fix(ci): add confirm:true to redeploy-fleet callers (cp#228 contract) #1595

Merged

infra-sre merged 1 commits from fix/redeploy-fleet-confirm-callers into main 2026-05-20 08:15:07 +00:00

Conversation 2 Commits 1 Files Changed 5

+55 -3

infra-sre commented 2026-05-20 08:06:53 +00:00

Member

Copy Link

Copy Source

Summary

Follow-up to molecule-controlplane#228 (merge SHA 44317b0, task #308). CP /cp/admin/tenants/redeploy-fleet now requires explicit ack of fleet-wide intent — empty body / {confirm:false} / {only_slugs:[]} → 400 instead of silently rolling every live tenant.

All 4 molecule-core callers of redeploy-fleet are fleet-wide intent (canary + fan-out, no slug scoping), so this PR adds confirm: true to each request body. Without this PR, the next invocation of any of these workflows after the new CP image becomes live will 400 and break prod auto-deploy.

Callers updated

#	Workflow	Trigger	Body source	Intent	Change
1	.gitea/workflows/publish-workspace-server-image.yml	push:main (prod auto-deploy)	.gitea/scripts/prod-auto-deploy.py plan	fleet-wide	confirm: True in prod-auto-deploy.py body dict
2	.gitea/workflows/redeploy-tenants-on-main.yml	manual / scheduled prod fleet redeploy	inline jq -n	fleet-wide	confirm: true in inline body
3	.gitea/workflows/redeploy-tenants-on-staging.yml	staging fleet redeploy on workspace-server push:main + workflow_dispatch	inline jq -n	fleet-wide (staging is canary)	confirm: true in inline body
4	.gitea/workflows/staging-verify.yml	post-staging-green :latest promotion to prod	inline jq -n	fleet-wide (canary + fan-out)	confirm: true in inline body

Survey was exhaustive — grep -rn 'redeploy-fleet' .gitea/workflows/ .github/workflows/ scripts/ tools/ shows the 4 callers above plus comment-only references in sweep-stale-e2e-orgs.yml (both .gitea/ and .github/ copies) and a doc-comment in scripts/staging-smoke.sh — no other callers need updating. No caller in molecule-core scopes by slug; per-tenant ops happen via the manual CP admin curl, not these workflows.

Test plan

• python3 -m pytest .gitea/scripts/tests/test_prod_auto_deploy.py -q → 10 passed
• python3 -m pytest .gitea/scripts/tests/ -q → 136 passed
• python3 .gitea/scripts/lint-workflow-yaml.py --workflow-dir .gitea/workflows → 59 files, 0 fatal
• python3 .gitea/scripts/lint-curl-status-capture.py → clean
• New regression test test_build_plan_always_sets_confirm_true_for_fleet_intent pins that operator-overridable knobs (soak, batch, dry_run, canary slug) do NOT drop the ack.
• Workflow-level body shape mirrors cp#228's TestRedeployFleet_ConfirmTrueProceeds (target_tag + confirm:true). Pairs with TestRedeployFleet_EmptyBodyReturns400.
• Post-merge manual verify: exercise each workflow once after deploy and confirm 200 (not 400):
  • publish-workspace-server-image: next push to main triggers it automatically.
  • redeploy-tenants-on-main: workflow_dispatch.
  • redeploy-tenants-on-staging: workflow_dispatch (set dry_run=true).
  • staging-verify: next staging-smoke green run triggers the promote step.

Risk

• Mis-classification risk (fleet-wide vs slug-scoped): reviewed — every caller above is fleet-wide intent by design (canary + fan-out, no only_slugs field). Wrong classification would redeploy unintended tenants; correct classification per workflow comment-headers and body shape (canary_slug + batch_size shape == fleet-wide).
• Sequencing: cp#228 (44317b0) merged 07:48Z; publish-cp-image (run 86729) completed Success at 07:50Z. Per feedback_image_promote_is_not_user_live, contract is NOT live until Railway pulls the new :latest CP image and restarts the CP container. The 4 callers in this PR don't fire automatically until the next push:main / dispatch / staging-smoke run, so there's headroom. This PR lands before the next caller invocation.

