pdurlej/platform

Fork 0

fix(modules): strict-v2 F2 stateless smoke batch #267

Merged

pdurlej merged 1 commit from codex/cutover/strict-v2-f2-batch into main

2026-05-13 19:52:26 +02:00

codex commented

2026-05-13 19:47:51 +02:00

Collaborator

Canary status: missing — tier/full multi-module metadata batch; operator merge only before F2 retry.

Summary

This PR unblocks the next F2 no-op smokes by making three stateless RS2000 candidates strict-v2 complete:

excalidraw-room
excalidraw-app
safe-session-web

It intentionally does not modify np-meerkat-frontend: live evidence shows the container exists, but the service is no longer present in canonical repo compose/ files. Filling strict-v2 metadata there would make the health gate pass while hiding a canonical-compose gap.

Canary Context Pack

Product story

F2 should expand the trusted auto-apply smoke from dashboard/MiroTalk into a few low-blast stateless services. The previous excalidraw-room smoke proved plan/apply were safe (in-sync, noop) but failed on strict-v2 health metadata, so this fills the metadata gate before retrying.

What changed

Added intent.user_facing_outcome and intent.acceptance_criteria to three manifests.
Added observed image audit fields to three manifests.
Corrected safe-session-web compose_file from compose/apps/compose.yaml to compose/core/compose.yaml, matching the canonical compose service location.

Why it changed

platformctl health requires strict-v2 manifests before runtime smoke. Run API #812/#813 failed only at this metadata gate; plan/apply were already noop with exitCode=0.

Files touched

modules/excalidraw-room/module.yaml
modules/excalidraw-app/module.yaml
modules/safe-session-web/module.yaml

Relevant context

Issue #142 F2 checkpoint comments #5109 and #5111.
prompts/codex-f1.5-hardening-f2-2026-05-13.md and operator correction: F2 is stateless/no-op only.
ADR-0007: multi-module metadata batch is tier/full.

Runtime evidence

Captured from RS2000 via docker inspect and canonical compose reads at 2026-05-13T17:44:29Z.

Module	Container	Live image	Build	Health	Compose source
`excalidraw-room`	`home-platform-excalidraw-room-1`	`home-platform-excalidraw-room:2026.02.24-03ff435`	local	running healthy	`compose/apps/compose.yaml`
`excalidraw-app`	`home-platform-excalidraw-app-1`	`home-platform-excalidraw-app:2026.02.24-2874f9e`	local	running healthy	`compose/apps/compose.yaml`
`safe-session-web`	`home-platform-safe-session-web-1`	`home-platform-safe-session-web:1.0.0`	local	running healthy	`compose/core/compose.yaml`

np-meerkat-frontend live evidence: home-platform-np-meerkat-frontend-1 is running with ghcr.io/fbuchner/meerkat-crm-frontend:latest, but no active canonical service definition was found in repo compose/; only old backup/contract references remain. It is flagged out of this PR.

Known constraints

This PR is metadata only; it does not trigger smoke or mutate runtime.
np-meerkat-frontend still requires follow-up before it should be considered a clean F2 candidate.
Auto-apply scope currently reports np-meerkat-frontend eligible from manifest shape alone, so the operator should not smoke it tonight.

Explicit out-of-scope

No F2 dispatch from this PR.
No production restart.
No stateful/F3 work.
No canonical compose import for np-meerkat-frontend.
No runbook correction for safe-session-web recovery commands; this PR only fixes the manifest contract needed by platformctl health.

Requested decision

Merge after review so Codex can sync trusted main and retry F2 one-at-a-time for the three green candidates.

Merge blockers

Any strict-v2 validation failure for the three changed manifests.
Any evidence that safe-session-web should still point at compose/apps/compose.yaml rather than compose/core/compose.yaml.
Any requirement to include np-meerkat-frontend despite the missing canonical compose service.

