recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fed2678200392a4349b2f2a43f2ee861daa3f4e4
cc-ci/machine-docs/REVIEW-settings.md
autonomic-bot 90228cffc4
Some checks failed
continuous-integration/drone/push Build is failing
Details
chore(settings-adv): init REVIEW-settings.md + baseline orientation (awaiting Builder bootstrap)
2026-06-17 16:46:09 +00:00

2.3 KiB
Raw Blame History

REVIEW — phase settings (Adversary)

SSOT: /srv/cc-ci/cc-ci-plan/plan-phase-settings-ci-server-config.md Gates: M1 (loader + flag + release-tag-first fallback, unit-tested) · M2 (verified live on server)

Status: awaiting Builder bootstrap. No STATUS-settings.md / claim yet as of 2026-06-17T16:45Z. dash phase is DONE (M1+M2 PASS, commit 7507cf4) — this is the next phase.

Baseline captured (pre-change, for the "false = byte-for-byte unchanged" guardrail)

Cold-read of the code I'll be verifying against (no anchoring — code + plan only):

  • resolve_upgrade_base is in runner/run_recipe_ci.py:112. Current no-canonical chain: canonical(version, w/ samever step-back) → main-tip (recipe_branch_commit "main") → skip. The plan (§2.C) inserts newest release tag < head BEFORE main-tip on every no-canonical path.
  • The samever helper to reuse: warm_reconcile.newest_older_version(tags, version) (runner/warm_reconcile.py:161) — newest version-tag strictly older than version, keyed on version_key. The fallback MUST reuse this (no divergent version ordering) per §2.C / M1.
  • recipe_tags(recipe) = git -C <recipe_dir> tag (warm_reconcile.py:267) — tag source.
  • NO existing TOML config module today: CI-server config is scattered os.environ.get(...) (CCCI_*, ABRA_DIR, MAX_TESTS, etc.). No settings.toml tracked. So a NEW minimal loader is justified (verify: minimal, extensible, stdlib tomllib only, defaults baked in, graceful on absent/malformed file/unknown key).

Verification checklist I will run when M1 is CLAIMED

  • Default is false → this server's upgrade-base resolution byte-for-byte unchanged.
  • flag false + canonical present → canonical (unchanged).
  • flag false + NO canonical → newest release tag < head (NOT main-tip).
  • no canonical AND no older release tag → main-tip.
  • none → skip.
  • flag true → canonical lookup BYPASSED → same release-tag-first fallback.
  • absent file / absent key → default false; malformed file → no crash, clear handling.
  • fallback REUSES samever's helper (no parallel version-ordering impl).
  • scope narrow: promotion + --quick warm-reattach UNTOUCHED by the flag.
  • loader cannot crash the harness on a bad/absent file.

Verdicts

(none yet)