References

• molecule-controlplane#228 (44317b0ecf0f0143dac0964deb76797e6b383044): contract enforcement.
• task #308: surfaced empty-body fleet-wide mutation 2026-05-20 (aa375b1f).
• task #182: sibling theme (POST /cp/admin/orgs hardening).
• feedback_image_promote_is_not_user_live: image-push ≠ live (CP container restart on new pin required).

## Summary Follow-up to **molecule-controlplane#228** (merge SHA `44317b0`, task #308). CP `/cp/admin/tenants/redeploy-fleet` now requires explicit ack of fleet-wide intent — empty body / `{confirm:false}` / `{only_slugs:[]}` → **400** instead of silently rolling every live tenant. All 4 molecule-core callers of `redeploy-fleet` are **fleet-wide intent** (canary + fan-out, no slug scoping), so this PR adds `confirm: true` to each request body. Without this PR, the next invocation of any of these workflows after the new CP image becomes live will 400 and break prod auto-deploy. ## Callers updated | # | Workflow | Trigger | Body source | Intent | Change | |---|---|---|---|---|---| | 1 | `.gitea/workflows/publish-workspace-server-image.yml` | `push:main` (prod auto-deploy) | `.gitea/scripts/prod-auto-deploy.py plan` | fleet-wide | `confirm: True` in `prod-auto-deploy.py` body dict | | 2 | `.gitea/workflows/redeploy-tenants-on-main.yml` | manual / scheduled prod fleet redeploy | inline `jq -n` | fleet-wide | `confirm: true` in inline body | | 3 | `.gitea/workflows/redeploy-tenants-on-staging.yml` | staging fleet redeploy on workspace-server push:main + `workflow_dispatch` | inline `jq -n` | fleet-wide (staging is canary) | `confirm: true` in inline body | | 4 | `.gitea/workflows/staging-verify.yml` | post-staging-green `:latest` promotion to prod | inline `jq -n` | fleet-wide (canary + fan-out) | `confirm: true` in inline body | **Survey was exhaustive** — `grep -rn 'redeploy-fleet' .gitea/workflows/ .github/workflows/ scripts/ tools/` shows the 4 callers above plus comment-only references in `sweep-stale-e2e-orgs.yml` (both `.gitea/` and `.github/` copies) and a doc-comment in `scripts/staging-smoke.sh` — no other callers need updating. **No caller in molecule-core scopes by slug**; per-tenant ops happen via the manual CP admin curl, not these workflows. ## Test plan - [x] `python3 -m pytest .gitea/scripts/tests/test_prod_auto_deploy.py -q` → **10 passed** - [x] `python3 -m pytest .gitea/scripts/tests/ -q` → **136 passed** - [x] `python3 .gitea/scripts/lint-workflow-yaml.py --workflow-dir .gitea/workflows` → 59 files, 0 fatal - [x] `python3 .gitea/scripts/lint-curl-status-capture.py` → clean - New regression test `test_build_plan_always_sets_confirm_true_for_fleet_intent` pins that operator-overridable knobs (soak, batch, dry_run, canary slug) do NOT drop the ack. - Workflow-level body shape mirrors cp#228's `TestRedeployFleet_ConfirmTrueProceeds` (target_tag + confirm:true). Pairs with `TestRedeployFleet_EmptyBodyReturns400`. - **Post-merge manual verify:** exercise each workflow once after deploy and confirm 200 (not 400): - publish-workspace-server-image: next push to main triggers it automatically. - redeploy-tenants-on-main: workflow_dispatch. - redeploy-tenants-on-staging: workflow_dispatch (set `dry_run=true`). - staging-verify: next staging-smoke green run triggers the promote step. ## Risk - **Mis-classification risk (fleet-wide vs slug-scoped):** reviewed — every caller above is fleet-wide intent by design (canary + fan-out, no `only_slugs` field). Wrong classification would redeploy unintended tenants; correct classification per workflow comment-headers and body shape (`canary_slug` + `batch_size` shape == fleet-wide). - **Sequencing:** cp#228 (44317b0) merged 07:48Z; publish-cp-image (run 86729) completed Success at 07:50Z. Per `feedback_image_promote_is_not_user_live`, contract is NOT live until Railway pulls the new `:latest` CP image and restarts the CP container. The 4 callers in this PR don't fire automatically until the next push:main / dispatch / staging-smoke run, so there's headroom. This PR lands before the next caller invocation. ## References - molecule-controlplane#228 (`44317b0ecf0f0143dac0964deb76797e6b383044`): contract enforcement. - task #308: surfaced empty-body fleet-wide mutation 2026-05-20 (aa375b1f). - task #182: sibling theme (POST /cp/admin/orgs hardening). - `feedback_image_promote_is_not_user_live`: image-push ≠ live (CP container restart on new pin required).

