docs(awooop): record t3 ansible deployment
This commit is contained in:
@@ -31,8 +31,8 @@
|
||||
- T0:Truth-chain read-only API 完成、部署、production smoke 完成。
|
||||
- T1:Channel Event hardening 完成、部署、production smoke 完成。
|
||||
- T2:legacy MCP audit bridge / backfill / truth-chain visibility 完成、部署、production smoke 完成;first-class Gateway enforced path 仍待後續 wave。
|
||||
- T3:Ansible first-class audit contract / truth-chain 可見性完成;尚未把 approval execution path 寫入 Ansible dry-run/check-mode。
|
||||
- 下一步:推版後觀察 `run-migration`,確認新增 migration 與 audit seed 都通過。
|
||||
- T3:Ansible first-class audit contract / truth-chain 可見性完成、已部署;尚未把 approval execution path 寫入 Ansible dry-run/check-mode。
|
||||
- 下一步:T3 第二段接 decision / approval execution 的 Ansible check-mode audit row,仍不直接 apply。
|
||||
|
||||
**production push 追加**:
|
||||
- Gitea `run-migration` run `1933` 顯示 migration 本體已成功:
|
||||
@@ -41,7 +41,23 @@
|
||||
- `'{\"psql\": 1, \"gitea_ci\": 1}'::jsonb`
|
||||
- PostgreSQL 回 `invalid input syntax for type json`。
|
||||
- 已修 `.gitea/workflows/run-migration.yml`:tools JSON 改為 `'{"psql": 1, "gitea_ci": 1}'::jsonb`。
|
||||
- 因本次 migration 已套用但 audit row 失敗,需補 production `asset_discovery_run` 稽核記錄,並以下一個 migration push 驗證 workflow live gate。
|
||||
- 已補 production `asset_discovery_run` repair audit row:
|
||||
- `triggered_by=codex:gitea-migration-audit-repair`
|
||||
- `summary.type=ci_migration_manual_repair`
|
||||
- `summary.commit_sha=ca80972dc73cb647f8fab3bf9439784c4b8eef7b`
|
||||
- Production DB constraint 驗證:`automation_operation_log_type_valid` 已包含全部 `ansible_*` operation types。
|
||||
- CD 部署:
|
||||
- `07000dae chore(cd): deploy ca80972 [skip ci]`
|
||||
- API/Web/Worker image 均為 `ca80972dc73cb647f8fab3bf9439784c4b8eef7b`
|
||||
- rollout success。
|
||||
- Truth-chain smoke(B6C589):
|
||||
- `truth_status=manual_required/blocked`
|
||||
- `mcp_gateway_total=8`
|
||||
- `execution.ansible.considered=false`
|
||||
- `execution.ansible.records=0`
|
||||
- `not_used_reason=no automation_operation_log row with Ansible operation type, tag, or executor backend for this source`
|
||||
- `audit_contract.schema_version=ansible_executor_audit_v1`
|
||||
- Caveat:下一個 migration push 仍需 live 驗證 `run-migration` audit seed 是否完全通過;本輪 workflow 修正後沒有新的 migration 觸發可重跑。
|
||||
|
||||
## 2026-05-12 | run-migration audit seed 再修正
|
||||
|
||||
|
||||
@@ -1919,7 +1919,12 @@ Phase 6 完成後
|
||||
**production 追加**:
|
||||
- Gitea `run-migration` run `1933`:`adr090d_ansible_operation_types.sql` 已成功套用,含 owner fallback。
|
||||
- 同 run 的 `Seed asset_discovery_run (audit)` 仍失敗;新根因是 unquoted heredoc 下 tools JSON literal 還寫成 `'{\"psql\": 1, \"gitea_ci\": 1}'::jsonb`,PostgreSQL 視為非法 JSON。
|
||||
- 後續修正:workflow tools JSON literal 改成 `'{"psql": 1, "gitea_ci": 1}'::jsonb`;仍需補寫本次 migration audit row,並用下一個 migration push 驗證 live gate。
|
||||
- 後續修正:workflow tools JSON literal 改成 `'{"psql": 1, "gitea_ci": 1}'::jsonb`。
|
||||
- 已補 production `asset_discovery_run` repair audit row(`ci_migration_manual_repair` / `commit_sha=ca80972dc73cb647f8fab3bf9439784c4b8eef7b`)。
|
||||
- Production DB constraint 已確認包含全部 `ansible_*` operation types。
|
||||
- CD 已部署 `ca80972d` image,deploy marker `07000dae`;API/Web/Worker rollout success。
|
||||
- B6C589 truth-chain smoke:`manual_required/blocked`、`mcp_gateway_total=8`、`execution.ansible.considered=false`、`records=0`、not_used_reason 清楚顯示沒有 Ansible audit record。
|
||||
- 下一個 migration push 仍需驗證 `run-migration` audit seed live gate,因本輪 workflow 修正後未再新增 migration 觸發重跑。
|
||||
|
||||
---
|
||||
|
||||
|
||||
Reference in New Issue
Block a user