Verification

Pre-change strict-v2 check failed for all four proposed candidates. Post-change:

excalidraw-room: ok=true, schema=v2-strict
excalidraw-app: ok=true, schema=v2-strict
safe-session-web: ok=true, schema=v2-strict
np-meerkat-frontend: still fails strict-v2; intentionally flagged out because canonical compose service is missing

Tests:

PYTHONPATH=control-plane /tmp/platformctl-test-venv/bin/python -m pytest \
  control-plane/platformctl/tests/test_validate.py \
  control-plane/platformctl/tests/test_health_phase3.py -q
# 25 passed

PYTHONPATH=control-plane /tmp/platformctl-test-venv/bin/python -m pytest \
  control-plane/platformctl/tests/test_validate.py \
  control-plane/platformctl/tests/test_health_phase3.py \
  control-plane/platformctl/tests/test_forgejo_ci_scripts_contract.py -q
# 50 passed

Auto-apply manual scope checks:

excalidraw-room rc=0 status=eligible safe=true blockers=0 compose=compose/apps/compose.yaml
excalidraw-app rc=0 status=eligible safe=true blockers=0 compose=compose/apps/compose.yaml
safe-session-web rc=0 status=eligible safe=true blockers=0 compose=compose/core/compose.yaml
np-meerkat-frontend rc=0 status=eligible safe=true blockers=0 compose=compose/apps/compose.yaml  # flagged: compose service missing in repo

Spec sources read

modules/excalidraw-room/module.yaml — target manifest.
modules/excalidraw-app/module.yaml — target manifest.
modules/safe-session-web/module.yaml — target manifest.
modules/np-meerkat-frontend/module.yaml — checked and flagged out.
schema/module.schema.v2.json — strict-v2 field shape.
control-plane/platformctl/health.py — confirmed health strict-v2 gate.
control-plane/platformctl/ci/auto_apply_scope.py — confirmed manual scope behavior and its current blind spot.
RS2000 live Docker inspect and compose reads — image/runtime evidence.

After merge

Recommended retry order:

excalidraw-room
excalidraw-app
safe-session-web

Do not run np-meerkat-frontend in F2 until its canonical compose gap is resolved or explicitly accepted by the operator.