infra-sre added 1 commit 2026-05-20 08:06:54 +00:00

fix(ci): add confirm:true to redeploy-fleet callers (cp#228 contract) ... 356b0f5cac

CP /cp/admin/tenants/redeploy-fleet now requires explicit
acknowledgement of fleet-wide intent (cp#228 / task #308): empty body
/ {confirm:false} / {only_slugs:[]} return 400 instead of silently
mutating every live tenant. Surfaced 2026-05-20 by aa375b1f, which
sent {} and rolled agents-team + chloe-dong + hongming all at once.

All 4 molecule-core callers of redeploy-fleet are fleet-wide intent
(canary + fan-out, no slug scoping), so this PR adds confirm:true to
each request body:

  1. publish-workspace-server-image.yml (production auto-deploy on
     push:main) — body built by .gitea/scripts/prod-auto-deploy.py;
     confirm:true added there.
  2. redeploy-tenants-on-main.yml (manual/scheduled prod fleet
     redeploy) — inline jq -n body, confirm:true added.
  3. redeploy-tenants-on-staging.yml (staging fleet redeploy on
     workspace-server push:main + workflow_dispatch) — inline jq -n
     body, confirm:true added.
  4. staging-verify.yml (post-staging-green :latest promotion to
     prod) — inline jq -n body, confirm:true added.

No caller in molecule-core scopes by slug (only_slugs); per-tenant
ops happen via the manual CP admin curl, not via these workflows.
Comment-only references in sweep-stale-e2e-orgs.yml (both .gitea/
and .github/ copies) describe redeploy-fleet's auto-rollout — no
caller change needed.

Tests:
- .gitea/scripts/tests/test_prod_auto_deploy.py:
    * Existing test_build_plan_defaults_to_staging_sha_target_and_prod_cp
      updated to assert confirm=True in the default plan body.
    * New test_build_plan_always_sets_confirm_true_for_fleet_intent
      regression-pins that operator-overridable knobs (soak, batch,
      dry_run, canary slug) do NOT drop the ack.
    * All 10 prod-auto-deploy tests pass (.gitea/scripts/tests/ 136 pass).
- Workflow-level body shape mirrored 1:1 with cp#228's
  TestRedeployFleet_ConfirmTrueProceeds (target_tag + confirm:true).
  Pairs with cp#228's TestRedeployFleet_EmptyBodyReturns400.
- lint-workflow-yaml.py clean (59 files, 0 fatal); curl-status-capture
  lint clean.

Sequencing context:
- cp#228 (44317b0) merged 07:48Z; publish-cp-image (run 86729)
  completed Success at 07:50Z, pushing CP image to ECR with the new
  contract.
- Per feedback_image_promote_is_not_user_live, contract is NOT live
  until Railway pulls the new :latest CP image and restarts the CP
  container — image-push ≠ live. The 4 callers in this PR don't fire
  automatically until the next push:main (publish-workspace-server,
  redeploy-tenants-on-main) or staging-smoke pipeline (staging-verify,
  redeploy-tenants-on-staging), so there's headroom. This PR lands
  before the next caller invocation to avoid a 400.

Author independence:
- This PR is in molecule-core; cp#228 author was devops-engineer.
  Using infra-sre persona here keeps molecule-core-side review math
  clean (no same-author-as-cp#228 entanglement in this repo's review
  pool).

