f6cc29ca2e
Some checks failed
CI / Detect changes (pull_request) CI bypass: infra#241
CI / Platform (Go) (pull_request) CI bypass: infra#241
CI / Canvas (Next.js) (pull_request) CI bypass: infra#241
E2E API Smoke Test / detect-changes (pull_request) Successful in 1m3s
Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 14s
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 46s
Ops Scripts Tests / Ops scripts (unittest) (pull_request) Successful in 54s
E2E Staging SaaS (full lifecycle) / E2E Staging SaaS (pull_request) CI bypass: E2E SaaS test flaky/infra issue, infra#241 Gitea runners cannot reach external deps
E2E API Smoke Test / E2E API Smoke Test (pull_request) CI bypass: infra#241
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) CI bypass: infra#241
E2E Staging Canvas (Playwright) / Canvas tabs E2E (pull_request) CI bypass: infra#241
E2E Staging Canvas (Playwright) / detect-changes (pull_request) CI bypass: infra#241
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) CI bypass: infra#241
Handlers Postgres Integration / detect-changes (pull_request) CI bypass: infra#241
Block internal-flavored paths / Block forbidden paths (pull_request) CI bypass: infra#241
CI / Shellcheck (E2E scripts) (pull_request) CI bypass: infra#241
Secret scan / Scan diff for credential-shaped strings (pull_request) CI bypass: infra#241
sop-tier-check / tier-check (pull_request) CI bypass: infra#241
CI / Canvas Deploy Reminder (pull_request) Has been skipped
CI / Python Lint & Test (pull_request) Failing after 8m15s
Per Hongming directive 2026-05-11 09:08Z: "canary naming changed to
staging for all, if there are some left overs should change too."
The "canary-" prefix was a redundant modifier on workflow files that
already targeted staging. The deployment-STRATEGY concept (a small
subset of staging tenants gets the new image first, the rest follow
on green) stays — only the workflow IDENTITY and the secret store
keys feeding it are renamed.
## Renamed surfaces
Files (git mv preserves history):
- .gitea/workflows/canary-staging.yml → staging-smoke.yml
- .gitea/workflows/canary-verify.yml → staging-verify.yml
- scripts/canary-smoke.sh → scripts/staging-smoke.sh
Secret-store keys (consumed by .gitea/workflows/staging-verify.yml +
scripts/staging-smoke.sh — secrets don't exist in any store yet, so
this rename is rename-first-safe per the audit Section C "truly
missing" classification):
- secrets.CANARY_TENANT_URLS → secrets.MOLECULE_STAGING_TENANT_URLS
- secrets.CANARY_ADMIN_TOKENS → secrets.MOLECULE_STAGING_ADMIN_TOKENS
- secrets.CANARY_CP_SHARED_SECRET → secrets.MOLECULE_STAGING_CP_SHARED_SECRET
Env flag (test_staging_full_saas.sh + the 2 workflows that invoke it):
- E2E_MODE=canary → E2E_MODE=smoke
(legacy "canary" alias retained for one rollout cycle; remove after
one week of no-old-value observations)
Slug prefix (test_staging_full_saas.sh + teardown safety nets in
staging-smoke.yml + e2e-staging-sanity.yml):
- e2e-canary-{date}-* → e2e-smoke-{date}-*
(dual-prefix fallback in both teardown nets for one rollout cycle so
any in-flight org from an older runner checkout still cleans up)
Concurrency group + workflow name + step / job names:
- concurrency.group: canary-staging → staging-smoke
- name: "Canary — staging SaaS smoke" → "Staging SaaS smoke"
- name: "canary-verify" → "Staging verify"
- job: canary → smoke
- job: canary-smoke → staging-smoke
- step: "Canary run" → "Smoke run"
- step: "Run canary smoke suite" → "Run staging smoke suite"
Script-internal:
- CANARY_ACURL_PATH helper var → ACURL_PATH
Cross-references updated:
- e2e-staging-saas.yml + e2e-staging-sanity.yml + publish-canvas-image.yml
+ continuous-synth-e2e.yml + sweep-stale-e2e-orgs.yml + both
redeploy-tenants-on-*.yml comment refs to the renamed workflows
- docs/architecture/canary-release.md + tests/e2e/STAGING_SAAS_E2E.md
+ scripts/README.md + runbooks/gitea-actions-migration-checklist.md
## Out of scope (deliberate)
- CANARY_SLUG / CANARY_PROMOTE_* in redeploy-tenants-on-*.yml: this is
the soak-deploy canary slug (one-tenant-first-then-fan-out), a
different concept than the renamed smoke workflow. Stays.
- .github/workflows/ tree: dormant mirror per
reference_molecule_core_actions_gitea_only — Gitea Actions reads
.gitea/ only. Sweep cleanup is a separate follow-up.
