From 6d1edf666cc98ca4ff2fc63665246a80b94014a2 Mon Sep 17 00:00:00 2001 From: Your Name Date: Thu, 2 Jul 2026 22:34:59 +0800 Subject: [PATCH] fix(cd): keep telegram coverage on controlled profile --- .gitea/workflows/cd.yaml | 6 ++++++ docs/LOGBOOK.md | 21 +++++++++++++++++++ .../test_cd_controlled_runtime_profile.py | 12 +++++++++++ 3 files changed, 39 insertions(+) diff --git a/.gitea/workflows/cd.yaml b/.gitea/workflows/cd.yaml index c22883697..881d55372 100644 --- a/.gitea/workflows/cd.yaml +++ b/.gitea/workflows/cd.yaml @@ -474,6 +474,8 @@ jobs: ;; apps/api/src/services/telegram_alert_ai_automation_matrix.py) ;; + apps/api/src/services/telegram_alert_monitoring_coverage_readback.py) + ;; apps/api/src/services/telegram_gateway.py) ;; apps/api/tests/test_agent_replay_normalizer.py) @@ -552,6 +554,8 @@ jobs: ;; apps/api/tests/test_telegram_alert_ai_automation_matrix_api.py) ;; + apps/api/tests/test_telegram_alert_monitoring_coverage_readback_api.py) + ;; apps/api/tests/e2e_network_test.py) ;; apps/api/tests/test_p0_cicd_baseline_source_readiness_api.py) @@ -905,6 +909,7 @@ jobs: src/services/product_awoooi_manifest_standard.py \ src/services/platform_operator_service.py \ src/services/telegram_alert_ai_automation_matrix.py \ + src/services/telegram_alert_monitoring_coverage_readback.py \ src/services/telegram_gateway.py python3.11 -m py_compile \ ../../scripts/reboot-recovery/dr-escrow-evidence-checklist.py \ @@ -1005,6 +1010,7 @@ jobs: tests/test_awoooi_priority_work_order_readback_api.py \ tests/test_alertmanager_webhook_metrics.py \ tests/test_telegram_alert_ai_automation_matrix_api.py \ + tests/test_telegram_alert_monitoring_coverage_readback_api.py \ tests/e2e_network_test.py::TestHMACVerification::test_valid_hmac_signature \ tests/test_p0_cicd_baseline_source_readiness_api.py \ tests/test_product_awoooi_manifest_standard_api.py \ diff --git a/docs/LOGBOOK.md b/docs/LOGBOOK.md index a0b14dc70..f35e30adb 100644 --- a/docs/LOGBOOK.md +++ b/docs/LOGBOOK.md @@ -53381,3 +53381,24 @@ production browser smoke: **下一步**: - commit / push 到 Gitea main;等 CD / deploy marker 後,正式讀 `/api/v1/agents/telegram-alert-monitoring-coverage-readback`,再依 active blockers 推 metadata-only live receipt ingestion、貼標、分群與 KM / RAG / MCP / PlayBook context writeback。 + +## 2026-07-02 — Telegram monitoring coverage CD profile 修正 + +**完成內容**: +- Gitea CD `#4462` 讀回 `fb86e2d37` 被 changed-file classifier 誤送 `full` profile,實際失敗點是 `BLOCKER b5_docker_socket_unavailable`,不是 Telegram monitoring coverage API / UI 測試失敗。 +- `.gitea/workflows/cd.yaml` 已把 `telegram_alert_monitoring_coverage_readback.py` 與 `test_telegram_alert_monitoring_coverage_readback_api.py` 納入 controlled-runtime source allowlist、`py_compile` 與 focused pytest 清單,避免 narrow Telegram coverage patch 再落入 B5 Docker/socket DB lane。 +- `ops/runner/test_cd_controlled_runtime_profile.py` 新增回歸測試,固定 Telegram monitoring coverage 來源必須留在 controlled-runtime profile。 + +**本地驗證結果**: +- `python3.11 -m pytest ops/runner/test_cd_controlled_runtime_profile.py -q -p no:cacheprovider`:`48 passed`。 +- `python3.11 -c "import yaml; yaml.safe_load(open('.gitea/workflows/cd.yaml', encoding='utf-8')); print('cd yaml ok')"`:通過。 +- `python3 ops/runner/guard-gitea-runner-pressure.py --root .`:`GITEA_RUNNER_PRESSURE_GUARD_OK workflow_files=12 scheduled_workflows=4 auto_branch_events_on_110=0 generic_runner_labels=0`。 +- `git diff --check`:通過。 + +**仍維持**: +- 沒有讀 secret / runner token / `.runner` 內容 / `.env` / raw sessions / SQLite / auth。 +- 沒有使用 GitHub / gh / GitHub API / GitHub Actions。 +- 沒有重啟主機,沒有 Docker / Nginx / K3s / DB / firewall restart,沒有 workflow_dispatch,沒有 DROP / TRUNCATE / restore / prune。 + +**下一步**: +- commit / push 到 Gitea main,讀回新 CD;deploy marker 出現後驗證 `/api/v1/agents/telegram-alert-monitoring-coverage-readback` 與 AwoooP Runs / Work Items / Alerts shared panel。 diff --git a/ops/runner/test_cd_controlled_runtime_profile.py b/ops/runner/test_cd_controlled_runtime_profile.py index 8a7cf4368..4c5dbe029 100644 --- a/ops/runner/test_cd_controlled_runtime_profile.py +++ b/ops/runner/test_cd_controlled_runtime_profile.py @@ -254,6 +254,18 @@ def test_telegram_alert_ai_automation_matrix_stays_on_controlled_runtime_profile assert source in text +def test_telegram_alert_monitoring_coverage_stays_on_controlled_runtime_profile() -> None: + text = _workflow_text() + expected_sources = [ + "apps/api/src/services/telegram_alert_monitoring_coverage_readback.py)", + "apps/api/tests/test_telegram_alert_monitoring_coverage_readback_api.py)", + "src/services/telegram_alert_monitoring_coverage_readback.py", + "tests/test_telegram_alert_monitoring_coverage_readback_api.py", + ] + for source in expected_sources: + assert source in text + + def test_alertmanager_webhook_metrics_stays_on_controlled_runtime_profile() -> None: text = _workflow_text() expected_sources = [