recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f59d8e69964c6c5152196744a04498405cd2c68e
cc-ci/tests/lasuite-drive/recipe_meta.py
autonomic-bot f59d8e6996 feat(2): Q3.2 lasuite-drive base enrollment + nested-subdomain + replicas:0 harness fixes 
- harness: services_converged treats replicas:0 one-shot (minio-createbuckets) as
  converged (cur==want); removes the want==0 rejection that hung deploys. DECISIONS.md.
- recipe_meta.EXTRA_ENV flattens MINIO_DOMAIN/COLLABORA_DOMAIN to single-label wildcard
  siblings (the *.ci.commoninternet.net cert covers one label only). DECISIONS.md.
- lifecycle overlays (install/upgrade/backup/restore) + ops.py postgres ci_marker
  data-integrity (db user/name=drive). Parity health_check functional test. PARITY.md.
- DEPS=[keycloak] + OIDC/WOPI/upload functional tests deferred to the SSO iteration
  (probe-before-assert: prove the ~10-service base deploy converges first).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-05-28 19:54:31 +01:00

38 lines
2.2 KiB
Python
Raw Blame History

# Per-recipe harness config for lasuite-drive (Phase 2 Q3.2 — multi-service + object-storage/S3 +
# WOPI office, OIDC-dependent). Sibling of lasuite-docs (same La Suite / impress lineage).
#
# Stack: app(frontend SPA) + backend(Django/drive) + celery + celery-beat + db(postgres) + redis +
# mailcatcher + minio(S3) + minio-createbuckets(one-shot) + collabora(WOPI office). ~10 services →
# generous timeouts.
#
# Health: the React SPA is served at `/` by the `app` service and returns 200 unauthenticated
# (login is OIDC-gated, exercised by the SSO functional tests, not by the install health check).
HEALTH_PATH = "/"
HEALTH_OK = (200, 301, 302)
DEPLOY_TIMEOUT = 1200
HTTP_TIMEOUT = 900
# NOTE (Phase 2 Q3.2): the keycloak SSO dep + OIDC functional tests land in the SSO iteration once
# the base deploy/lifecycle is cold-green. Declaring DEPS triggers the orchestrator's
# setup_custom_tests step (deploy keycloak + wire OIDC), so it stays OFF until the base is proven:
# DEPS = ["keycloak"]
def EXTRA_ENV(domain):
# Two of lasuite-drive's services route on DOMAIN-DERIVED **nested** subdomains —
# `MINIO_DOMAIN="minio.${DOMAIN}"` and `COLLABORA_DOMAIN="collabora.${DOMAIN}"`. The cc-ci
# wildcard TLS cert is `*.ci.commoninternet.net` (single label only), so a 2-label name like
# `minio.lasuite-drive-pr0-abc.ci.commoninternet.net` is NOT covered → TLS failure on those
# routers. Flatten each to a single-label SIBLING under the wildcard (`minio-<domain>`,
# `collabora-<domain>`) so the existing wildcard cert covers them and Traefik routes them with
# no cert/gateway change. See DECISIONS.md "Phase 2 — nested DOMAIN-derived subdomains".
# `AWS_S3_DOMAIN_REPLACE` derives from MINIO_DOMAIN in-compose, so setting MINIO_DOMAIN is enough.
return {
"MINIO_DOMAIN": f"minio-{domain}",
"COLLABORA_DOMAIN": f"collabora-{domain}",
# abra's internal per-deploy convergence timeout (recipe TIMEOUT env, default 300s) is too
# short for this ~10-service stack on a cold image cache (impress frontend/backend, minio,
# postgres, redis, collabora ~1GB). Bump so abra waits long enough for convergence.
"TIMEOUT": "900",
}
Reference in New Issue View Git Blame Copy Permalink