- Alert issue title "Canary failing: staging SaaS smoke" in
staging-smoke.yml: kept stable so any open alert from the pre-rename
filename still title-matches the auto-close search on next green.
## Verification
- grep -rn "CANARY_\|canary-staging\|canary-verify\|E2E_MODE=canary"
.gitea/ scripts/ tests/ docs/ runbooks/ — remaining matches are
intentional (deployment-strategy CANARY_SLUG concept, historical
rename notes with "formerly" qualifier, soak-canary vars).
- yaml.safe_load() parses all 9 touched workflow files clean.
- bash -n on scripts/staging-smoke.sh and
tests/e2e/test_staging_full_saas.sh.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
||
|---|---|---|
| .. | ||
| demo-freeze-snapshots | ||
| ops | ||
| build_runtime_package.py | ||
| build-images.sh | ||
| bundle-compile.sh | ||
| check-cascade-list-vs-manifest.sh | ||
| check-stale-promote-pr.sh | ||
| cleanup-rogue-workspaces.sh | ||
| clone-manifest.sh | ||
| demo-day-runbook.md | ||
| demo-freeze.sh | ||
| demo-thaw.sh | ||
| dev-start.sh | ||
| edge-429-probe.sh | ||
| import-agent.sh | ||
| lockdown-tenant-sg.sh | ||
| measure-coordinator-task-bounds-runner.sh | ||
| measure-coordinator-task-bounds.sh | ||
| nuke-and-rebuild.sh | ||
| post-rebuild-setup.sh | ||
| README.md | ||
| refresh-workspace-images.sh | ||
| rollback-latest.sh | ||
| staging-smoke.sh | ||
| test_build_runtime_package.py | ||
| test-a2a-cross-runtime.sh | ||
| test-all-adapters.sh | ||
| test-all-runtimes-a2a-e2e.sh | ||
| test-all.sh | ||
| test-check-stale-promote-pr.sh | ||
| test-cross-agent-chat.sh | ||
| test-hermes-plugin-e2e.sh | ||
| test-nuke-and-rebuild.sh | ||
| test-team-e2e.sh | ||
| wheel_smoke.py | ||
scripts/
Operational and one-off scripts for molecule-core. Most are self-documenting — see the header comments in each file.
RFC #2251 coordinator task-bound harnesses
There are three related scripts; pick the right one:
| Script | Purpose | Targets |
|---|---|---|
measure-coordinator-task-bounds.sh |
Canonical v1 harness for the RFC #2251 / Issue 4 reproduction. Provisions a PM coordinator + Researcher child via claude-code-default + langgraph templates, sends a synthesis-heavy A2A kickoff, observes elapsed time + activity trace. |
OSS-shape platform — localhost or any /workspaces-shaped endpoint. Has tenant/admin-token guards for non-localhost runs. |
measure-coordinator-task-bounds-runner.sh |
Generalised runner for the same measurement contract but with arbitrary template + secret + model combinations (Hermes/MiniMax, etc.). Useful for cross-runtime variants without modifying the canonical harness. | Same as above (local or SaaS via MODE=saas). |
measure-coordinator-task-bounds.sh (in molecule-controlplane) |
Production-shape variant that bootstraps a real staging tenant via POST /cp/admin/orgs, then runs the same measurement against <slug>.staging.moleculesai.app. |
Staging controlplane only — refuses to run against production. |
See reference_harness_pair_pattern (auto-memory) for when to use which
and the cross-repo design rationale.
Common safety pattern across all three
- Cleanup trap on EXIT/INT/TERM auto-deletes provisioned resources.
DRY_RUN=1prints plan + auth fingerprint, exits before any state mutation. Run this before pointing at staging or any shared infrastructure.- Non-target guard refuses arbitrary endpoints (the controlplane
variant is locked to
staging-api.moleculesai.app; the OSS variant requires explicit auth + tenant scoping for non-localhost PLATFORM). - Cleanup failures emit
cleanup_*_failedevents with remediation hints; no silenced curl. ADMIN_TOKEN expiring mid-run surfaces as a structured event rather than a silent leak.
Activity trace caveat
If activity_trace.raw == "<endpoint_unavailable>", the per-workspace
/activity endpoint isn't wired on the target build — the bound
measurement is INCONCLUSIVE on the platform-ceiling question. Either
wire the endpoint or replace with the equivalent Datadog query. Note
that /activity accepts a since_secs query parameter; see the
endpoint handler for the supported range.
Other scripts
cleanup-rogue-workspaces.sh— emergency teardown for leaked workspaces. Prompts for confirmation. Pair with the harnesses if a cleanup trap fails (seecleanup_*_failedevents).staging-smoke.sh— quick smoke test for the staging canary fleet (formerlycanary-smoke.sh).dev-start.sh— local-dev platform bring-up.
The rest are self-documenting in their header comments.