recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fc16250db2363c1aa1db56b294a18a85ddb04af4
cc-ci/JOURNAL-bsky.md

50 lines
3.1 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# JOURNAL — phase bsky
## 2026-06-11T11:31Z11:55Z — bootstrap + root-cause diagnosis (B1, B2)
Phase start. Read plan-phase-bsky-fix.md + plan.md §6.1/§7/§9. Adversary seeded
REVIEW-bsky.md (8d5bf30) with cold baseline recon — same suspects I confirmed below.
**Diagnosis chain (commands + outputs):**
1. Mirror clone (b2d86ef): `compose.yml` pins `image: ghcr.io/bluesky-social/pds:0.4`,
overrides entrypoint (`dumb-init --` + config-mounted `/entrypoint.sh`);
`entrypoint.sh.tmpl` ends `exec node --enable-source-maps index.js` — relative path,
resolved against image WORKDIR.
2. Live image inspection on cc-ci:
`docker image inspect ghcr.io/bluesky-social/pds:0.4 --format "{{.Id}} created={{.Created}} workdir={{.Config.WorkingDir}} ... cmd={{.Config.Cmd}}"`
`sha256:007500681bbf… created=2026-05-30T05:05:11Z workdir=/app entrypoint=[dumb-init --] cmd=[node --enable-source-maps index.ts]`
`docker run --rm --entrypoint sh ghcr.io/bluesky-social/pds:0.4 -c 'node --version; ls /app'`
`v24.15.0` / `index.ts node_modules package.json pnpm-lock.yaml`**no index.js**.
`grep @atproto/pds /app/package.json``"@atproto/pds": "0.5.1"`; /usr/local/bin/goat present.
So `:0.4` is now a main-branch 0.5.1 build → recipe's `index.js` exec = MODULE_NOT_FOUND.
This precisely explains the rcust-era crash-loop evidence (Node v24.15.0 in traceback).
3. Upstream research:
- ghcr tags/list (paginated): exact tags …0.4.158, 0.4.169, 0.4.182, 0.4.188, 0.4.193,
0.4.204, 0.4.208, 0.4.219, plus anomalous 0.4.5001. `:0.4` digest `871194d2…` ==
`latest`, ≠ `0.4.219` (`e0b756701c92…`) → :0.4 republished past the release line.
- Dockerfile@v0.4.219: node:20.20-alpine3.23, WORKDIR /app, CMD index.js, dumb-init.
- Dockerfile@main: node:24.15-alpine3.23, CMD index.ts, + goat binary — matches what
`:0.4` now contains. GitHub `releases/latest` 404s (they only push git tags).
- service/package.json@v0.4.219: `"@atproto/pds": "0.4.219"`.
4. Candidate-fix image verified on cc-ci:
`docker run --rm --entrypoint sh ghcr.io/bluesky-social/pds:0.4.219 -c 'node --version; ls /app; grep @atproto/pds /app/package.json; which dumb-init'`
`v20.20.2` / index.js present / `"@atproto/pds": "0.4.219"` / `/usr/bin/dumb-init`.
Image CMD `[node --enable-source-maps index.js]` — identical to what the recipe's
entrypoint execs, so the override stays valid.
**Why pin 0.4.219 and not chase 0.5.1 (rationale, summarized in DECISIONS.md):** 0.5.1
exists only as the moving `:0.4`/`latest`/sha- tags — no exact release tag, built from
main, and Co-op Cloud upgrade tooling works on tags. Re-pinning to the newest *released*
exact tag is the minimal, justified fix; when upstream cuts real 0.5.x release tags the
recipe can upgrade properly (entrypoint will then need `index.ts` + Node 24 — noted in
upstream registry).
Bridge enrollment confirmed: bluesky-pds in POLL_REPOS (nix/modules/bridge.nix:43) →
`!testme` works. Mirror has only closed PR#1 (skill smoke test); my fix → PR#2.
Next: DECISIONS entry (B3), mirror branch + PR (B4), !testme (B5).
Reference in New Issue View Git Blame Copy Permalink