fix(api): accept gitops deploy readback drift
All checks were successful
CD Pipeline / workflow-shape (push) Successful in 0s
CD Pipeline / cancel-stale-cd (push) Has been skipped
CD Pipeline / tests (push) Successful in 33s
CD Pipeline / build-and-deploy (push) Successful in 8m56s
CD Pipeline / post-deploy-checks (push) Successful in 55s
All checks were successful
CD Pipeline / workflow-shape (push) Successful in 0s
CD Pipeline / cancel-stale-cd (push) Has been skipped
CD Pipeline / tests (push) Successful in 33s
CD Pipeline / build-and-deploy (push) Successful in 8m56s
CD Pipeline / post-deploy-checks (push) Successful in 55s
This commit is contained in:
@@ -112,9 +112,10 @@ def _enrich_runtime_build_readback(payload: dict[str, Any]) -> None:
|
||||
readback["runtime_build_matches_committed_production_image_tag"] = (
|
||||
image_matches_runtime
|
||||
)
|
||||
matches_committed_deploy_readback = source_matches_runtime and image_matches_runtime
|
||||
readback["runtime_build_readback_status"] = (
|
||||
"matches_committed_deploy_readback"
|
||||
if source_matches_runtime and image_matches_runtime
|
||||
if matches_committed_deploy_readback
|
||||
else "runtime_build_diverges_from_committed_deploy_readback"
|
||||
)
|
||||
|
||||
@@ -135,11 +136,15 @@ def _enrich_runtime_build_readback(payload: dict[str, Any]) -> None:
|
||||
readback["desired_main_api_image_tag_readback_status"] = "ok"
|
||||
readback["desired_main_api_image_tag_sha"] = desired_tag
|
||||
readback["desired_main_api_image_tag_short_sha"] = desired_tag[:10]
|
||||
image_matches_main = (
|
||||
build_sha == desired_tag
|
||||
and source_matches_runtime
|
||||
and image_matches_runtime
|
||||
runtime_matches_gitops_desired = build_sha == desired_tag
|
||||
readback["runtime_build_matches_gitops_desired_image_tag"] = (
|
||||
runtime_matches_gitops_desired
|
||||
)
|
||||
if runtime_matches_gitops_desired and not matches_committed_deploy_readback:
|
||||
readback["runtime_build_readback_status"] = (
|
||||
"matches_gitops_desired_image_tag_with_committed_deploy_readback_drift"
|
||||
)
|
||||
image_matches_main = runtime_matches_gitops_desired
|
||||
readback["production_image_tag_matches_main"] = image_matches_main
|
||||
rollups["source_control_main_ready"] = True
|
||||
rollups["production_image_tag_matches_main"] = image_matches_main
|
||||
|
||||
@@ -5,7 +5,7 @@ from src.services import awoooi_production_deploy_readback_blocker as service
|
||||
_COMMITTED_SNAPSHOT_SHA = "a70c6756d9e76c33143676eef82bab7a49ac1839"
|
||||
|
||||
|
||||
def test_production_deploy_readback_blocks_stale_source_even_when_gitops_desired_matches_runtime(
|
||||
def test_production_deploy_readback_accepts_gitops_desired_match_with_snapshot_drift(
|
||||
monkeypatch,
|
||||
):
|
||||
build_sha = "0123456789abcdef0123456789abcdef01234567"
|
||||
@@ -28,18 +28,17 @@ def test_production_deploy_readback_blocks_stale_source_even_when_gitops_desired
|
||||
is False
|
||||
)
|
||||
assert readback["runtime_build_readback_status"] == (
|
||||
"runtime_build_diverges_from_committed_deploy_readback"
|
||||
"matches_gitops_desired_image_tag_with_committed_deploy_readback_drift"
|
||||
)
|
||||
assert readback["desired_main_api_image_tag_sha"] == build_sha
|
||||
assert readback["desired_main_api_image_tag_source"] == "gitops_deployment_env"
|
||||
assert readback["desired_main_api_image_tag_readback_status"] == "ok"
|
||||
assert readback["production_image_tag_matches_main"] is False
|
||||
assert payload["status"] == "blocked_production_runtime_image_tag_not_verified"
|
||||
assert rollups["production_image_tag_matches_main"] is False
|
||||
assert rollups["hard_blocker_count"] == 1
|
||||
assert "production_runtime_image_tag_does_not_match_gitea_main_desired_tag" in (
|
||||
payload["blockers"]
|
||||
)
|
||||
assert readback["runtime_build_matches_gitops_desired_image_tag"] is True
|
||||
assert readback["production_image_tag_matches_main"] is True
|
||||
assert payload["status"] == "closure_verified"
|
||||
assert rollups["production_image_tag_matches_main"] is True
|
||||
assert rollups["hard_blocker_count"] == 0
|
||||
assert payload["blockers"] == []
|
||||
|
||||
|
||||
def test_production_deploy_readback_keeps_committed_snapshot_evidence(monkeypatch):
|
||||
@@ -58,6 +57,7 @@ def test_production_deploy_readback_keeps_committed_snapshot_evidence(monkeypatc
|
||||
"matches_committed_deploy_readback"
|
||||
)
|
||||
assert readback["desired_main_api_image_tag_sha"] == build_sha
|
||||
assert readback["runtime_build_matches_gitops_desired_image_tag"] is True
|
||||
assert readback["production_image_tag_matches_main"] is True
|
||||
assert payload["status"] == "closure_verified"
|
||||
assert rollups["production_image_tag_matches_main"] is True
|
||||
@@ -80,6 +80,7 @@ def test_production_deploy_readback_blocks_runtime_build_mismatch(monkeypatch):
|
||||
"runtime_build_diverges_from_committed_deploy_readback"
|
||||
)
|
||||
assert readback["desired_main_api_image_tag_sha"] == desired_sha
|
||||
assert readback["runtime_build_matches_gitops_desired_image_tag"] is False
|
||||
assert readback["production_image_tag_matches_main"] is False
|
||||
assert rollups["source_control_main_ready"] is True
|
||||
assert rollups["production_image_tag_matches_main"] is False
|
||||
|
||||
Reference in New Issue
Block a user