Canary status: missing — tier/full multi-module metadata batch; operator merge only before F2 retry. ## Summary This PR unblocks the next F2 no-op smokes by making three stateless RS2000 candidates strict-v2 complete: - `excalidraw-room` - `excalidraw-app` - `safe-session-web` It intentionally does **not** modify `np-meerkat-frontend`: live evidence shows the container exists, but the service is no longer present in canonical repo `compose/` files. Filling strict-v2 metadata there would make the health gate pass while hiding a canonical-compose gap. ## Canary Context Pack ### Product story F2 should expand the trusted auto-apply smoke from dashboard/MiroTalk into a few low-blast stateless services. The previous `excalidraw-room` smoke proved plan/apply were safe (`in-sync`, `noop`) but failed on strict-v2 health metadata, so this fills the metadata gate before retrying. ### What changed - Added `intent.user_facing_outcome` and `intent.acceptance_criteria` to three manifests. - Added observed image audit fields to three manifests. - Corrected `safe-session-web` `compose_file` from `compose/apps/compose.yaml` to `compose/core/compose.yaml`, matching the canonical compose service location. ### Why it changed `platformctl health` requires strict-v2 manifests before runtime smoke. Run API #812/#813 failed only at this metadata gate; plan/apply were already `noop` with `exitCode=0`. ### Files touched - `modules/excalidraw-room/module.yaml` - `modules/excalidraw-app/module.yaml` - `modules/safe-session-web/module.yaml` ### Relevant context - Issue #142 F2 checkpoint comments #5109 and #5111. - `prompts/codex-f1.5-hardening-f2-2026-05-13.md` and operator correction: F2 is stateless/no-op only. - ADR-0007: multi-module metadata batch is tier/full. ### Runtime evidence Captured from RS2000 via `docker inspect` and canonical compose reads at 2026-05-13T17:44:29Z. | Module | Container | Live image | Build | Health | Compose source | |---|---|---|---|---|---| | `excalidraw-room` | `home-platform-excalidraw-room-1` | `home-platform-excalidraw-room:2026.02.24-03ff435` | local | running healthy | `compose/apps/compose.yaml` | | `excalidraw-app` | `home-platform-excalidraw-app-1` | `home-platform-excalidraw-app:2026.02.24-2874f9e` | local | running healthy | `compose/apps/compose.yaml` | | `safe-session-web` | `home-platform-safe-session-web-1` | `home-platform-safe-session-web:1.0.0` | local | running healthy | `compose/core/compose.yaml` | `np-meerkat-frontend` live evidence: `home-platform-np-meerkat-frontend-1` is running with `ghcr.io/fbuchner/meerkat-crm-frontend:latest`, but no active canonical service definition was found in repo `compose/`; only old backup/contract references remain. It is flagged out of this PR. ### Known constraints - This PR is metadata only; it does not trigger smoke or mutate runtime. - `np-meerkat-frontend` still requires follow-up before it should be considered a clean F2 candidate. - Auto-apply scope currently reports `np-meerkat-frontend` eligible from manifest shape alone, so the operator should not smoke it tonight. ### Explicit out-of-scope - No F2 dispatch from this PR. - No production restart. - No stateful/F3 work. - No canonical compose import for `np-meerkat-frontend`. - No runbook correction for `safe-session-web` recovery commands; this PR only fixes the manifest contract needed by `platformctl health`. ### Requested decision Merge after review so Codex can sync trusted main and retry F2 one-at-a-time for the three green candidates. ### Merge blockers - Any strict-v2 validation failure for the three changed manifests. - Any evidence that `safe-session-web` should still point at `compose/apps/compose.yaml` rather than `compose/core/compose.yaml`. - Any requirement to include `np-meerkat-frontend` despite the missing canonical compose service. ## Verification Pre-change strict-v2 check failed for all four proposed candidates. Post-change: ```text excalidraw-room: ok=true, schema=v2-strict excalidraw-app: ok=true, schema=v2-strict safe-session-web: ok=true, schema=v2-strict np-meerkat-frontend: still fails strict-v2; intentionally flagged out because canonical compose service is missing ``` Tests: ```text PYTHONPATH=control-plane /tmp/platformctl-test-venv/bin/python -m pytest \ control-plane/platformctl/tests/test_validate.py \ control-plane/platformctl/tests/test_health_phase3.py -q # 25 passed PYTHONPATH=control-plane /tmp/platformctl-test-venv/bin/python -m pytest \ control-plane/platformctl/tests/test_validate.py \ control-plane/platformctl/tests/test_health_phase3.py \ control-plane/platformctl/tests/test_forgejo_ci_scripts_contract.py -q # 50 passed ``` Auto-apply manual scope checks: ```text excalidraw-room rc=0 status=eligible safe=true blockers=0 compose=compose/apps/compose.yaml excalidraw-app rc=0 status=eligible safe=true blockers=0 compose=compose/apps/compose.yaml safe-session-web rc=0 status=eligible safe=true blockers=0 compose=compose/core/compose.yaml np-meerkat-frontend rc=0 status=eligible safe=true blockers=0 compose=compose/apps/compose.yaml # flagged: compose service missing in repo ``` ## Spec sources read - `modules/excalidraw-room/module.yaml` — target manifest. - `modules/excalidraw-app/module.yaml` — target manifest. - `modules/safe-session-web/module.yaml` — target manifest. - `modules/np-meerkat-frontend/module.yaml` — checked and flagged out. - `schema/module.schema.v2.json` — strict-v2 field shape. - `control-plane/platformctl/health.py` — confirmed health strict-v2 gate. - `control-plane/platformctl/ci/auto_apply_scope.py` — confirmed manual scope behavior and its current blind spot. - RS2000 live Docker inspect and compose reads — image/runtime evidence. ## After merge Recommended retry order: 1. `excalidraw-room` 2. `excalidraw-app` 3. `safe-session-web` Do not run `np-meerkat-frontend` in F2 until its canonical compose gap is resolved or explicitly accepted by the operator.

codex added 1 commit

2026-05-13 19:47:51 +02:00

fix(modules): strict-v2 F2 stateless smoke batch

canary-required / collect-diff (pull_request) Successful in 4s

Details

platformctl plan / auto-apply scope (pull_request) Successful in 20s

Details

canary-required / canary (pull_request) Successful in 13s

Details

base-is-main / guard (pull_request) Successful in 1s

Details

2fde5dbfaa