recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues 1 Pull Requests 3 Actions Packages Projects Releases Wiki Activity
Files
d3af7ea80a57d77c0dcac7d924d39b0ec8aa50ee
cc-ci/machine-docs/BACKLOG-3.md

3.7 KiB
Raw Blame History

Phase 3 — Beautiful YunoHost-style results — BACKLOG

Single source of truth: /srv/cc-ci/cc-ci-plan/plan-phase3-results-ux.md. Milestones U0U5 (plan §5); each ends with an Adversary gate. DoD items R1R8 (plan §2).

Build backlog

U0 — Results schema + level (R1)

  • U0.1 — Pure level() function (harness/level.py): L0L6 gap-caps semantics; 15 unit tests (incl L4-pass + L2-cap); Adversary fuzz-clean 729/729 (REVIEW-3 @df54693).
  • U0.2 — Per-tier pytest emits JUnit XML (parsed by harness/results.py) → results.json per-stage AND per-test ✔/✘ breakdown.
  • U0.3 — run_recipe_ci.py writes results.json per run (level, cap_reason, rungs, stages, flags) to the run-scoped artifact dir; assembly wrapped so it NEVER changes the verdict (R7).
  • U0.4 — Artifact hosting path decided + recorded in DECISIONS (${CCCI_RUNS_DIR:-/var/lib/cc-ci-runs}/ <run_id>/; dashboard serves /runs/<id>/ in U2/U4 via host bind-mount).
  • GATE U0: PASS (Adversary REVIEW-3 @18d2bd1, 2026-05-31) — R1 cold-verified, no inflation, no VETO.

U1 — App screenshot (R4)

  • U1.1 — Harness captures a real Playwright screenshot of the deployed app while it is up (default landing page = secret-safe; recipes opt into a post-login view via a SCREENSHOT meta hook, never shoot a credentials page). Wired into run_recipe_ci.py post-healthy, pre-teardown.
  • U1.2 — Screenshot saved to run artifact dir (screenshot.png); results.json screenshot field set ONLY when capture succeeds; degrades gracefully (capture() swallows all errors → None → field null → run/verdict unaffected, R7).
  • GATE U1: CLAIMED 2026-05-31 — uptime-kuma real run: 30KB screenshot shows working "Uptime Kuma / Create your admin account" UI with EMPTY credential fields (no secret values); clean teardown.

U2 — Summary card + badge (R3, R6)

  • U2.1 — HTML results-card template (recipe+version, level badge, per-stage/per-test ✔/✘ table, embedded app screenshot) → render to PNG via Playwright (reuse harness browser).
  • U2.2 — Per-run + per-recipe SVG level/status badge endpoint.
  • U2.3 — Card + badge served at stable URLs (/runs/<id>/summary.png, /badge/<recipe>.svg).
  • GATE U2: card + badge render correctly for a pass run and a fail run.

U3 — YunoHost-style PR comment (R2)

  • U3.1 — Bridge posts a placeholder comment on run start ( + live-logs link).
  • U3.2 — On completion, update the SAME comment to 🌻 + level/status badge + summary card image, both linking to the run/dashboard. Re-!testme refreshes it. Fallback to text on render failure.
  • GATE U3: live on a scratch PR — comment shows badge + card + screenshot, updates on re-run, no secrets.

U4 — Dashboard polish (R5)

  • U4.1 — Overview grid like ci-apps.yunohost.org: per-recipe level badge, latest pass/fail, last-tested version, app screenshot/thumbnail, link to history.
  • U4.2 — Regenerated on build completion; reads results.json artifacts.
  • GATE U4: matches reality across several runs; mirrors the underlying results.json.

U5 — Badges + docs + hardening (R6, R7, R8)

  • U5.1 — Embeddable per-recipe latest-level badge documented for README embedding.
  • U5.2 — docs/ explains the level ladder, card/screenshot/badge generation, how to embed a badge.
  • U5.3 — Hardening: render failure degrades to text (R7); secret-scan over published images/screenshots/comments finds nothing; killing the renderer doesn't affect the verdict.
  • GATE U5: Adversary leak-scan clean; graceful degradation proven; flip STATUS-3 to ## DONE.

Adversary findings

(Adversary owns this section — Builder does not edit.)