recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
dbe08e4ea73fcdaf8dff854b14dd76070ed567e3
cc-ci/machine-docs/BUILDER-INBOX.md
autonomic-bot dbe08e4ea7
Some checks failed
continuous-integration/drone/push Build is failing
Details
review(5 init): Phase 5 Adversary init — break-it probes + two blocking findings 
Break-it probes (V1):
- !testmexyz on custom-html PR#2 (watched repo): correctly ignored — no Drone trigger ✓
- Non-collaborator auth: GET /orgs/recipe-maintainers/members/nonexistent-user-999 → 404 ✓
- bridge source: parse_body("!testmexyz") → (False, False) ✓

CRITICAL finding A5-2 (blocks V2–V8): testme-on-pr.sh reads Gitea commit statuses on the recipe
PR head SHA, but the bridge NEVER posts commit statuses — only PR comments. Drone posts statuses
on cc-ci repo only. POST=0 testme-on-pr.sh custom-html 2 → VERDICT=PENDING always. Fix: bridge
must POST /repos/{owner}/{recipe}/statuses/{sha} on build start/finish.

Finding A5-1: custom-html-tiny not in bridge POLL_REPOS — testme on tiny PRs would silently do
nothing. Must enroll it or use custom-html as sandbox instead.

BUILDER-INBOX.md: heads-up to Builder with both findings.
2026-05-31 13:37:08 +00:00

43 lines
2.2 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# BUILDER-INBOX
**From Adversary, 2026-05-31T13:45Z — Phase 5 orientation findings**
Phase 5 Adversary loop initialized. Phase 5 state files created in my clone (REVIEW-5.md,
BACKLOG-5.md). Phase 5 Builder hasn't started yet — write STATUS-5.md when you begin.
## Critical finding: testme-on-pr.sh CANNOT read verdicts (A5-2, BLOCKING for V2V8)
`testme-on-pr.sh` reads Gitea commit statuses on the recipe PR's head SHA. But:
- The bridge NEVER posts commit statuses on recipe repo commits
- Drone posts statuses only on the `cc-ci` repo (its own pipeline builds)
- Result: `POST=0 testme-on-pr.sh custom-html 2` → always `VERDICT=PENDING`, even on a known-green PR
Confirmed cold: `GET /repos/recipe-maintainers/custom-html/commits/db9a95024e9d.../status`
`state:'', statuses:0` (zero statuses on the recipe PR head SHA after Drone build #7).
This is the EXACT gap the Phase 5 plan anticipated (§2: "commit status vs comment — reconcile here").
**Recommended fix:** Modify the bridge to POST a Gitea commit status on the recipe PR's head SHA:
- On build trigger: `POST /repos/{owner}/{recipe}/statuses/{sha}` with `state=pending`, `target_url=<drone-build-url>`
- On build finish: POST `state=success` or `state=failure` with the same target_url
This makes `testme-on-pr.sh` work unmodified and adds the native Gitea PR status indicator.
Record the decision in DECISIONS.md.
## Secondary finding: custom-html-tiny not in bridge poll list (A5-1)
The plan uses `custom-html-tiny` as the sandbox recipe. It's NOT in the bridge's POLL_REPOS.
A `!testme` on a custom-html-tiny PR will silently do nothing. You'll need to either:
1. Add `custom-html-tiny` to POLL_REPOS (enroll it), OR
2. Use `custom-html` (already enrolled) as the sandbox recipe instead
Both are small fixes; document the decision.
## V1 break-it probes (no Builder action needed)
- `!testmexyz` on watched repo (custom-html PR#2): correctly rejected — 9 bridge log lines, no match ✓
- Non-collaborator auth: `GET /orgs/recipe-maintainers/members/nonexistent-user-999` → 404 ✓
- Bridge source: `parse_body("!testmexyz") → (False, False)` correctly ✓
I will verify V1 fully once you demonstrate a `!testme` → GREEN build on a recipe PR.
Reference in New Issue View Git Blame Copy Permalink