feat/socket-handler-test-coverage
5 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
| df821c8258 |
fix(ci): sop-tier-check gracefully handles empty/invalid token
Some checks failed
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 6s
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 11s
security-review / approved (pull_request) Failing after 12s
qa-review / approved (pull_request) Failing after 13s
CI / Detect changes (pull_request) Successful in 18s
E2E API Smoke Test / detect-changes (pull_request) Successful in 19s
sop-tier-check / tier-check (pull_request) Successful in 14s
Handlers Postgres Integration / detect-changes (pull_request) Successful in 18s
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 19s
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 19s
gate-check-v3 / gate-check (pull_request) Successful in 20s
CI / Platform (Go) (pull_request) Successful in 6s
CI / Canvas (Next.js) (pull_request) Successful in 5s
CI / Shellcheck (E2E scripts) (pull_request) Successful in 5s
CI / Python Lint & Test (pull_request) Successful in 4s
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Successful in 6s
E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 6s
CI / Canvas Deploy Reminder (pull_request) Has been skipped
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 9s
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 7s
CI / all-required (pull_request) Successful in 4s
audit-force-merge / audit (pull_request) Successful in 4s
SOP_FAIL_OPEN=1 was not preventing CI failures because three API calls with `set -euo pipefail` would abort the script before reaching the SOP_FAIL_OPEN exit block: 1. `WHOAMI=$(curl ... | jq -r ...)` — jq exits 1 on empty input, triggering set -e → script exits before SOP_FAIL_OPEN check. 2. `curl` for reviews — curl exits non-zero on 401 from empty token, triggering set -e → same problem. 3. `curl` for org teams list — same issue. Fix: add `|| true` to jq pipelines and `set +e` / `set -e` guards around curl calls that may fail with empty token. When SOP_FAIL_OPEN=1 and the token is invalid, the script now exits 0 instead of 1, preventing blocking CI failures on unconfigured runners. Refs: sop-tier-check failure on PRs #617, #621, #587, #562 |
|||
| 7a731f6b42 |
fix(runbooks): correct Gitea runner fetch timing facts (post-#457) (#478)
Some checks failed
Block internal-flavored paths / Block forbidden paths (push) Successful in 9s
Secret scan / Scan diff for credential-shaped strings (push) Successful in 8s
CI / Detect changes (push) Successful in 30s
E2E API Smoke Test / detect-changes (push) Successful in 28s
E2E Staging Canvas (Playwright) / detect-changes (push) Successful in 28s
Handlers Postgres Integration / detect-changes (push) Successful in 29s
Runtime PR-Built Compatibility / detect-changes (push) Successful in 30s
CI / Platform (Go) (push) Successful in 6s
CI / Shellcheck (E2E scripts) (push) Successful in 5s
CI / Canvas (Next.js) (push) Successful in 6s
CI / Python Lint & Test (push) Successful in 5s
CI / Canvas Deploy Reminder (push) Has been skipped
E2E Staging Canvas (Playwright) / Canvas tabs E2E (push) Successful in 6s
E2E API Smoke Test / E2E API Smoke Test (push) Successful in 6s
Handlers Postgres Integration / Handlers Postgres Integration (push) Successful in 5s
Runtime PR-Built Compatibility / PR-built wheel + import smoke (push) Successful in 5s
Sweep stale e2e-* orgs (staging) / Sweep e2e orgs (push) Successful in 3s
Staging SaaS smoke (every 30 min) / Staging SaaS smoke (push) Failing after 5m57s
Continuous synthetic E2E (staging) / Synthetic E2E against staging (push) Failing after 4m50s
Co-authored-by: Molecule AI Infra-SRE <infra-sre@agents.moleculesai.app> Co-committed-by: Molecule AI Infra-SRE <infra-sre@agents.moleculesai.app> |
|||
| 94b08ef0de |
docs(runbooks): add Gitea Actions operational quirks reference
Some checks failed
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 16s
Harness Replays / detect-changes (pull_request) Failing after 20s
Harness Replays / Harness Replays (pull_request) Has been skipped
E2E Staging Canvas (Playwright) / detect-changes (pull_request) Successful in 50s
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 19s
sop-tier-check / tier-check (pull_request) Successful in 25s
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 1m2s
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 8s
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) Successful in 8m35s
