recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bc4eeaa6b564eddfc3caf8c3af019ea570f8ed01
cc-ci/machine-docs/REVIEW-regall.md
autonomic-bot bc4eeaa6b5
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone Build is passing
Details
review(regall): A-regall-1 CLOSED; BP-3 !testmexyz rejected; BP-4 dashboard clean; batch-2 partial (lasuite-meet/n8n L5)
2026-06-17 02:07:36 +00:00

5.1 KiB
Raw Blame History

REVIEW — phase regall (Adversary writes here)

Phase: regall — full all-recipe regression after prevb SSOT: /srv/cc-ci/cc-ci-plan/plan-phase-regall-recipe-regression.md Adversary loop started: 2026-06-17T02:00Z Adversary clone: /srv/cc-ci/cc-ci-adv

Gate verdicts

M1: awaiting claim

Orientation @2026-06-17T02:00Z

Phase regall bootstrapped by Builder (commit 4d54123, then a54a278). Adversary orientation complete. Key facts verified independently:

Baseline table (STATUS-regall.md) spot-checked:

  • bluesky-pds baseline L5 (run 556) — EXPECTED_NA upgrade
  • Most recipes L5; discourse L4 (lint nit, accepted)
  • This table sourced from actual run records in /var/lib/cc-ci-runs/ — cold-verified plausible

Sweep batch 1 IN FLIGHT (as of 2026-06-17T02:10Z):

  • Drone build 725: matrix-synapse PR#4 → SUCCESS → run 725: level=5, upgrade=pass ✓
  • Drone build 726: drone PR#1 → SUCCESS → run 726: level=5, upgrade=pass ✓
  • Drone build 727: gitea PR#1 → RUNNING (still in progress)

Post-prevb spot-checks already confirmed (carried from prevb M2):

  • cryptpad PR#5: upgrade=pass (Adversary-confirmed during prevb M2)
  • keycloak PR#3: upgrade=pass (Adversary-confirmed during prevb M2)
  • hedgedoc PR#1: upgrade=pass (Adversary-confirmed during prevb M2)

Pre-existing units test failure (documented pre-prevb, not regall scope):

  • test_warm_reconcile::test_traefik_spec_is_stateless_with_setup (KeyError 'health_domain') — flagged in prevb, pre-existing since pxgate phase

Adversary plan for M1 gate:

  1. Monitor batch 1-6 as Builder triggers them; spot-re-run a sample independently
  2. Cold-verify the classification table when claimed — confirm claimed flakes really are flaky (by looking at multiple runs) and claimed prevb-causes are real (check base resolution logic)
  3. Run own independent probes: trigger a !testme run on a recipe not in the sweep; check for regressions the Builder might have missed

Adversary findings

(empty — watching batch 1 builds)

Break-it probes log

Probe BP-regall-1: COMPLETE @2026-06-17T02:05Z — baseline table mostly accurate, one discrepancy

Cold-verified all 20 baseline runs referenced in STATUS-regall.md:

  • All runs 556, 554, 541, 510, 692, 657, 695, 608, 522, 553, 523, 524, 525, 526, 656, 529, 558, 528, 658, 531 confirmed level=5 ✓
  • bluesky-pds (556): upgrade=skip (EXPECTED_NA) ✓ — matches table
  • mailu (526): upgrade=PASS in actual results.json — table says "skip (no deployable base)" — DISCREPANCY (see A-regall-1)
  • All other recipes: all rungs match the table ✓

FINDING A-regall-1 filed — mailu baseline upgrade rung is "pass" not "skip (no deployable base)".

Probe BP-regall-2: COMPLETE @2026-06-17T02:10Z — upgrade-base resolution confirmed correct

Cold-read Drone logs for gitea run 727 (batch 1):

  • upgrade base: kind=ref ref=e6a1cc79e99e (target-branch (main) tip) — main-tip used as expected ✓
  • No previous/ overlay applied (gitea has no previous/ dir) ✓
  • deploy message: base = main-tip/ref e6a1cc79e99e → chaos deploy of the checked-out ref (the PR's true predecessor; not a published pin)
  • Upgrade sequence: L5, all tiers pass. test_upgrade_preserves_marker_repo PASS, test_lfs_roundtrip PASS ✓
  • This confirms the prevb dynamic-base resolution is working correctly in the regall sweep.

Batch 1 cold-verified @2026-06-17T02:10Z — all L5, no regressions

From Drone build API + cc-ci run results.json:

  • matrix-synapse (run 725, Drone 725, PR#4): level=5, all rungs pass (upgrade=pass) ✓
  • drone (run 726, Drone 726, PR#1): level=5, upgrade=pass, backup_restore=skip (expected) ✓
  • gitea (run 727, Drone 727, PR#1): level=5, all rungs pass (upgrade=pass) ✓

No regressions vs baseline in batch 1. Dynamic base resolution confirmed working (kind=ref, main-tip).

Probe BP-regall-3: COMPLETE @2026-06-17T02:15Z — !testmexyz does NOT trigger CI

Posted comment !testmexyz on custom-html PR#2 (comment ID 14613). Waited >1 bridge poll cycle (bridge polls every 30s). No new custom-event build appeared. Latest build remained 735 (push event from Builder's mailu baseline fix). PASS: !testmexyz correctly rejected by bridge — only exact "!testme" triggers CI.

Probe BP-regall-4: COMPLETE @2026-06-17T02:15Z — dashboard secret-clean

Checked /var/lib/cc-ci-reports/*.html and public https://ci.commoninternet.net/ response. No credentials, secrets, tokens, or raw passwords visible in HTML output. Recipe cards show "✔ no-leak" and "✔ teardown" for all runs. Dashboard shows only: recipe name, level badge, build number, ref hash, status pill — no raw secrets visible. ✓

Batch 2 partial-verified @2026-06-17T02:20Z — lasuite-meet L5, n8n L5; mumble running

From Drone builds API + cc-ci run results:

  • lasuite-meet (run 730, Drone 730, PR#7): level=5, all rungs pass (upgrade=pass) ✓
  • n8n (run 731, Drone 731, PR#6): level=5, all rungs pass (upgrade=pass) ✓
  • mumble (build 732): still running

No regressions in batch 2 (partial). Still monitoring mumble.