docs(logbook): record harbor non110 readback [skip ci]
This commit is contained in:
@@ -1,17 +1,18 @@
|
||||
## 2026-07-01 — 09:18 non-110 runner controlled apply / B5 Docker socket fail-fast
|
||||
## 2026-07-01 — 09:14 non-110 runner controlled apply / Harbor remote control-channel / B5 Docker socket fail-fast
|
||||
|
||||
**照主線修正的問題**:
|
||||
- Gitea main 已到 `4aaa95c44 fix(runner): keep non110 service alive after registration`,但最新 CD `#4208` 先因 `awoooi-non110-host` waiting 卡住;188 verifier 回 registration / config / binary ready、service inactive、keepalive timer active。
|
||||
- 執行 188 user-level controlled apply:`AWOOOI_NON110_ENABLE=1 ... install-awoooi-non110-runner-user-service.sh --enable`,讀回 service `ActiveState=active`、`MainPID=3380348`、keepalive timer active、`runner_token_read=false`、`raw_runner_registration_read=false`。
|
||||
- apply 後 verifier 回 `AWOOOI_NON110_RUNNER_READY=1`、`BLOCKER_COUNT=0`,CD `#4208` 從 Waiting 進 Running;之後 tests job 失敗點不是 runner,而是 B5 容器內 Docker socket 權限不足,`pg-test-b5` 無法啟動 / 解析,導致 `tests/integration/test_b5_core_flows.py` setup 全部 `socket.gaierror`。
|
||||
- apply 後 verifier 回 `AWOOOI_NON110_RUNNER_READY=1`、`BLOCKER_COUNT=0`;本輪 live queue 再讀回 `controlled_profile_no_matching_runner_label_count=0`,剩餘主線 blocker 收斂為 `harbor-110-local-repair.yaml` 舊 `awoooi-host` no-matching runner;之後 CD tests job 失敗點不是 runner,而是 B5 容器內 Docker socket 權限不足,`pg-test-b5` 無法啟動 / 解析,導致 `tests/integration/test_b5_core_flows.py` setup 全部 `socket.gaierror`。
|
||||
- `.gitea/workflows/cd.yaml` 的 B5 full profile 補上 `set -euo pipefail`、`docker info` fail-fast blocker、Postgres readiness gate 與 B5 test container `--user 0:0`,避免 Docker socket 不可用時繼續跑 pytest 產生模糊 DB socket error。
|
||||
- `.gitea/workflows/harbor-110-local-repair.yaml` 從已無 matching runner 的 `awoooi-host` 改為 `awoooi-non110-host`,再用 bounded SSH control channel 進 110 執行既有 `recover-110-control-path-and-harbor-local.sh`;若 110 SSH 不通,會明確回 `harbor_110_remote_control_channel_unavailable`,不再讓 queue 停在 no-matching runner。
|
||||
- `ops/runner/test_cd_controlled_runtime_profile.py` 補 B5 Docker socket / DB network fail-fast shape test,並把 Harbor repair workflow 測試對齊現行 non-110 bounded SSH control-channel source truth;未恢復 110 legacy / generic runner。
|
||||
|
||||
**驗證**:
|
||||
- `python3.11 -m pytest ops/runner/test_cd_controlled_runtime_profile.py -q --tb=short -p no:cacheprovider` 通過(34 passed)。
|
||||
- `python3.11 -m pytest ops/runner/test_cd_controlled_runtime_profile.py ops/runner/test_guard_gitea_runner_pressure.py ops/runner/test_check_awoooi_non110_runner_readiness.py -q` 通過(43 passed)。
|
||||
- `DATABASE_URL='postgresql+asyncpg://awoooi:awoooi_test_2026@127.0.0.1:5432/awoooi_test' python3.11 -m pytest ops/runner/test_read_public_gitea_actions_queue.py apps/api/tests/test_harbor_registry_controlled_recovery_receipt.py ops/runner/test_verify_awoooi_non110_cd_closure.py -q` 通過(56 passed)。
|
||||
- `python3.11 ops/runner/guard-gitea-runner-pressure.py --root .` 通過,`auto_branch_events_on_110=0`、`generic_runner_labels=0`。
|
||||
- `node scripts/ci/check-gitea-step-env-secrets.js` 通過。
|
||||
- `node scripts/ci/check-gitea-step-env-secrets.js .gitea/workflows/cd.yaml .gitea/workflows/harbor-110-local-repair.yaml` 通過。
|
||||
- `git diff --check` 通過。
|
||||
|
||||
**邊界**:本輪只對 188 user-level non-110 runner service 做 allowlisted controlled apply,未讀 token / secret / `.env` / raw sessions / SQLite / auth,未讀 `.runner` 內容,未使用 GitHub / `gh` / GitHub API,未 workflow_dispatch,未重啟主機、未 restart Docker / Nginx / K3s / DB / firewall;110 Harbor 下一步是讓 non-110 repair lane 跑 bounded SSH control channel,若 SSH 仍不通則以 receipt 形式收斂 blocker。
|
||||
|
||||
Reference in New Issue
Block a user