docs(awooop): record t3 ansible deployment

This commit is contained in:
Your Name
2026-05-13 04:03:48 +08:00
parent 07000dae3a
commit f61747aeac
2 changed files with 25 additions and 4 deletions

View File

@@ -31,8 +31,8 @@
- T0Truth-chain read-only API 完成、部署、production smoke 完成。
- T1Channel Event hardening 完成、部署、production smoke 完成。
- T2legacy MCP audit bridge / backfill / truth-chain visibility 完成、部署、production smoke 完成first-class Gateway enforced path 仍待後續 wave。
- T3Ansible first-class audit contract / truth-chain 可見性完成;尚未把 approval execution path 寫入 Ansible dry-run/check-mode。
- 下一步:推版後觀察 `run-migration`,確認新增 migration 與 audit seed 都通過
- T3Ansible first-class audit contract / truth-chain 可見性完成、已部署;尚未把 approval execution path 寫入 Ansible dry-run/check-mode。
- 下一步:T3 第二段接 decision / approval execution 的 Ansible check-mode audit row仍不直接 apply
**production push 追加**
- Gitea `run-migration` run `1933` 顯示 migration 本體已成功:
@@ -41,7 +41,23 @@
- `'{\"psql\": 1, \"gitea_ci\": 1}'::jsonb`
- PostgreSQL 回 `invalid input syntax for type json`
- 已修 `.gitea/workflows/run-migration.yml`tools JSON 改為 `'{"psql": 1, "gitea_ci": 1}'::jsonb`
- 因本次 migration 已套用但 audit row 失敗,需補 production `asset_discovery_run` 稽核記錄,並以下一個 migration push 驗證 workflow live gate。
- 補 production `asset_discovery_run` repair audit row
- `triggered_by=codex:gitea-migration-audit-repair`
- `summary.type=ci_migration_manual_repair`
- `summary.commit_sha=ca80972dc73cb647f8fab3bf9439784c4b8eef7b`
- Production DB constraint 驗證:`automation_operation_log_type_valid` 已包含全部 `ansible_*` operation types。
- CD 部署:
- `07000dae chore(cd): deploy ca80972 [skip ci]`
- API/Web/Worker image 均為 `ca80972dc73cb647f8fab3bf9439784c4b8eef7b`
- rollout success。
- Truth-chain smokeB6C589
- `truth_status=manual_required/blocked`
- `mcp_gateway_total=8`
- `execution.ansible.considered=false`
- `execution.ansible.records=0`
- `not_used_reason=no automation_operation_log row with Ansible operation type, tag, or executor backend for this source`
- `audit_contract.schema_version=ansible_executor_audit_v1`
- Caveat下一個 migration push 仍需 live 驗證 `run-migration` audit seed 是否完全通過;本輪 workflow 修正後沒有新的 migration 觸發可重跑。
## 2026-05-12 | run-migration audit seed 再修正

View File

@@ -1919,7 +1919,12 @@ Phase 6 完成後
**production 追加**
- Gitea `run-migration` run `1933``adr090d_ansible_operation_types.sql` 已成功套用,含 owner fallback。
- 同 run 的 `Seed asset_discovery_run (audit)` 仍失敗;新根因是 unquoted heredoc 下 tools JSON literal 還寫成 `'{\"psql\": 1, \"gitea_ci\": 1}'::jsonb`PostgreSQL 視為非法 JSON。
- 後續修正workflow tools JSON literal 改成 `'{"psql": 1, "gitea_ci": 1}'::jsonb`;仍需補寫本次 migration audit row並用下一個 migration push 驗證 live gate
- 後續修正workflow tools JSON literal 改成 `'{"psql": 1, "gitea_ci": 1}'::jsonb`
- 已補 production `asset_discovery_run` repair audit row`ci_migration_manual_repair` / `commit_sha=ca80972dc73cb647f8fab3bf9439784c4b8eef7b`)。
- Production DB constraint 已確認包含全部 `ansible_*` operation types。
- CD 已部署 `ca80972d` imagedeploy marker `07000dae`API/Web/Worker rollout success。
- B6C589 truth-chain smoke`manual_required/blocked``mcp_gateway_total=8``execution.ansible.considered=false``records=0`、not_used_reason 清楚顯示沒有 Ansible audit record。
- 下一個 migration push 仍需驗證 `run-migration` audit seed live gate因本輪 workflow 修正後未再新增 migration 觸發重跑。
---