Documents four persistent operational findings from the 2026-05-11 Gitea migration and CI noise investigation: 1. Runner network isolation (git remote unreachable from container) 2. continue-on-error only works at step level, not job level 3. workflow_dispatch.inputs not supported 4. fetch-depth:0 on actions/checkout times out References PR #441 (harness-replays detect-changes fix) and Task #173 (pre-clone manifest deps pattern). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> |
|||
| ae30cdef87 |
refactor(ci): drop "canary-" prefix → staging-smoke/staging-verify (Hongming directive 2026-05-11) (#443)
Some checks failed
Block internal-flavored paths / Block forbidden paths (push) Successful in 13s
Lint curl status-code capture / Scan workflows for curl status-capture pollution (push) Successful in 11s
CI / Detect changes (push) Successful in 35s
E2E API Smoke Test / detect-changes (push) Successful in 43s
E2E Staging Canvas (Playwright) / detect-changes (push) Successful in 45s
publish-workspace-server-image / build-and-push (push) Failing after 17s
Handlers Postgres Integration / detect-changes (push) Successful in 52s
Secret scan / Scan diff for credential-shaped strings (push) Successful in 14s
publish-canvas-image / Build & push canvas image (push) Failing after 44s
Runtime PR-Built Compatibility / detect-changes (push) Successful in 43s
Ops Scripts Tests / Ops scripts (unittest) (push) Successful in 51s
CI / Platform (Go) (push) Successful in 7s
CI / Canvas (Next.js) (push) Successful in 8s
CI / Python Lint & Test (push) Successful in 7s
Handlers Postgres Integration / Handlers Postgres Integration (push) Successful in 8s
CI / Shellcheck (E2E scripts) (push) Successful in 17s
E2E Staging Canvas (Playwright) / Canvas tabs E2E (push) Successful in 10s
Sweep stale e2e-* orgs (staging) / Sweep e2e orgs (push) Successful in 13s
Runtime PR-Built Compatibility / PR-built wheel + import smoke (push) Successful in 6s
Sweep stale AWS Secrets Manager secrets / Sweep AWS Secrets Manager (push) Failing after 12s
E2E Staging SaaS (full lifecycle) / E2E Staging SaaS (push) Failing after 5m9s
CI / Canvas Deploy Reminder (push) Has been skipped
E2E API Smoke Test / E2E API Smoke Test (push) Failing after 3m25s
Staging SaaS smoke (every 30 min) / Staging SaaS smoke (push) Failing after 4m48s
Continuous synthetic E2E (staging) / Synthetic E2E against staging (push) Failing after 4m57s
Co-authored-by: claude-ceo-assistant <claude-ceo-assistant@agents.moleculesai.app> Co-committed-by: claude-ceo-assistant <claude-ceo-assistant@agents.moleculesai.app> |
|||
dev-lead
|
f0745619d2 |
ci: retire 6 .github/workflows GitHub-only files + add migration runbook (RFC internal#219 §1, Category B)
Sweep companion to PR#372 + PR#378 (Cat A). These six .github/workflows files depend on GitHub-specific surface that Gitea does not provide: - auto-tag-runtime.yml — superseded by .gitea/publish-runtime-autobump.yml for patch bumps. Release:minor/major label-driven bumps are lost; follow-up issue suggested if anyone uses them. - branch-protection-drift.yml — drift_check.sh + apply.sh target Molecule-AI/molecule-core via `gh api` against GitHub's branch-protection schema. Gitea's schema differs; rebuilding is out of scope. Follow-up issue needed. - check-merge-group-trigger.yml — file's own header documents this is a structural no-op on Gitea (no merge queue, no `merge_group:` event type, no gh-readonly-queue refs). - codeql.yml — file's own header documents CodeQL Action incompatibility (github/codeql-action hits api.github.com bundle endpoints not implemented by Gitea). Per Hongming decision 2026-05-07 task #156 CodeQL is non-blocking until Gitea-compatible SAST lands. - pr-guards.yml — file's own header documents that Gitea has no `gh pr merge --auto` primitive; guard is a no-op. Branch protection on main doesn't require the pr-guards check name. - promote-latest.yml — uses imjasonh/setup-crane against ghcr.io, which was retired during the 2026-05-06 migration in favor of ECR (per canary-verify.yml header notes). Workflow has nothing left to retag. Also adds runbooks/gitea-actions-migration-checklist.md documenting: - Four-surface audit pattern (feedback_gitea_actions_migration_audit_pattern) - Category A/B/C/D file lists with rationale - Verification steps after all sweep PRs land - Cross-link to follow-up issues (label-driven bumps, Gitea-compatible drift detection, ECR-based promote) Branch protection check: required status checks on main are only `Secret scan / Scan diff for credential-shaped strings (pull_request)` and `sop-tier-check / tier-check (pull_request)`. No deleted file's job name appears in required_status_checks. DO NOT MERGE without orchestrator-dispatched Five-Axis review + @hongmingwang chat-go. Cross-links: - RFC: molecule-ai/internal#219 - Companion: PR#372 (ci.yml port), PR#378 (Cat A mirrored deletions) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> |
