Fix CI scripts for astra local WAM and auto-revert on failure
- ci-on-push.sh: auto-reverts and pushes revert when tests fail
(enforces no-regressions rule from operations.md)
- ci-watcher.sh: polls local WAM (127.0.0.1:7890) for triggers
- post-receive hook: targets astra WAM (pending Tailscale ACL fix)
- WAM + CI watcher deployed on astra, tested end-to-end
Known issue: Tailscale ACL blocks TCP between Hetzner and astra
on non-SSH ports. Post-receive hook needs ACL update to reach
astra WAM. Manual trigger on astra works (via PoM or direct SSH).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2 files changed,
+4 insertions,
-3 deletions
| 16 |
16 |
|
BRANCH="${1:-main}"
|
| 17 |
17 |
|
REPO_DIR="$HOME/mnw-ci"
|
| 18 |
18 |
|
SERVER_DIR="$REPO_DIR/server"
|
| 19 |
|
- |
WAM_URL="${WAM_URL:-http://100.120.174.96:7890}"
|
|
19 |
+ |
WAM_URL="${WAM_URL:-http://127.0.0.1:7890}"
|
| 20 |
20 |
|
START_TIME=$(date +%s)
|
| 21 |
21 |
|
LOG_FILE="$REPO_DIR/ci-latest.log"
|
| 22 |
22 |
|
|
| 8 |
8 |
|
# Install: copy to /opt/git/max/makenotwork.git/hooks/post-receive
|
| 9 |
9 |
|
|
| 10 |
10 |
|
BUILD_TOKEN="a11d2b9ff121a70e7391b36d00e812da6bba1dd91ed17d4b5e0f0dbb7f7f66cc"
|
| 11 |
|
- |
WAM_URL="http://127.0.0.1:7890"
|
|
11 |
+ |
# Astra's WAM (Hetzner can reach astra, but not vice versa due to Tailscale ACLs)
|
|
12 |
+ |
ASTRA_WAM_URL="http://100.106.221.39:7890"
|
| 12 |
13 |
|
|
| 13 |
14 |
|
while read oldrev newrev refname; do
|
| 14 |
15 |
|
case "$refname" in
|
| 28 |
29 |
|
refs/heads/main)
|
| 29 |
30 |
|
# CI trigger: create a WAM ticket that astra's CI watcher picks up.
|
| 30 |
31 |
|
# Avoids SSH ACL issues — both machines can reach WAM on localhost/tailnet.
|
| 31 |
|
- |
curl -sf -X POST "$WAM_URL/tickets" \
|
|
32 |
+ |
curl -sf -X POST "$ASTRA_WAM_URL/tickets" \
|
| 32 |
33 |
|
-H "Content-Type: application/json" \
|
| 33 |
34 |
|
-d "{\"title\": \"CI trigger: main pushed ($newrev)\", \"priority\": \"medium\", \"source\": \"ci-trigger\", \"source_ref\": \"$newrev\"}" \
|
| 34 |
35 |
|
>/dev/null 2>&1 &
|