diff --git a/config/hwlab-node-lanes.yaml b/config/hwlab-node-lanes.yaml index c51ad449..2c68519b 100644 --- a/config/hwlab-node-lanes.yaml +++ b/config/hwlab-node-lanes.yaml @@ -299,7 +299,7 @@ lanes: install: stateDir: /tmp/hwlab-release-source-workspace-bootstrap sourceAuthority: - giteaMirrorRepoKey: hwlab-nc01-production + giteaMirrorRepoKey: hwlab-nc01-v03 cicdRepo: /root/hwlab-release-cicd.git cicdRepoLock: /tmp/hwlab-release-cicd-repo.lock app: hwlab-node-production diff --git a/docs/MDTODO/details/pr-merge-driven-automatic-delivery/R7.2_Task_Report.md b/docs/MDTODO/details/pr-merge-driven-automatic-delivery/R7.2_Task_Report.md index 3e442f05..18aeab92 100644 --- a/docs/MDTODO/details/pr-merge-driven-automatic-delivery/R7.2_Task_Report.md +++ b/docs/MDTODO/details/pr-merge-driven-automatic-delivery/R7.2_Task_Report.md @@ -21,6 +21,12 @@ - Kafka client、direct publish、refresh replay、projector 和 live SSE consumer group。 - production 与 development 共享同一个 HWLAB Gitea PaC Repository CR;两个 lane 使用独立 consumer,并由 consumer params 覆盖 source branch、snapshot、Pipeline 和 runtime identity。 - 共享 Repository 避免同一镜像仓库重复声明 PaC Repository;独立 consumer 仍保持 production 自动交付路径与 development 完全隔离。 +- `lanes.production.targets.NC01.sourceAuthority.giteaMirrorRepoKey` 已统一为共享 authority `hwlab-nc01-v03`,不再引用不存在的 production repo key。 +- delivery authority parser 以 consumer params 解析 branch 与 snapshot: + - 显式 consumer override 优先; + - 未显式覆盖时继承 Repository 默认; + - 多分支镜像优先匹配同 branch authority; + - 唯一共享镜像允许 production consumer 复用同一 Repository。 - 通用 HWLAB lane parser 和 plan 已投影 migration ledger,并从 owning YAML 动态生成合法 lane 提示。 - `config/platform-infra/kafka.yaml` 已声明 production Cloud API Kafka ACL,未改变 topic、实时和回放架构。 @@ -50,6 +56,17 @@ - Argo Application 为 `hwlab-node-production`; - `single-path`、`yaml-source-of-truth`、`public-repository-url`、`gitea-internal-source` 和 `runtime-zero-docker` 均为 `true`。 - `bun scripts/cli.ts platform-infra pipelines-as-code plan --target NC01 --consumer hwlab-nc01-v03`:通过,development consumer 保持独立。 +- delivery authority 与 renderer 定向断言通过: + - NC01 只声明一个 HWLAB Gitea repository,key 为 `hwlab-nc01-v03`; + - production 与 v03 的 `repositoryRef` 均为 `hwlab-nc01-v03`; + - production consumer 保持 `hwlab-nc01-production`; + - production branch 为 `release`,snapshot prefix 为 release 独立前缀; + - authority 解析结果为 `pac-pr-merge`; + - feature config renderer 使用 production consumer。 +- 纯 Kafka 定向断言通过: + - `directPublish`、`liveKafkaSse`、`kafkaRefreshReplay` 为 `true`; + - `transactionalProjector`、`projectionOutboxRelay`、`projectionRealtime` 为 `false`; + - `transactionalProjectorConsumerGroupId` 仅作为 parser 必填的 inert compatibility 字段保留。 - 解析后隔离断言全部通过: - source branch、workspace、Pipeline、PipelineRun prefix、ServiceAccount; - GitOps branch、runtime namespace、Argo Application、public origin; diff --git a/scripts/src/cicd-delivery-authority.ts b/scripts/src/cicd-delivery-authority.ts index 79790a70..ce3d5793 100644 --- a/scripts/src/cicd-delivery-authority.ts +++ b/scripts/src/cicd-delivery-authority.ts @@ -149,12 +149,20 @@ export function readCicdDeliveryAuthorityCatalog(): CicdDeliveryAuthorityCatalog pacRepositories.filter((candidate) => same(candidate.id, repositoryRef)), `${path}.repositoryRef=${repositoryRef}`, ); + const params = item.params === undefined ? null : record(item.params, `${path}.params`); + const sourceBranch = params === null + ? pacRepository.sourceBranch + : requiredString(params.source_branch ?? pacRepository.sourceBranch, `${path}.params.source_branch`); + const sourceSnapshotPrefix = params === null + ? pacRepository.sourceSnapshotPrefix + : requiredString(params.source_snapshot_prefix ?? pacRepository.sourceSnapshotPrefix, `${path}.params.source_snapshot_prefix`); + const authorityRepositories = giteaRepositories.filter((candidate) => same(candidate.targetId, node) + && same(candidate.owner, pacRepository.owner) + && same(candidate.repo, pacRepository.repo)); + const branchAuthorityRepositories = authorityRepositories.filter((candidate) => same(candidate.sourceBranch, sourceBranch)); const authorityRepository = exactlyOne( - giteaRepositories.filter((candidate) => same(candidate.targetId, node) - && same(candidate.owner, pacRepository.owner) - && same(candidate.repo, pacRepository.repo) - && same(candidate.sourceBranch, pacRepository.sourceBranch)), - `${path} source authority ${node}/${pacRepository.owner}/${pacRepository.repo}@${pacRepository.sourceBranch}`, + branchAuthorityRepositories.length > 0 ? branchAuthorityRepositories : authorityRepositories, + `${path} source authority ${node}/${pacRepository.owner}/${pacRepository.repo}@${sourceBranch}`, ); return { consumerId, @@ -164,8 +172,8 @@ export function readCicdDeliveryAuthorityCatalog(): CicdDeliveryAuthorityCatalog pipelineRunPrefix, repositoryRef, sourceRepository: authorityRepository.sourceRepository, - sourceBranch: authorityRepository.sourceBranch, - sourceSnapshotPrefix: pacRepository.sourceSnapshotPrefix, + sourceBranch, + sourceSnapshotPrefix, giteaOwner: pacRepository.owner, giteaRepository: pacRepository.repo, giteaRepositoryUrl: pacRepository.url,