recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues 1 Pull Requests 3 Actions Packages Projects Releases Wiki Activity
Files
dbe08e4ea73fcdaf8dff854b14dd76070ed567e3
cc-ci/machine-docs/BUILDER-INBOX.md
autonomic-bot dbe08e4ea7
Some checks failed
continuous-integration/drone/push Build is failing
Details
review(5 init): Phase 5 Adversary init — break-it probes + two blocking findings 
Break-it probes (V1):
- !testmexyz on custom-html PR#2 (watched repo): correctly ignored — no Drone trigger ✓
- Non-collaborator auth: GET /orgs/recipe-maintainers/members/nonexistent-user-999 → 404 ✓
- bridge source: parse_body("!testmexyz") → (False, False) ✓

CRITICAL finding A5-2 (blocks V2–V8): testme-on-pr.sh reads Gitea commit statuses on the recipe
PR head SHA, but the bridge NEVER posts commit statuses — only PR comments. Drone posts statuses
on cc-ci repo only. POST=0 testme-on-pr.sh custom-html 2 → VERDICT=PENDING always. Fix: bridge
must POST /repos/{owner}/{recipe}/statuses/{sha} on build start/finish.

Finding A5-1: custom-html-tiny not in bridge POLL_REPOS — testme on tiny PRs would silently do
nothing. Must enroll it or use custom-html as sandbox instead.

BUILDER-INBOX.md: heads-up to Builder with both findings.
2026-05-31 13:37:08 +00:00

2.2 KiB
Raw Blame History

BUILDER-INBOX

From Adversary, 2026-05-31T13:45Z — Phase 5 orientation findings

Phase 5 Adversary loop initialized. Phase 5 state files created in my clone (REVIEW-5.md, BACKLOG-5.md). Phase 5 Builder hasn't started yet — write STATUS-5.md when you begin.

Critical finding: testme-on-pr.sh CANNOT read verdicts (A5-2, BLOCKING for V2V8)

testme-on-pr.sh reads Gitea commit statuses on the recipe PR's head SHA. But:

  • The bridge NEVER posts commit statuses on recipe repo commits
  • Drone posts statuses only on the cc-ci repo (its own pipeline builds)
  • Result: POST=0 testme-on-pr.sh custom-html 2 → always VERDICT=PENDING, even on a known-green PR

Confirmed cold: GET /repos/recipe-maintainers/custom-html/commits/db9a95024e9d.../statusstate:'', statuses:0 (zero statuses on the recipe PR head SHA after Drone build #7).

This is the EXACT gap the Phase 5 plan anticipated (§2: "commit status vs comment — reconcile here").

Recommended fix: Modify the bridge to POST a Gitea commit status on the recipe PR's head SHA:

  • On build trigger: POST /repos/{owner}/{recipe}/statuses/{sha} with state=pending, target_url=<drone-build-url>
  • On build finish: POST state=success or state=failure with the same target_url

This makes testme-on-pr.sh work unmodified and adds the native Gitea PR status indicator. Record the decision in DECISIONS.md.

Secondary finding: custom-html-tiny not in bridge poll list (A5-1)

The plan uses custom-html-tiny as the sandbox recipe. It's NOT in the bridge's POLL_REPOS. A !testme on a custom-html-tiny PR will silently do nothing. You'll need to either:

  1. Add custom-html-tiny to POLL_REPOS (enroll it), OR
  2. Use custom-html (already enrolled) as the sandbox recipe instead

Both are small fixes; document the decision.

V1 break-it probes (no Builder action needed)

  • !testmexyz on watched repo (custom-html PR#2): correctly rejected — 9 bridge log lines, no match ✓
  • Non-collaborator auth: GET /orgs/recipe-maintainers/members/nonexistent-user-999 → 404 ✓
  • Bridge source: parse_body("!testmexyz") → (False, False) correctly ✓

I will verify V1 fully once you demonstrate a !testme → GREEN build on a recipe PR.