docs(dev-sso): distribution e2e smoke-test section (BUNYIP-35) #37

Merged

nrupard merged 2 commits from docs/bunyip-35-e2e-smoke-tests into main 2026-06-02 19:05:09 +02:00

Conversation 0 Commits 2 Files changed 1 +155

nrupard commented 2026-06-02 18:54:34 +02:00

Owner

Copy link

What

BUNYIP-35 deliverable: appends the distribution e2e smoke-test section (section 10) to the dev-sso runbook, documenting the full verification matrix executed on 2026-06-02.

Contents

• Matrix A (functional): docker login credential matrix, entitled pull + multi-arch index, denial envelopes (nonexistent repo, unpinned tag), blob cache hit, downloads listing, binary integrity (3-way digest match: proxy = .sha256 asset = Forgejo origin), non-member denials.
• Matrix B (limits): daily pull cap, daily download cap, download concurrency - with the compose-override caveat (BUNYIP-42) and counting caveat (BUNYIP-43).
• Matrix C (failure modes): Forgejo unreachable (graceful degradation, no crash loop) and revoked service token (clean customer error, actionable ops log, no token leak).
• Known gaps + the four defect issues the run filed (BUNYIP-40 to BUNYIP-43).

Full pass/fail results are recorded as a comment on BUNYIP-35.

## What BUNYIP-35 deliverable: appends the distribution e2e smoke-test section (section 10) to the dev-sso runbook, documenting the full verification matrix executed on 2026-06-02. ## Contents - **Matrix A** (functional): docker login credential matrix, entitled pull + multi-arch index, denial envelopes (nonexistent repo, unpinned tag), blob cache hit, downloads listing, binary integrity (3-way digest match: proxy = .sha256 asset = Forgejo origin), non-member denials. - **Matrix B** (limits): daily pull cap, daily download cap, download concurrency - with the compose-override caveat (BUNYIP-42) and counting caveat (BUNYIP-43). - **Matrix C** (failure modes): Forgejo unreachable (graceful degradation, no crash loop) and revoked service token (clean customer error, actionable ops log, no token leak). - Known gaps + the four defect issues the run filed (BUNYIP-40 to BUNYIP-43). Full pass/fail results are recorded as a comment on BUNYIP-35.

nrupard added 1 commit 2026-06-02 18:54:34 +02:00

docs(dev-sso): add distribution e2e smoke-test section from BUNYIP-35 run ... 357f625ceb

Appends section 10 to the runbook: the full customer-flow verification matrix (OCI login/pull/denials/cache, binary downloads + integrity, limit enforcement, Forgejo failure modes) with commands, expected results, and reproduction caveats, as executed against the local dev stack on 2026-06-02. Records the known gaps and the defect issues the run produced (BUNYIP-40 through BUNYIP-43) plus the no-live-release-product coverage gap.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

nrupard referenced this pull request from a commit 2026-06-02 19:04:08 +02:00

docs(dev-sso): rework smoke-test section per review; definitive cache proof

nrupard added 1 commit 2026-06-02 19:04:08 +02:00

docs(dev-sso): rework smoke-test section per review; definitive cache proof ... c94af880f0

Addresses all 7 review findings on PR #37:

- Matrix B contradiction resolved: documents the exact interim compose-override procedure (the one sanctioned exception to "never raw compose", with the HOST_UID/HOST_GID exports that preserve the just-managed wiring) and frames it as blocked on BUNYIP-42 for a clean version.
- A6 (was A7) cache test is now actually verifiable: replaced the vacuous "grep the logs" method (the blob path logs nothing on upstream fetches, so zero grep hits proves nothing) with the definitive dead-upstream re-pull: block Forgejo inside the api container, re-pull within the manifest-cache TTL; success is only possible if every byte came from bunyip's caches. Re-executed live with this method on 2026-06-02: PASS.
- C1/C2 now include the backup-first and restore commands (/etc/hosts.bak pattern, .env backup) so a reader cannot poison the container or lose the real Forgejo token.
- Prerequisites are fully executable: register request body, psql invocation with container/db/user, cookie-jar login (and the note that /v1 auth is an HttpOnly cookie, not a bearer header).
- Deduplicated against existing docs: Matrix A defers OCI basics to `just verify-oci` and cross-references dev-docs/oci-registry-verification.md; this section only documents what neither covers (credential matrix, cache proof, binary integrity, limits, failure modes).
- Error expectations use exact envelope codes (NAME_UNKNOWN, MANIFEST_UNKNOWN, UNKNOWN, FORBIDDEN, download_daily_limit) and distinguish docker CLI text from JSON bodies and the Retry-After header (OCI 429) from the body retry_after field (download 429).
- Test-user seeding explains its relationship to verify-oci's admin user and the membership_status alternative used by the older doc.

All nu code blocks are valid nushell 0.112 (no bash-style line continuations, no force flags, long-form switches).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

nrupard merged commit 498eaf195e into main 2026-06-02 19:05:09 +02:00

nrupard deleted branch docs/bunyip-35-e2e-smoke-tests 2026-06-02 19:05:09 +02:00

nrupard referenced this pull request from a commit 2026-06-02 19:05:09 +02:00

Merge pull request 'docs(dev-sso): distribution e2e smoke-test section (BUNYIP-35)' (#37) from docs/bunyip-35-e2e-smoke-tests into main

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

psa-systems/bunyip!37

No description provided.