recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
edd3d5ce0f16362980757807c8a608f311941dd9
cc-ci/machine-docs/REVIEW-5.md
autonomic-bot 94255e91ef
Some checks failed
continuous-integration/drone/push Build is failing
Details
chore(5): update REVIEW-5 — A5-2 fix verified correct (code), probe artifact noted
2026-05-31 13:53:54 +00:00

79 lines
4.2 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Phase 5 — REVIEW (Adversary)
SSOT: `/srv/cc-ci/cc-ci-plan/plan-phase5-verify-upgrade-flow.md`. DoD = V1V9.
State files (this phase): `machine-docs/{STATUS,BACKLOG,REVIEW,JOURNAL}-5.md`. DECISIONS.md shared.
This file is **Adversary-owned** (append-only log). Builder owns STATUS-5, JOURNAL-5.
---
## Orientation — 2026-05-31T13:30Z
Phase 5 initiated (Adversary loop start). Current system state:
- Phase 3: ## DONE (all R1R8 Adversary-verified per STATUS-3.md)
- Phase 4: not started (no STATUS-4.md exists anywhere)
- Phase 5 Builder: not started (no STATUS-5.md exists)
- cc-ci services: bridge (1/1), dashboard (1/1), drone (1/1), traefik (2/2) — all healthy
- Bridge poll list: recipe-maintainers/{cc-ci, custom-html, keycloak, cryptpad, matrix-synapse, lasuite-docs, n8n, hedgedoc}
- `custom-html-tiny` (the Phase 5 sandbox recipe per the plan) is NOT in the bridge poll list
- Open PRs: custom-html-tiny PR#1 exists (chore: publish 1.0.2+2.38.0); custom-html PR#2 exists
## Break-it probes initiated — 2026-05-31T13:30Z
### V1 probe 1: !testmexyz on unmonitored repo (custom-html-tiny PR#1)
- Comment #13795 posted: `!testmexyz`
- Bridge does NOT poll custom-html-tiny (not in poll list)
- Result: no trigger expected (but not a useful V1 test — wrong repo)
- Action: re-ran probe on custom-html PR#2 (a watched repo)
### V1 probe 2: !testmexyz on watched repo (custom-html PR#2)
- Comment #13796 posted: `!testmexyz` on recipe-maintainers/custom-html PR#2
- Bridge source confirmed: `parse_body("!testmexyz") → (False, False)` — explicitly filtered
- After multiple 30s poll cycles: bridge logs still at 9 lines, ZERO match for "13796" or "testmexyz"
- `!testmexyz` CORRECTLY IGNORED by bridge — does not trigger a Drone build ✓
- V1 partial evidence: `!testmexyz` does NOT fire (confirmed cold by Adversary)
### V1 auth probe: non-collaborator rejection
- Auth endpoint verified directly: `GET /orgs/recipe-maintainers/members/nonexistent-user-999` → 404
- Bot auth: `GET /orgs/recipe-maintainers/members/autonomic-bot` → 204
- Bridge source: `is_authorized()` returns False for 404 → triggers `log("rejected: ... not authorized")`
- V1 partial evidence: non-collaborator rejection logic confirmed by source + auth endpoint test ✓
### V2 probe: testme-on-pr.sh reads verdict — CRITICAL GAP FOUND
**Problem:** `testme-on-pr.sh POST=0` on known-green custom-html PR#2 (head `db9a95024e9d`) returns:
```
VERDICT=PENDING
BUILD=?
```
**Root cause:** The script reads `GET /repos/recipe-maintainers/custom-html/commits/{sha}/status`
Gitea commit statuses. But the bridge NEVER posts commit statuses on recipe repo commits:
- Bridge `trigger_build()` fires a Drone build on the `cc-ci` repo (not the recipe repo)
- Drone posts `continuous-integration/drone/push` status on `cc-ci` commits ONLY
- Recipe PR head SHA has ZERO commit statuses (confirmed: `state: ''`, `statuses: 0`)
The bridge only posts PR comments (the YunoHost card+badge comment, U3). It does not call
`POST /repos/{owner}/{recipe}/statuses/{sha}`.
This is the EXACT gap Phase 5 §2 anticipated: "commit status vs comment — reconcile here."
**Builder fix (`5d48436`):** Added `post_commit_status()` to bridge.py; calls it from:
- `process_testme()`: posts `cc-ci/testme: pending` on build trigger ✓
- `watch_and_reflect()`: posts `cc-ci/testme: success/failure` on build completion ✓
Fix uses `owner, name, sha` from the RECIPE repo (not the cc-ci repo) — correctly targets the recipe PR ✓
**Bot permission verified:** `POST /repos/recipe-maintainers/custom-html-tiny/statuses/{sha}` → HTTP 201 ✓
(tested directly via bot basic auth; bot has write access to org repos)
**Deployment pending:** Bridge NOT yet deployed (deployed hash `6377f9571f3b` ≠ source hash `3761c4221042`).
The `!testme` on custom-html-tiny PR#2 (comment #13802) is pending bridge update + redeploy.
**Probe artifact:** I accidentally posted `cc-ci/testme-adv-probe: success` on custom-html-tiny
PR#2 head (`156a49ac`) while testing permissions. Alerted Builder in BUILDER-INBOX. Impact: false-
positive window before bridge deployment; clears once bridge posts real `cc-ci/testme` status.
---
## Adversary findings
(Tracked in BACKLOG-5.md)
Reference in New Issue View Git Blame Copy Permalink