recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
caef217fa0b4fe4f6c2b29ae53abc772ac4e3731
cc-ci/machine-docs/STATUS-drone.md
autonomic-bot 720c6584b4
Some checks reported errors
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone Build was killed
Details
status(drone): ## DONE — M1+M2 PASS; build #506 L5; Adversary M2 PASS @2026-06-11T22:30Z 
Adversary M2 PASS (commit 7b4081c): all 6 verification steps passed, §7.1 signed off.
Phase drone DONE. PR recipe-maintainers/drone#1 open for operator merge.

- install+upgrade+custom+lint PASS, backup/restore intentional skip (PARITY.md)
- DG4.1: deploy-count=2/2; clean_teardown=true; no_secret_leak=true
- SCM test verified against per-run dep gitea (not production git.autonomic.zone)
- Build-creation gap accepted as proportionate deferral (Adversary §7.1 sign-off)
- DEFERRED.md updated by Adversary with MAXIMAL SUBSET COMPLETE

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-06-11 22:29:02 +00:00

158 lines
6.1 KiB
Markdown
Raw Blame History

# STATUS — phase drone (drone enrollment with gitea SCM dep)
**Phase plan:** `/srv/cc-ci/cc-ci-plan/plan-phase-drone-enroll.md`
**Builder:** autonomic-bot / Claude (Builder loop)
**Started:** 2026-06-11T21:30Z
---
## DONE
**Adversary M2 PASS @2026-06-11T22:30Z** (commit `7b4081c`)
All phase DoD satisfied. Phase drone complete. PR open for operator merge.
**Operator summary:**
- Drone 1.9.0 enrolled with gitea 3.5.3 as SCM dep; full lifecycle proven via real `!testme` CI
- Gitea dep provisioned per-run (admin user + OAuth2 app); wired to drone at install time via `install_steps.sh`
- SCM-configured functional test (`test_login_redirects_to_gitea_dep`) verifies per-run dep, not production gitea
- Upgrade tier: 1.8.0+2.25.0 → 1.9.0+2.26.0 reconverges cleanly
- Backup structural skip: drone is not backup-capable (no backupbot labels); documented in PARITY.md
- Build-creation API gap accepted as proportionate deferral (Adversary §7.1 sign-off); remaining DEFERRED item
**Build #506 evidence (M2 CI run):**
```
recipe=drone ref=049438e1cb47 pr=1 event=custom (!testme via bridge)
deploy-count = 2 (expect 2) # DG4.1 PASS
deps deployed: ['gitea']
install : pass # test_serving PASSED
upgrade : pass # test_upgrade_reconverges PASSED (1.8.0+2.25.0 → 1.9.0+2.26.0)
backup : skip # intentional: not backup-capable
restore : skip # intentional: not backup-capable
custom : pass # test_login_redirects_to_gitea_dep PASSED
lint : pass
level=5, clean_teardown=true, no_secret_leak=true
```
Screenshot: `machine-docs/screenshots/drone-m2-build506.png`
---
## M2 CLAIMED (superseded by DONE above)
**Evidence:** CI build #506, 2026-06-11T22:21Z — event: custom (!testme on PR #1, recipe-maintainers/drone)
```
recipe=drone ref=049438e1cb47 pr=1
deploy-count = 2 (expect 2) # DG4.1 PASS
deps deployed: ['gitea']
install : pass # test_serving PASSED
upgrade : pass # test_upgrade_reconverges PASSED (1.8.0+2.25.0 → 1.9.0+2.26.0)
backup : skip # intentional: not backup-capable
restore : skip # intentional: not backup-capable
custom : pass # test_login_redirects_to_gitea_dep PASSED
lint : pass
level=5, clean_teardown=true, no_secret_leak=true
```
Gitea dep provisioned at `gite-4c9694.ci.commoninternet.net`:
- Admin user `ci_admin` created
- OAuth2 app created (client_id=`d144083e-5ba5-4d1e-aed2-5e8f8331923a`)
- SCM wired via `install_steps.sh`; test confirmed redirect to dep (not production gitea)
- Dep torn down cleanly post-run
Screenshot: `machine-docs/screenshots/drone-m2-build506.png`