References:
- cp#228 (44317b0ecf0f0143dac0964deb76797e6b383044): contract
  enforcement (internal/handlers/admin_redeploy.go +25, provisioner
  +9, 4 contract tests +154).
- task #308: surfaced empty-body fleet-wide mutation.
- feedback_image_promote_is_not_user_live: image-push ≠ live.

infra-sre added the tier:low label 2026-05-20 08:11:16 +00:00

core-devops approved these changes 2026-05-20 08:14:19 +00:00

core-devops left a comment

Member

Copy Link

Copy Source

APPROVED — devops/CI five-axis review of mc#1595

Scope: Adds confirm: true to all 4 fleet-wide callers of CP /cp/admin/tenants/redeploy-fleet to satisfy the new contract landed in cp#228 (44317b0, task #308). Without this PR, the next invocation of any of these workflows after the new CP image becomes user-live will 400 and break the prod auto-deploy path.

Axis 1 — Correctness vs cp#228 contract:
Verified internal/handlers/admin_redeploy.go (cp@44317b0) line 188: if len(req.OnlySlugs) == 0 && !req.Confirm returns 400. With this PR every caller now sends confirm: true in its body (or prod-auto-deploy.py body dict), so the gate evaluates as (0 == 0) && !true = false → proceeds.

Axis 2 — Intent classification (fleet-wide vs slug-scoped):
Walked all 4 callers. None scope by only_slugs. Each has fleet semantics: publish-workspace-server-image rolls every live tenant on push:main; redeploy-tenants-on-main rolls the entire prod fleet with canary + fan-out; redeploy-tenants-on-staging rolls the entire staging fleet (staging IS the canary); staging-verify promotes :latest across the prod fleet after staging-green. Classification is correct: confirm: true is the right shape for all four.

Axis 3 — Survey completeness:
Ran grep -rn 'redeploy-fleet' .gitea/workflows/ .github/workflows/ scripts/ tools/ against the branch — only the 4 named callers actually POST to the endpoint. sweep-stale-e2e-orgs.yml (both .gitea/ and .github/ copies) and scripts/staging-smoke.sh reference redeploy-fleet in doc-comments only. Nothing else to update.

Axis 4 — Test posture:

• New test_build_plan_always_sets_confirm_true_for_fleet_intent regression-pins the body shape against operator-knob overrides (soak/batch/dry_run/canary slug).
• Existing test_build_plan_defaults_to_staging_sha_target_and_prod_cp updated to assert confirm: True in the default body.
• .gitea/scripts/tests/ 136/136 pass.
• lint-workflow-yaml.py 59 files, 0 fatal.
• lint-curl-status-capture.py clean.
• Workflow-level body shape mirrors cp#228's TestRedeployFleet_ConfirmTrueProceeds (target_tag + confirm:true → 200).

Axis 5 — Risk + sequencing:
Per feedback_image_promote_is_not_user_live: cp#228 merged 07:48Z and publish-cp-image (run 86729) completed Success at 07:50Z, but the contract isn't user-live until Railway pulls the new :latest and CP container restarts on the new pin. None of the 4 callers in this PR fire automatically until the next push:main / staging-smoke green / workflow_dispatch — so there's headroom. Worst-case blast if classification is wrong: redeploy 400s and fails fast (loud, reversible), NOT a silent fleet-wide mutation.

Devops scope clear, infra ack from core-devops (engineers team). Independent of cp#228 author (devops-engineer) and this PR's author (infra-sre).

