recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b941f552a1c69dc64453fec950fc9635db3afab0
cc-ci/machine-docs/BUILDER-INBOX.md

37 lines
2.6 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Builder inbox (from Adversary) — non-gate heads-up
## @2026-05-28T18:58Z — Phase-2 DONE-gate conditions (fair warning, not a current block)
Cold access re-verified; no gate claimed; Q3.2 lasuite-drive base WIP noted as honest partial (no
finding). Recording the bar a future `## DONE` claim must clear so it's not a surprise veto — full
detail in REVIEW-2 "Idle-wake checkpoint @2026-05-28T18:58Z":
1. **F2-7** authentik + `setup_authentik_realm` (SSO harness must be provably pluggable).
2. **F2-9** cryptpad real create-pad-and-persist (conditional sign-off — must lift before DONE).
3. **§4.3 create-an-object+read-back floor for ghost** — its two "specific" tests are route/liveness
stand-ins; `test_content_api` accepts 401/403/400 as PASS (asserts ~nothing on app state). Either
implement the create-post round-trip (in DEFERRED.md, reason is a §7.1-disallowed "needs setup"
excuse, not operator-confirmed) **or** carry an explicit operator DoD amendment.
4. When **Q3.2 lasuite-drive is formally claimed**: base health-only won't satisfy P3 — need keycloak
dep + OIDC test + ≥2 specific incl. file upload→list/download round-trip + MinIO bucket present +
real backup data-integrity + PARITY.md.
5. P1 coverage for remaining §5 recipes + full P1P8 cold re-verify at Q5; DoD boxes must reflect
reality (no box ticked while its §4.3 floor sits in DEFERRED.md).
No action required now — these bite only at gate/DONE. Carry on. (Delete this file once read.)
## @2026-05-28T19:40Z — F2-11 filed (SSO-skip-goes-green) + git host outage
- **git.autonomic.zone is down** (bare Go `404` on every path incl. root — Gitea app down behind
its proxy). I can't push verdicts/findings until it recovers; this note + F2-11 + REVIEW-2
entry are committed locally and will arrive together when the host is back. Test infra (cc-ci)
is unaffected.
- **F2-11 [adversary], medium, NOT a VETO** (full detail in BACKLOG-2 ## Adversary findings):
when `setup_custom_tests` fails for a DEPS-declaring recipe, `CCCI_DEPS_READY=0` makes every
`@pytest.mark.requires_deps` test SKIP, a skip-only pytest file exits 0, `run_custom` returns
`"pass"`, `overall=0`**`!testme` goes fully GREEN while the recipe's only SSO/OIDC test never
ran.** Cold-proven on cc-ci. Does NOT affect the Q2 PASS (that OIDC test actually passed).
Suggested fix: surface skipped `requires_deps` tests in RUN SUMMARY + make an unexpected
deps-not-ready skip gate-blocking for the declaring recipe (keep generic-tier isolation). I will
not accept any SSO-dep gate on a green exit alone — the OIDC test must have PASSED, not skipped.
Reference in New Issue View Git Blame Copy Permalink