Build URL: `https://drone.ci.commoninternet.net/recipe-maintainers/cc-ci/506`
Results: `/var/lib/cc-ci-runs/506/results.json` (level=5)
Mirror PRs:
- `git.autonomic.zone/recipe-maintainers/drone/pulls/1``testme-1.9.0-cc-ci` branch
- `git.autonomic.zone/recipe-maintainers/gitea/pulls/1` — dependency mirror in place
---
## M1 CLAIMED
**Evidence:** Harness run 5, 2026-06-11T22:18Z on cc-ci host (`/root/drone-test-clone` @ `0aa46db`)
```
== cc-ci run: recipe=drone ref=None pr=0 stages=['custom', 'install', 'upgrade']
deploy-count = 2 (expect 2) # DG4.1 PASS
deps deployed: ['gitea']
install : pass
upgrade : pass
custom : pass
results.json written: ... (level=5 of 5)
```
Log: `/tmp/drone-m1-run5.log` on cc-ci
Results: `/var/lib/cc-ci-runs/manual/results.json`
**All fixes applied:**
- ADV-drone-01 (`7e7e84d`): `_CaptureOneRedirect` no-follow; Adversary verified CLOSED
- DG4.1 count (`5384f5c`): reverted `_count_deploy=False`; dep deploys count per formula
- ADV-drone-02 (`0aa46db`): finally-block fallback teardown from `$CCCI_DEPS_FILE`; 19/19 unit tests PASS
---
## Current state
**P0 prerequisite:** VERIFIED — `/etc/timezone` exists (content `UTC`) on cc-ci host.
**Gate M1:** PASS — Adversary PASS @2026-06-11T22:22Z (commit `3de5925`)
**Gate M2:** PASS — Adversary PASS @2026-06-11T22:30Z (commit `7b4081c`) — **DONE**
---
## DoD tracker (M1)
- [x] P0 verified on host — `/etc/timezone` = `UTC`
- [x] `tests/gitea/recipe_meta.py` — gitea enrolled as dep provider (health + sqlite3 EXTRA_ENV)
- [x] `runner/harness/sso.py``setup_gitea_oauth()` function (admin user + OAuth2 app)
- [x] `runner/run_recipe_ci.py``_enrich_deps_with_sso` extended for gitea
- [x] `tests/drone/recipe_meta.py` — drone with `DEPS=["gitea"]`, health/timeouts
- [x] `tests/drone/install_steps.sh` — wires gitea OAuth into drone deploy
- [x] `tests/drone/functional/test_scm_configured.py` — no-follow redirect; ADV-drone-01 fixed `7e7e84d`
- [x] `tests/drone/PARITY.md` — backup structural-skip justification documented
- [x] Unit tests — 19/19 PASS cold (test_gitea_dep.py + test_deps.py)
- [x] No gate weakening; declared skips justified (backup structural skip per PARITY.md)
- [x] Harness run 5 GREEN — deploy-count 2/2, level=5, install+upgrade+custom+lint PASS
- [x] ADV-drone-02 fixed + unit tested (`0aa46db`)
---
## Verification recipe (for Adversary M1 check)
```bash
# On the orchestrator host (this machine) or from any machine with SSH to cc-ci:
ssh cc-ci "cat /var/lib/cc-ci-runs/manual/results.json" | python3 -c "
import json, sys
r = json.load(sys.stdin)
assert r['level'] == 5, f'level={r[\"level\"]} != 5'
assert r['results']['install'] == 'pass'
assert r['results']['upgrade'] == 'pass'
assert r['results']['custom'] == 'pass'
assert r['rungs']['lint'] == 'pass'
assert r['rungs']['backup_restore'] == 'skip'
assert r['skips']['intentional']['backup_restore']
print('M1 evidence VERIFIED')
"
# Unit tests (19/19):
cd /srv/cc-ci-orch/cc-ci && \
/nix/store/rag15ca0cyi4nqbw6x6w1fqkvq5wmibj-python3-3.12.8-env/bin/pytest \
tests/unit/test_deps.py tests/unit/test_gitea_dep.py -v
# Negative-control structural argument (no live deploy needed):
# A drone WITHOUT install_steps.sh (empty deps file) would not have GITEA_DOMAIN set,
# so /login would not redirect to a gitea domain. The SCM test checks parsed.netloc == gitea_domain;
# wrong netloc → AssertionError. The test is falsified by misconfiguration.
```
---
## Blocked items
(none)
Reference in New Issue View Git Blame Copy Permalink