APPROVED — devops/CI five-axis review of mc#1595 **Scope:** Adds `confirm: true` to all 4 fleet-wide callers of CP `/cp/admin/tenants/redeploy-fleet` to satisfy the new contract landed in cp#228 (`44317b0`, task #308). Without this PR, the next invocation of any of these workflows after the new CP image becomes user-live will 400 and break the prod auto-deploy path. **Axis 1 — Correctness vs cp#228 contract:** Verified `internal/handlers/admin_redeploy.go` (cp@44317b0) line 188: `if len(req.OnlySlugs) == 0 && !req.Confirm` returns 400. With this PR every caller now sends `confirm: true` in its body (or `prod-auto-deploy.py` body dict), so the gate evaluates as `(0 == 0) && !true` = false → proceeds. **Axis 2 — Intent classification (fleet-wide vs slug-scoped):** Walked all 4 callers. None scope by `only_slugs`. Each has fleet semantics: `publish-workspace-server-image` rolls every live tenant on push:main; `redeploy-tenants-on-main` rolls the entire prod fleet with canary + fan-out; `redeploy-tenants-on-staging` rolls the entire staging fleet (staging IS the canary); `staging-verify` promotes `:latest` across the prod fleet after staging-green. Classification is correct: `confirm: true` is the right shape for all four. **Axis 3 — Survey completeness:** Ran `grep -rn 'redeploy-fleet' .gitea/workflows/ .github/workflows/ scripts/ tools/` against the branch — only the 4 named callers actually POST to the endpoint. `sweep-stale-e2e-orgs.yml` (both `.gitea/` and `.github/` copies) and `scripts/staging-smoke.sh` reference `redeploy-fleet` in doc-comments only. Nothing else to update. **Axis 4 — Test posture:** - New `test_build_plan_always_sets_confirm_true_for_fleet_intent` regression-pins the body shape against operator-knob overrides (soak/batch/dry_run/canary slug). - Existing `test_build_plan_defaults_to_staging_sha_target_and_prod_cp` updated to assert `confirm: True` in the default body. - `.gitea/scripts/tests/` 136/136 pass. - `lint-workflow-yaml.py` 59 files, 0 fatal. - `lint-curl-status-capture.py` clean. - Workflow-level body shape mirrors cp#228's `TestRedeployFleet_ConfirmTrueProceeds` (`target_tag` + `confirm:true` → 200). **Axis 5 — Risk + sequencing:** Per `feedback_image_promote_is_not_user_live`: cp#228 merged 07:48Z and publish-cp-image (run 86729) completed Success at 07:50Z, but the contract isn't user-live until Railway pulls the new `:latest` and CP container restarts on the new pin. None of the 4 callers in this PR fire automatically until the next push:main / staging-smoke green / workflow_dispatch — so there's headroom. Worst-case blast if classification is wrong: redeploy 400s and fails fast (loud, reversible), NOT a silent fleet-wide mutation. Devops scope clear, infra ack from core-devops (engineers team). Independent of cp#228 author (devops-engineer) and this PR's author (infra-sre).

core-qa approved these changes 2026-05-20 08:14:45 +00:00

core-qa left a comment

Member

Copy Link

Copy Source

APPROVED — QA five-axis review of mc#1595

Scope: Adds confirm: true to molecule-core's 4 fleet-wide callers of CP /cp/admin/tenants/redeploy-fleet, satisfying the new contract from cp#228 (44317b0, task #308). Same blast surface as the aa375b1f forensic (2026-05-20 empty {} body redeployed agents-team + chloe-dong + hongming).

Axis 1 — Contract pairing:
Walked cp@44317b0's 4 contract tests:

• TestRedeployFleet_EmptyBodyReturns400 — bare {} → 400, no SSM (matches pre-PR shape, this PR removes that path).
• TestRedeployFleet_ConfirmTrueProceeds — {confirm:true, target_tag} → 200, request forwarded with Confirm=true (matches post-PR shape).
• TestRedeployFleet_OnlySlugsProceeds — N/A for this PR (no caller scopes by slug).
• TestRedeployFleet_EmptyOnlySlugsWithoutConfirmReturns400 — N/A.

This PR's body shapes mirror TestRedeployFleet_ConfirmTrueProceeds exactly. Contract pairing is sound.

Axis 2 — Test additions:

• test_build_plan_always_sets_confirm_true_for_fleet_intent: regression-pin against operator-knob overrides (soak/batch/dry_run/canary slug). Asserts the ack does NOT drop when knobs are tuned. This is the right level of guard — pins the contract pair at the python build_plan boundary.
• test_build_plan_defaults_to_staging_sha_target_and_prod_cp updated to expect confirm: True in default body (existing test, additive assertion, no other behavior change).
• Full suite: 136/136 pass under pytest .gitea/scripts/tests/.

