fd02d9f4b8
All checks were successful
continuous-integration/drone/push Build is passing
harness.meta.HookCtx (frozen): .domain, .base_url, .meta (RecipeMeta), .deps (provisioned dep creds from $CCCI_DEPS_FILE or None), .op (current lifecycle op or None); built via meta.hook_ctx() at each hook call site. All recipe callables now take ctx: EXTRA_ENV(ctx), UPGRADE_EXTRA_ENV(ctx), READY_PROBE(ctx), BACKUP_VERIFY(ctx), SCREENSHOT(page, ctx), ops.py pre_<op>(ctx). Dict-valued EXTRA_ENV/UPGRADE_EXTRA_ENV unchanged (only the callable signature moved). Call sites converted: deploy_app env shaping, perform_upgrade, wait_ready_probes (gains op=), _perform_op BACKUP_VERIFY, screenshot.capture, _run_pre_hook. Legacy signatures fail FAST with a clear migration message: the registry carries hook_params per hook key, enforced at meta.load() (MetaError names the old vs new signature); ops.py pre-op hooks get the same check at the orchestrator call site (meta.check_hook_signature) — no silent TypeError mid-run. Migrated every in-repo user mechanically (17 ops.py files; cryptpad/lasuite-*/ mailu EXTRA_ENV; mumble+lasuite-drive READY_PROBE; ghost/discourse BACKUP_VERIFY) — seeded values, probes and assertions byte-identical (domain -> ctx.domain; keycloak pre_restore's meta arg -> ctx.meta). Unit tests: hook_ctx field contract, ctx.deps from the run deps file, legacy- signature MetaError (READY_PROBE/EXTRA_ENV/SCREENSHOT + pre-op checker), ctx signatures accepted. Docs table regenerated (signature docs in key docs). Verified on cc-ci: cc-ci-run -m pytest tests/unit -q -> 180 passed; scripts/lint.sh -> PASS.
33 lines
1.7 KiB
Python
33 lines
1.7 KiB
Python
# Per-recipe harness config for mailu (Phase 2 Q4.9 — full email stack: nginx front + admin +
|
|
# dovecot(imap) + postfix(smtp) + rspamd(antispam) + webmail + redis + certdumper).
|
|
#
|
|
# cc-ci integration notes:
|
|
# - TLS_FLAVOR=notls: mailu's mail-port TLS normally comes from `certdumper`, which dumps certs from
|
|
# traefik's ACME acme.json. cc-ci uses a FILE-PROVIDER wildcard cert (no ACME), so there is no
|
|
# acme.json — certdumper would never produce certs. notls disables mail-port TLS so the stack does
|
|
# not depend on those certs. (certdumper still runs idle, mounting the existing
|
|
# traefik_ci_commoninternet_net_letsencrypt volume; harmless.) The web/admin UI is served over the
|
|
# real wildcard TLS via Traefik regardless.
|
|
# - TRAEFIK_STACK_NAME must match cc-ci's traefik stack so the external `*_letsencrypt` volume resolves.
|
|
# - MAIL_DOMAIN/HOSTNAMES are pinned to the per-run domain (callable EXTRA_ENV).
|
|
# - Mail ports (25/465/587/110/143/993/995) are published mode:host on the cc-ci host, so on-host
|
|
# tests can reach SMTP/IMAP at 127.0.0.1.
|
|
# Smoke (mail-smoke deploy) showed the nginx front serves `/` → 301 (redirect to /webmail) once up;
|
|
# /admin briefly 502s during admin first-boot, so `/` is the stable readiness signal. (The
|
|
# create-mailbox test uses the admin-container `flask mailu` CLI, which bypasses HTTP entirely.)
|
|
HEALTH_PATH = "/"
|
|
HEALTH_OK = (200, 301, 302)
|
|
DEPLOY_TIMEOUT = 900
|
|
HTTP_TIMEOUT = 600
|
|
|
|
|
|
def EXTRA_ENV(ctx):
|
|
return {
|
|
"MAIL_DOMAIN": ctx.domain,
|
|
"HOSTNAMES": ctx.domain,
|
|
"TRAEFIK_STACK_NAME": "traefik_ci_commoninternet_net",
|
|
"TLS_FLAVOR": "notls",
|
|
"SITENAME": "ccci-mail",
|
|
"POSTMASTER": "admin",
|
|
}
|