fix(runner): use user pressure guard for non110 keepalive [skip ci]
This commit is contained in:
@@ -12,6 +12,22 @@
|
||||
|
||||
**邊界**:只改 public Gitea queue readback parser / tests / LOGBOOK;未讀 token / secret / `.env` / raw sessions / SQLite / auth;未使用 GitHub / `gh` / GitHub API;未 workflow_dispatch;未新增 host write、未重啟主機、未 restart Docker / Nginx / K3s / DB / firewall。
|
||||
|
||||
## 2026-07-01 — 09:23 non-110 pressure guard user-level path correction
|
||||
|
||||
**照主線修正的問題**:
|
||||
- 188 live apply 讀回 `/usr/local/bin/awoooi-wait-host-web-build-pressure.sh` 不存在;嘗試用 `sudo -n` 安裝時回 `sudo: a password is required`,證明 user-level runner installer 不應預設依賴 root `/usr/local/bin`。
|
||||
- `ops/runner/install-awoooi-non110-runner-user-service.sh` 將 `PRESSURE_GUARD` 預設改為 `${RUNNER_HOME}/.local/bin/awoooi-wait-host-web-build-pressure.sh`,維持 fail-closed:guard 缺失時 runner / autostart / keepalive 不得啟動。
|
||||
- 測試改為依 `RUNNER_HOME` 計算 guard path,避免再次把 root-only 路徑寫死進 user service installer。
|
||||
- 188 已安裝 user-level guard 到 `/home/ollama/.local/bin/awoooi-wait-host-web-build-pressure.sh`,one-shot 回 `no host web/build/smoke pressure detected`;重新 apply installer 後讀回 `pressure_guard=/home/ollama/.local/bin/awoooi-wait-host-web-build-pressure.sh`、`SERVICE_START_PERFORMED=0`、`runner_token_read=false`、`raw_runner_registration_read=false`。
|
||||
|
||||
**驗證**:
|
||||
- `python3.11 -m pytest ops/runner/test_install_awoooi_non110_runner_user_service.py ops/runner/test_check_awoooi_non110_runner_readiness.py ops/runner/test_cd_controlled_runtime_profile.py -q` 通過(43 passed)。
|
||||
- `bash -n ops/runner/install-awoooi-non110-runner-user-service.sh ops/runner/check-awoooi-non110-runner-readiness.sh scripts/ci/wait-host-web-build-pressure.sh` 通過。
|
||||
- `python3.11 ops/runner/guard-gitea-runner-pressure.py --root .` 通過。
|
||||
- `git diff --check` 通過。
|
||||
|
||||
**邊界**:未讀 secret / token / `.env` / raw sessions / SQLite / auth;未讀 `.runner` 內容;未使用 GitHub / `gh` / GitHub API;未 workflow_dispatch;未重啟主機、未 restart Docker / Nginx / K3s / DB / firewall。
|
||||
|
||||
## 2026-07-01 — 09:18 non-110 runner runtime re-enable / queue no-matching cleared
|
||||
|
||||
**照主線修正的問題**:
|
||||
|
||||
@@ -27,7 +27,7 @@ CPU_QUOTA="${CPU_QUOTA:-200%}"
|
||||
MEMORY_HIGH="${MEMORY_HIGH:-6G}"
|
||||
MEMORY_MAX="${MEMORY_MAX:-8G}"
|
||||
TASKS_MAX="${TASKS_MAX:-512}"
|
||||
PRESSURE_GUARD="${PRESSURE_GUARD:-/usr/local/bin/awoooi-wait-host-web-build-pressure.sh}"
|
||||
PRESSURE_GUARD="${PRESSURE_GUARD:-${RUNNER_HOME}/.local/bin/awoooi-wait-host-web-build-pressure.sh}"
|
||||
PRESSURE_GUARD_ATTEMPTS="${PRESSURE_GUARD_ATTEMPTS:-1}"
|
||||
PRESSURE_GUARD_SLEEP_SECONDS="${PRESSURE_GUARD_SLEEP_SECONDS:-0}"
|
||||
|
||||
|
||||
@@ -95,13 +95,14 @@ def test_apply_with_existing_registration_does_not_start_runner(tmp_path: Path)
|
||||
assert "secret-token-like-content" not in result.stdout
|
||||
|
||||
unit_dir = tmp_path / "home/.config/systemd/user"
|
||||