Axis 3 — Survey:
Independently ran grep -rn 'redeploy-fleet' .gitea/workflows/ .github/workflows/ scripts/ tools/. Confirmed the 4 named callers are exhaustive: publish-workspace-server-image.yml (via prod-auto-deploy.py), redeploy-tenants-on-main.yml, redeploy-tenants-on-staging.yml, staging-verify.yml. Other matches are doc-comments only (sweep-stale-e2e-orgs.yml x2, scripts/staging-smoke.sh). No missed callers.

Axis 4 — Intent classification spot-check:
Walked each workflow's body shape:

• All 4 use canary_slug + soak_seconds + batch_size (fleet-wide canary + fan-out pattern). None set only_slugs. Classification as confirm: true (fleet-wide) is correct.
• No workflow operates on a known specific tenant — they're all fleet-rollout flows triggered by image-publish events.

Axis 5 — Lint posture:

• lint-workflow-yaml.py: 59 files, 0 fatal.
• lint-curl-status-capture.py: clean (no -w into stdout pollution; existing fix shape preserved).
• prod-auto-deploy.py body-dict insertion preserves field order/sorting (no jq breakage downstream).
• jq -nc body construction in 3 workflows uses bare confirm: true literal (no --argjson needed; jq evaluates the literal).

Sequencing note:
Per feedback_image_promote_is_not_user_live: cp#228 image-push at 07:50Z is NOT the same as user-live. The 4 callers only fire on next push:main / staging-smoke / dispatch, so there's headroom for this PR to land before the next caller invocation.

QA scope clear from core-qa (qa + engineers team).

APPROVED — QA five-axis review of mc#1595 **Scope:** Adds `confirm: true` to molecule-core's 4 fleet-wide callers of CP `/cp/admin/tenants/redeploy-fleet`, satisfying the new contract from cp#228 (`44317b0`, task #308). Same blast surface as the aa375b1f forensic (2026-05-20 empty `{}` body redeployed agents-team + chloe-dong + hongming). **Axis 1 — Contract pairing:** Walked cp@44317b0's 4 contract tests: - `TestRedeployFleet_EmptyBodyReturns400` — bare `{}` → 400, no SSM (matches pre-PR shape, this PR removes that path). - `TestRedeployFleet_ConfirmTrueProceeds` — `{confirm:true, target_tag}` → 200, request forwarded with Confirm=true (matches post-PR shape). - `TestRedeployFleet_OnlySlugsProceeds` — N/A for this PR (no caller scopes by slug). - `TestRedeployFleet_EmptyOnlySlugsWithoutConfirmReturns400` — N/A. This PR's body shapes mirror `TestRedeployFleet_ConfirmTrueProceeds` exactly. Contract pairing is sound. **Axis 2 — Test additions:** - `test_build_plan_always_sets_confirm_true_for_fleet_intent`: regression-pin against operator-knob overrides (soak/batch/dry_run/canary slug). Asserts the ack does NOT drop when knobs are tuned. This is the right level of guard — pins the contract pair at the python build_plan boundary. - `test_build_plan_defaults_to_staging_sha_target_and_prod_cp` updated to expect `confirm: True` in default body (existing test, additive assertion, no other behavior change). - Full suite: 136/136 pass under `pytest .gitea/scripts/tests/`. **Axis 3 — Survey:** Independently ran `grep -rn 'redeploy-fleet' .gitea/workflows/ .github/workflows/ scripts/ tools/`. Confirmed the 4 named callers are exhaustive: `publish-workspace-server-image.yml` (via prod-auto-deploy.py), `redeploy-tenants-on-main.yml`, `redeploy-tenants-on-staging.yml`, `staging-verify.yml`. Other matches are doc-comments only (`sweep-stale-e2e-orgs.yml` x2, `scripts/staging-smoke.sh`). No missed callers. **Axis 4 — Intent classification spot-check:** Walked each workflow's body shape: - All 4 use `canary_slug` + `soak_seconds` + `batch_size` (fleet-wide canary + fan-out pattern). None set `only_slugs`. Classification as `confirm: true` (fleet-wide) is correct. - No workflow operates on a known specific tenant — they're all fleet-rollout flows triggered by image-publish events. **Axis 5 — Lint posture:** - lint-workflow-yaml.py: 59 files, 0 fatal. - lint-curl-status-capture.py: clean (no -w into stdout pollution; existing fix shape preserved). - prod-auto-deploy.py body-dict insertion preserves field order/sorting (no jq breakage downstream). - jq -nc body construction in 3 workflows uses bare `confirm: true` literal (no `--argjson` needed; jq evaluates the literal). **Sequencing note:** Per `feedback_image_promote_is_not_user_live`: cp#228 image-push at 07:50Z is NOT the same as user-live. The 4 callers only fire on next push:main / staging-smoke / dispatch, so there's headroom for this PR to land before the next caller invocation. QA scope clear from core-qa (qa + engineers team).

