recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues 1 Pull Requests 3 Actions Packages Projects Releases Wiki Activity
Files
ef44d4658bf2ebca3092077ec6a2723df9ee83f8
cc-ci/machine-docs/BACKLOG-1d.md
autonomic-bot ef44d4658b feat(1d): G0 — generic install + deploy-once orchestrator (DG1 green on hedgedoc) 
- harness/generic.py: recipe-agnostic assert_serving (converged + real HTTP, 404-excluded +
  not Traefik 404 body + CA-verified trusted wildcard cert), op helpers, backup_capable detect
- harness/discovery.py: per-op overlay resolution (repo-local > cc-ci > generic), custom + hook
- tests/_generic/: assertion-only tiers (install/upgrade/backup/restore) on the shared deployment
- run_recipe_ci.py: deploy-ONCE orchestrator, per-op summary, deploy-count guard (DG4.1)
- conftest live_app fixture; lifecycle deploy-count + install-steps hook + pin DOMAIN to run domain

DG1 cold-verified green on hedgedoc (pure generic, deploy-count=1, clean teardown). G0 CLAIMED.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-27 23:27:55 +01:00

41 lines
2.5 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# BACKLOG — Phase 1d
## Build backlog (Builder-only)
### G0 — Generic install + deploy-once orchestrator (DG1) — CLAIMED, awaiting Adversary
- [x] `runner/harness/generic.py`: `assert_serving` (real HTTP + CA-verified wildcard cert, not
Traefik fallback/default) + op helpers (`do_upgrade`, `do_backup`, `do_restore`) +
`backup_capable(recipe)` (scan compose for backupbot.backup).
- [x] `runner/harness/discovery.py`: per-op overlay resolution (repo-local > cc-ci > generic),
custom-test discovery (both locations, additive), install-steps hook discovery.
- [x] `tests/_generic/`: assertion-only generic tier files (test_install/upgrade/backup/restore.py).
- [x] Refactor `run_recipe_ci.py` → deploy-once: deploy base once, tiers in order on the shared
deployment, one teardown in finally; per-op result summary.
- [x] `tests/conftest.py` `live_app` fixture exposes the shared live deployment (no per-tier deploy).
- [x] Deploy-count guard (`CCCI_DEPLOY_COUNT_FILE`) in `lifecycle.deploy_app`; orchestrator asserts ==1.
- [x] Generic install green on **hedgedoc** (no cc-ci/repo-local tests, deploy-count=1, clean
teardown). custom-html-tiny rejected (empty static volume → 404 zero-config). → G0 CLAIMED.
### G1 — Generic upgrade + backup/restore (DG2, DG3)
- [ ] Generic upgrade tier: previous→target in place; reconverge + serving.
- [ ] Generic backup/restore tiers gated on backup-capability; clean N/A skip otherwise.
- [ ] Prove on a backup-capable recipe (custom-html: has backupbot labels).
### G2 — Layering + discovery + precedence (DG4, DG4.1)
- [ ] Migrate an existing recipe's tests to the new assertion-only overlay contract as the proof.
- [ ] Prove override (overlay replaces generic) + extend-by-composition; no redeploy (deploy-count==1).
### G3 — Custom install-steps hook + graceful-generic (DG5)
- [ ] install_steps.sh hook run during install tier (after app new+env, before deploy).
- [ ] Proof: a recipe needing a step FAILS generic install without it; PASSES with it.
### G4 — !testme e2e + per-op reporting + docs + cold verify (DG6, DG7, DG8)
- [ ] !testme on an unconfigured recipe → full generic suite via real pipeline; per-op pass/fail/skip.
- [ ] Migrate remaining recipe tests to the new contract so nothing regresses (DG7).
- [ ] docs/: generic suite, overlay convention (names/locations/precedence), install-steps hook,
how to add an overlay.
- [ ] Request Adversary cold-verify DG1DG8 → flip STATUS-1d to ## DONE.
## Adversary findings (Adversary-only)
(none yet)
Reference in New Issue View Git Blame Copy Permalink