fix(cd): keep startup recovery on controlled profile
Some checks failed
CD Pipeline / workflow-shape (push) Successful in 0s
CD Pipeline / cancel-stale-cd (push) Has been skipped
CD Pipeline / tests (push) Successful in 31s
CD Pipeline / post-deploy-checks (push) Has been cancelled
CD Pipeline / build-and-deploy (push) Has been cancelled
Some checks failed
CD Pipeline / workflow-shape (push) Successful in 0s
CD Pipeline / cancel-stale-cd (push) Has been skipped
CD Pipeline / tests (push) Successful in 31s
CD Pipeline / post-deploy-checks (push) Has been cancelled
CD Pipeline / build-and-deploy (push) Has been cancelled
This commit is contained in:
@@ -518,6 +518,8 @@ jobs:
|
||||
;;
|
||||
scripts/reboot-recovery/harbor-watchdog.sh)
|
||||
;;
|
||||
scripts/reboot-recovery/awoooi-startup-110.sh)
|
||||
;;
|
||||
scripts/reboot-recovery/diagnose-110-ssh-publickey-auth.sh)
|
||||
;;
|
||||
scripts/reboot-recovery/repair-110-ssh-publickey-auth-local.sh)
|
||||
@@ -710,6 +712,7 @@ jobs:
|
||||
../../scripts/reboot-recovery/full-stack-cold-start-check.sh \
|
||||
../../scripts/reboot-recovery/full-stack-recovery-scorecard.sh \
|
||||
../../scripts/reboot-recovery/harbor-watchdog.sh \
|
||||
../../scripts/reboot-recovery/awoooi-startup-110.sh \
|
||||
../../scripts/reboot-recovery/diagnose-110-ssh-publickey-auth.sh \
|
||||
../../scripts/reboot-recovery/repair-110-ssh-publickey-auth-local.sh \
|
||||
../../scripts/reboot-recovery/verify-cold-start-monitor-deploy.sh \
|
||||
|
||||
@@ -1,3 +1,16 @@
|
||||
## 2026-06-30 — 21:34 110 startup recovery changes stay on controlled-runtime CD profile
|
||||
|
||||
**照主線修正的問題**:
|
||||
- Gitea CD `#4078` 在 `fix(recovery): open controlled drain lane after guardrails` 後未進 Harbor login,tests job 跑到 full B5 真 DB integration 並因 socket / DB setup error 失敗。
|
||||
- Root cause 是 `scripts/reboot-recovery/awoooi-startup-110.sh` 屬於 110 runner / recovery guard source,但尚未列入 `.gitea/workflows/cd.yaml` 的 controlled-runtime allowlist;recovery-only 變更因此被錯送 full profile。
|
||||
- 已把 `awoooi-startup-110.sh` 加入 controlled-runtime changed-file allowlist 與 `bash -n` 檢查,並補 `ops/runner/test_cd_controlled_runtime_profile.py` 斷言,讓後續 110 runner guard/repair source 變更不再觸發 B5。
|
||||
|
||||
**驗證**:
|
||||
- `pytest ops/runner/test_cd_controlled_runtime_profile.py -q` 通過。
|
||||
- `python3.11 ops/runner/guard-gitea-runner-pressure.py --root .`、`node scripts/ci/check-gitea-step-env-secrets.js`、`git diff --check` 通過。
|
||||
|
||||
**邊界**:只改 CD profile / profile test / LOGBOOK;未讀 secret / token / `.env` / raw sessions / SQLite / auth;未使用 GitHub / `gh` / GitHub API;未 workflow_dispatch;未 SSH / Docker / Nginx / K3s / DB / firewall runtime 寫入。
|
||||
|
||||
## 2026-06-30 — 21:23 Harbor 110 repair `awoooi-host` runner blocker closure readback
|
||||
|
||||
**照主線修正的問題**:
|
||||
|
||||
@@ -456,6 +456,7 @@ def test_reboot_auto_recovery_slo_sources_stay_on_controlled_runtime_profile() -
|
||||
"scripts/reboot-recovery/full-stack-cold-start-check.sh)",
|
||||
"scripts/reboot-recovery/full-stack-recovery-scorecard.sh)",
|
||||
"scripts/reboot-recovery/harbor-watchdog.sh)",
|
||||
"scripts/reboot-recovery/awoooi-startup-110.sh)",
|
||||
"scripts/reboot-recovery/diagnose-110-ssh-publickey-auth.sh)",
|
||||
"scripts/reboot-recovery/repair-110-ssh-publickey-auth-local.sh)",
|
||||
"scripts/reboot-recovery/verify-cold-start-monitor-deploy.sh)",
|
||||
@@ -499,6 +500,7 @@ def test_post_start_recovery_verifiers_stay_on_controlled_runtime_profile() -> N
|
||||
"../../scripts/reboot-recovery/full-stack-cold-start-check.sh",
|
||||
"../../scripts/reboot-recovery/full-stack-recovery-scorecard.sh",
|
||||
"../../scripts/reboot-recovery/harbor-watchdog.sh",
|
||||
"../../scripts/reboot-recovery/awoooi-startup-110.sh",
|
||||
"../../scripts/reboot-recovery/diagnose-110-ssh-publickey-auth.sh",
|
||||
"../../scripts/reboot-recovery/repair-110-ssh-publickey-auth-local.sh",
|
||||
"../../scripts/reboot-recovery/verify-cold-start-monitor-deploy.sh",
|
||||
|
||||
Reference in New Issue
Block a user