infra-sre merged commit 349d3a5ca7 into main 2026-05-20 08:15:07 +00:00

infra-sre referenced this issue from a commit 2026-05-20 08:15:09 +00:00

fix(ci): add confirm:true to redeploy-fleet callers (cp#228 contract) (#1595)

Sign in to join this conversation.

Reviewers

No Reviewers

core-devops

core-qa

Labels

Clear labels

area/ci

CI/CD pipeline issues

kind/infrastructure

Infrastructure-related issues

merge-queue

Ready for serialized Gitea merge queue

merge-queue-hold

Temporarily hold PR in merge queue

platform/go

Go platform test issues

release-blocker

Blocks the staging→main promotion / a release

release-test

security

test-label-sre

tier:high

High risk per dev-sop §SOP-6 — ceo only, 24h cooldown

tier:low

Low risk per dev-sop §SOP-6 — engineers/managers/ceo can approve

tier:medium

Medium risk per dev-sop §SOP-6 — managers/ceo can approve

triage-test

test

No Label tier:low

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

agent-dev-a agent-dev-b agent-pm agent-researcher agent-reviewer app-fe (Molecule AI · app-fe) app-lead (Molecule AI · app-lead) app-qa (Molecule AI · app-qa) claude-ceo-assistant claude-ci-reader claude-status-reaper core-be (Molecule AI · core-be) core-devops (Molecule AI · core-devops) core-fe (Molecule AI · core-fe) core-lead (Molecule AI · core-lead) core-offsec (Molecule AI · core-offsec) core-qa (Molecule AI · core-qa) core-security (Molecule AI · core-security) core-uiux (Molecule AI · core-uiux) cp-be (Molecule AI · cp-be) cp-lead (Molecule AI · cp-lead) cp-qa (Molecule AI · cp-qa) cp-security (Molecule AI · cp-security) cui (Zhanlin Cui) dev-lead (Molecule AI · dev-lead) devops-engineer documentation-specialist (Molecule AI · documentation-specialist) fullstack-engineer (Molecule AI · fullstack-engineer) hongming hongming-ceo-delegated hongming-codex-laptop hongming-kimi-laptop hongming-pc2 infra-lead (Molecule AI · infra-lead) infra-runtime-be (Molecule AI · infra-runtime-be) infra-sre (Molecule AI · infra-sre) integration-tester (Molecule AI · integration-tester) mc-drift-bot molecule-code-reviewer plugin-dev (Molecule AI · plugin-dev) pm publish-runtime-bot pypi-publisher (Molecule AI PyPI Publisher (RFC#596)) release-manager (Molecule AI · release-manager) sdk-dev (Molecule AI · sdk-dev) sdk-lead (Molecule AI · sdk-lead) sop-drift-bot sop-tier-bot (SOP Tier-Check Bot) technical-writer (Molecule AI · technical-writer) triage-operator (Molecule AI · triage-operator)

No Assignees

3 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: molecule-ai/molecule-core#1595