pressure_guard = tmp_path / "home/.local/bin/awoooi-wait-host-web-build-pressure.sh"
|
||||
service = unit_dir / "awoooi-non110-runner.service"
|
||||
rollback = unit_dir / "awoooi-non110-runner-rollback.service"
|
||||
autostart = unit_dir / "awoooi-non110-runner-autostart.service"
|
||||
keepalive_service = unit_dir / "awoooi-non110-runner-keepalive.service"
|
||||
keepalive_timer = unit_dir / "awoooi-non110-runner-keepalive.timer"
|
||||
service_text = service.read_text(encoding="utf-8")
|
||||
assert "ExecStartPre=/usr/bin/test -x /usr/local/bin/awoooi-wait-host-web-build-pressure.sh" in service_text
|
||||
assert f"ExecStartPre=/usr/bin/test -x {pressure_guard}" in service_text
|
||||
assert "HOST_WEB_BUILD_PRESSURE_ATTEMPTS=1" in service_text
|
||||
assert "HOST_WEB_BUILD_PRESSURE_SLEEP_SECONDS=0" in service_text
|
||||
rollback_text = rollback.read_text(encoding="utf-8")
|
||||
@@ -114,7 +115,7 @@ def test_apply_with_existing_registration_does_not_start_runner(tmp_path: Path)
|
||||
encoding="utf-8"
|
||||
)
|
||||
keepalive_service_text = keepalive_service.read_text(encoding="utf-8")
|
||||
assert "ExecStart=/usr/bin/test -x /usr/local/bin/awoooi-wait-host-web-build-pressure.sh" in keepalive_service_text
|
||||
assert f"ExecStart=/usr/bin/test -x {pressure_guard}" in keepalive_service_text
|
||||
assert "HOST_WEB_BUILD_PRESSURE_ATTEMPTS=1" in keepalive_service_text
|
||||
assert "HOST_WEB_BUILD_PRESSURE_SLEEP_SECONDS=0" in keepalive_service_text
|
||||
assert "ExecStart=/usr/bin/systemctl --user daemon-reload" in keepalive_service_text
|
||||
@@ -123,7 +124,7 @@ def test_apply_with_existing_registration_does_not_start_runner(tmp_path: Path)
|
||||
in keepalive_service_text
|
||||
)
|
||||
assert "OnUnitInactiveSec=15s" in keepalive_timer.read_text(encoding="utf-8")
|
||||
assert "pressure_guard=/usr/local/bin/awoooi-wait-host-web-build-pressure.sh" in result.stdout
|
||||
assert f"pressure_guard={pressure_guard}" in result.stdout
|
||||
|
||||
log = (tmp_path / "systemctl.log").read_text(encoding="utf-8")
|
||||
assert "enable --now awoooi-non110-runner-autostart.path" not in log
|
||||
@@ -142,10 +143,11 @@ def test_enable_starts_runner_and_keepalive_without_printing_registration(
|
||||
|
||||
runner_dir = tmp_path / "home/act-runner-awoooi"
|
||||
assert (runner_dir / ".awoooi-non110-runner-enabled").exists()
|
||||
pressure_guard = tmp_path / "home/.local/bin/awoooi-wait-host-web-build-pressure.sh"
|
||||
service_text = (
|
||||
tmp_path / "home/.config/systemd/user/awoooi-non110-runner.service"
|
||||
).read_text(encoding="utf-8")
|
||||
assert "ExecStartPre=/usr/bin/test -x /usr/local/bin/awoooi-wait-host-web-build-pressure.sh" in service_text
|
||||
assert f"ExecStartPre=/usr/bin/test -x {pressure_guard}" in service_text
|
||||
assert "HOST_WEB_BUILD_PRESSURE_ATTEMPTS=1" in service_text
|
||||
log = (tmp_path / "systemctl.log").read_text(encoding="utf-8")
|
||||
assert "enable --now awoooi-non110-runner-keepalive.timer" in log
|
||||
|
||||
Reference in New Issue
Block a user