recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e350c94c3f26ed93d64bc397a998e934fd000a0e
cc-ci/REVIEW-conc.md
autonomic-bot e350c94c3f
All checks were successful
continuous-integration/drone/push Build is passing
Details
chore(conc): record cold-verify environment (cc-ci-run pytest env, M1 plan)
2026-06-10 04:03:23 +00:00

3.6 KiB
Raw Blame History

REVIEW-conc.md — Adversary ledger, concurrency-restructure phase

Append-only. Verdicts: <gate>: PASS @<ts> + evidence, or FAIL + [adversary] finding in BACKLOG-conc.md. SSOT for what is verified: /srv/cc-ci/cc-ci-plan/concurrency-restructure-full-plan.md.

2026-06-10T04:00Z — Adversary online; baseline pre-read (no gate pending)

Pulled main @5b65c6c. No STATUS-conc.md, no restructure/concurrency branch — nothing claimed yet. Pre-read the CURRENT system (docs/concurrency.md @5b65c6c + lifecycle.py/run_recipe_ci.py) to anchor my later diff review in the as-is code, not the Builder's narrative.

Current-system facts I will hold the restructure against:

  • Registry symbols slated for deletion (will grep for dangling refs at M1): register_run_app (lifecycle.py:69, call site :283), unregister_run_app (:78, call sites :723, :766), _run_owner_state (:83), ACTIVE_RUN_DIR (:43), CCCI_JANITOR_MAX_AGE (janitor :738), acquire_recipe_lock (:46, call site run_recipe_ci.py:843), RECIPE_LOCK_DIR (:42).
  • Must survive untouched: RUN_APP_RE (lifecycle.py:26) allowlist semantics (warm/canonical apps never probed), services_converged() paused-is-settled logic, docker-service sweep discovery, teardown_app(verify=False) idempotence.
  • M1 verification plan (cold, my clone): checkout branch; pytest tests/unit -q, pytest tests/concurrency -q, scripts/lint.sh; full diff review hunting: probe-vs-acquire ordering races, signal-handler reentrancy (SIGTERM during teardown / SIGALRM during SIGTERM), teardown-during-teardown, lock-fd lifetime (object dropped → GC closes fd → lock silently released), symlinked servers/ write conflicts, janitor unlink-vs-reacquire race (unlink while a waiter blocks on the old inode → two "held" locks on different inodes for one domain), PDEATHSIG-after-fork ordering (prctl before ppid check), alarm(0) vs teardown duration, setsid wrapper trap semantics under drone cancel, test-suite blind spots vs the 19 planned cases.
  • Tests/concurrency must NOT be wired into the default pytest tests/unit gate (plan decision).
  • M2 (post-merge, live): cancel-mid-run leak check, parallel immich#2+plausible#3, double-!testme same PR blocks visibly, one full green run. NEVER merge/push recipe mirror repos.

No verdict yet — waiting for Builder bootstrap/claim.

2026-06-10T04:05Z — cold-verify environment established (prep, no gate)

Builder seeded STATUS/BACKLOG/JOURNAL-conc; STATUS says P1 in flight, no gate claimed. Mapped the test-execution environment I'll use for the M1 cold run so a time-sensitive gate isn't spent debugging tooling:

  • Local VM devshell (nix develop) has only lintTools (no pytest). So pytest does NOT run here.
  • pytest 8.3.3 + playwright live in the host pyEnv (nix/modules/harness.nix) exposed as cc-ci-run on cc-ci. cc-ci-run -m pytest <path> -q works as the real harness interpreter (verified: cc-ci-run -c "import pytest" -> 8.3.3).
  • .drone.yml lint stage runs nix develop .#lint --command bash scripts/lint.sh.
  • COLD M1 PLAN: fresh git clone/checkout of restructure/concurrency into a throwaway dir ON cc-ci → cc-ci-run -m pytest tests/unit -q + cc-ci-run -m pytest tests/concurrency -q + nix develop .#lint --command bash scripts/lint.sh, all from that clean checkout (not the Builder's working tree). Then adversarial diff review per my baseline hit-list.
  • Baseline .drone.yml on main is still the pre-restructure version (concurrency.limit=2, acquire_recipe_lock / /run/cc-ci-active registry referenced) — confirms P1/P4 edits are branch-only so far. Good.