Skip to content

delivery-kid: snapshot draft diagnostics to wiki sub-page#87

Merged
jMyles merged 1 commit into
cryptograss:productionfrom
magent-cryptograss:delivery-kid-snapshot-diagnostics
May 30, 2026
Merged

delivery-kid: snapshot draft diagnostics to wiki sub-page#87
jMyles merged 1 commit into
cryptograss:productionfrom
magent-cryptograss:delivery-kid-snapshot-diagnostics

Conversation

@magent-cryptograss

Copy link
Copy Markdown
Contributor

Supersedes #86 — rebased onto current production (91f0f7a) and re-targeted from magent-cryptograss/maybelle-config per the standing fork policy.

What's here

Sky's single commit. Mirrors upload_log / finalize_log / preview_log from draft.json to a wiki sub-page at ReleaseDraft:{id}/diagnostics on every terminal-state transition, so diagnostics survive a delivery-kid storage rebuild. Reuses the existing Magent@magent BotPassword from blue-railroad-import (no new credential, no vault dance).

Hook points (each fires asyncio.create_task to avoid blocking the route):

  • routes/content.py fail()upload_failed
  • routes/content.py _submit_preview_transcode exception path → preview-side failures before Coconut runs
  • routes/content.py finalize_sse_generator finally → finalized + finalize_failed
  • routes/coconut.py _update_draft_previewpreview_status: ready + failed (after webhook)

The new pickipedia_client no-ops cleanly when PICKIPEDIA_BOT_PASSWORD is unset, so dev environments without bot creds run fine. The cached mwclient.Site is guarded by a lock for concurrent webhook callers.

Wiki-side rendering is in cryptograss/pickipedia#82 (the rebased version of #81) — its initDiagnostics falls back to fetching ReleaseDraft:{id}/diagnostics whenever the live /draft-content fetch returns 404.

Rebase notes

Conflict in routes/content.py was an additive collision — production grew a log_pre_handler_failure() helper (accf8cd: capture pre-handler upload failures in upload_log) at the same location where Sky added _fire_diagnostics_snapshot(). They're unrelated, so resolved by keeping both, sequenced in the order added.

Test plan

  • Existing tests pass: cd delivery-kid/pinning-service && pytest (34 expected — 20 existing + 14 new in test_pickipedia_client.py)
  • Upload + finalize a draft end-to-end on a deploy with PICKIPEDIA_BOT_PASSWORD set; verify ReleaseDraft:{uuid}/diagnostics page is created with finalize_log + preview_log JSON
  • Trigger a preview-failed transition (e.g., bad input); verify diagnostics page captures the preview_log
  • Unset PICKIPEDIA_BOT_PASSWORD; verify routes still succeed (snapshot is a no-op, no errors logged)

Deploy

Needs --rebuild so the new mwclient dep in requirements.txt gets baked into the image.

…tics

Mirrors the upload_log / finalize_log / preview_log persisted in
draft.json to a wiki sub-page at every terminal-state transition, so
the diagnostics history survives a delivery-kid storage rebuild. Reuses
the Magent@magent BotPassword already provisioned for blue-railroad-import
(via the same PICKIPEDIA_BOT_USER / PICKIPEDIA_BOT_PASSWORD env vars).

Hook points (each fires asyncio.create_task to avoid blocking the route):
- routes/content.py fail() — upload_failed
- routes/content.py _submit_preview_transcode exception path — preview_status: failed before Coconut even ran
- routes/content.py finalize_sse_generator finally — finalized + finalize_failed
- routes/coconut.py _update_draft_preview — preview_status: ready + failed (after webhook)

The new pickipedia_client no-ops cleanly when PICKIPEDIA_BOT_PASSWORD is
unset, so dev environments without bot creds run fine; the cached
mwclient.Site is guarded by a lock for concurrent webhook callers.

Wiki-side rendering is in cryptograss/pickipedia#81 — its initDiagnostics
falls back to fetching ReleaseDraft:{id}/diagnostics whenever the live
/draft-content fetch returns 404.
@jMyles
jMyles merged commit 255f077 into cryptograss:production May 30, 2026
jMyles added a commit that referenced this pull request Jun 1, 2026
…lt keys

The pickipedia_client snapshot path in delivery-kid (added in #87) has
been silently no-op'ing since deploy: PICKIPEDIA_BOT_PASSWORD in the
container is empty, _get_site() returns None without logging, and
snapshot_diagnostics returns False without logging. No bot writes
ever attempted, no log trail to find the gap.

Root cause: the playbook references vault keys named
`pickipedia_bot_user` and `pickipedia_bot_password` — which were never
added to the vault. The defaults of '' kicked in and the env vars
landed empty in the container.

The vault DOES have the Magent@magent BotPassword — it's stored as
`BLUERAILROAD_BOT_USERNAME` / `BLUERAILROAD_BOT_PASSWORD` and used by
maybelle's post-audit-to-wiki.py (which writes the
Cryptograss:Delivery-kid-audits/{blockheight} pages successfully).
Same bot account, just under a different name in the vault.

Point delivery-kid at those keys instead. No vault edit needed; this
is purely a rename on the consumer side.

## Follow-up worth doing soon

The pickipedia_client should log a single line at module/init time if
PICKIPEDIA_BOT_PASSWORD is empty, so the silent-no-op pattern doesn't
recur the next time we wire a new env var. Tracking separately rather
than bundling here.
jMyles added a commit that referenced this pull request Jun 1, 2026
The pickipedia_client snapshot path silently no-op'd from #87 deploy
until today — _get_site() returned None when PICKIPEDIA_BOT_PASSWORD
was empty, with no log line to surface the gap. We only found it by
deductive reasoning ("the page doesn't exist, the hook should have
fired, where would the snapshot have logged about that") rather than
by reading a single explicit log entry.

Add a logger.warning the first time we hit that branch, gated on a
module-level _warned_missing_creds flag so we warn once per process
rather than on every snapshot attempt. Future deployments where
someone forgets to wire the env var (or the vault key gets renamed,
as in #91) will surface in `docker logs pinning-service` immediately.

No behavior change for the cred-present path — exactly the same
fast-return when _site is cached.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants