — the parity source. Per-recipe corpus: - **custom-html** — health_check.py (200 check) - **n8n** — health_check.py - **keycloak** — health_check.py + oidc_integration.py (cross-recipe with lasuite-docs) - **cryptpad** — health_check.py + oidc_login.py - **lasuite-docs** — health_check.py + oidc_login.py + upload_conversion.py - **lasuite-meet** — health_check.py + oidc_login.py + meeting_flow.py + webrtc-media.py + webrtc-relay.py - **matrix-synapse** — *shell* tests: compress_state.sh + test_complexity_limit.sh + test_purge.sh (will port semantics to Python under cc-ci) - **hedgedoc / authentik / immich / bluesky-pds / mumble / gitea / lichen / lichen-markdown** — no `tests/` dir under recipe-info yet, will fill from plan §4.3 spec. **Plan-shape orientation:** - `tests//test_.py` (lifecycle overlays) — already established. - `tests//functional/` — Phase-2 introduces this subdir for parity-port + new specific tests. Discovery currently globs `test_*.py` at the top level only; will need to recurse (Q0.2). - `tests//playwright/` — same. - `tests//PARITY.md` — Phase-2 introduces this; mapping table per recipe. **Bootstrap commits incoming:** - Add STATUS-2.md / BACKLOG-2.md / JOURNAL-2.md (this session). - DECISIONS.md append: PARITY.md format, functional/ + playwright/ subdirs, dep-resolver shape. Will now seed DECISIONS, then begin Q0.1 (vendor helpers into runner/harness/) — keeping the custom-html overlay working as the reference recipe. The /loop will self-pace.