admin/orchestrator
1
0
Fork 0
Code Issues Pull Requests 4 Actions Packages Projects Releases Wiki Activity

feat(deploy): dedicated "Confirm Deploy" status triggers prod deploy (ORCH-059) #68

Closed
admin wants to merge 0 commits from feature/ORCH-059-approve-confirm-deploy-approve into main
pull from: feature/ORCH-059-approve-confirm-deploy-approve
merge into: admin:main
Conversation 1 Commits - Files Changed -
admin commented 2026-06-07 22:13:28 +03:00
Owner
Copy Link

Summary

  • Splits the overloaded Plane Approved status: it was BOTH the human BRD gate on analysis AND the silent Phase B prod-deploy trigger on deploy (ORCH-036), so a routine approve could launch a self-hosting prod restart serving all projects.
  • Introduces a dedicated logical status confirm_deploy ("Confirm Deploy") that triggers only Phase B on deploy; Approved stays purely a pipeline gate (no-op on deploy).
  • Fail-closed: confirm_deploy is absent from _DEFAULT_STATES, so environments without the status resolve None via .get — no KeyError, no blind deploy.

Changes

  • src/plane_sync.py: "Confirm Deploy" -> "confirm_deploy" in _PLANE_NAME_TO_KEY (not in _DEFAULT_STATES).
  • src/webhooks/plane.py: handle_issue_updated routes "Confirm Deploy" to new handle_confirm_deploy (guarded to stage=="deploy") -> _try_advance_stage(confirm_deploy=True).
  • src/stage_engine.py: advance_stage gains keyword-only confirm_deploy=False; Phase B initiates only when True, else a plain Approved is a deterministic no-op returning before check_deploy_status (no false BUG-8 rollback). Phase A CTA asks for "Confirm Deploy".
  • Docs: CLAUDE.md, docs/architecture/README.md, CHANGELOG.md.

Invariants (unchanged)

STAGE_TRANSITIONS, QG_CHECKS, check_deploy_status, hook exit codes (0/1/2), Phases A/C, merge-gate, terminal-sync, DB schema. Conditional like ORCH-35/36 (self-hosting only).

Ops precondition

Create the "Confirm Deploy" board status in the Plane ORCH project (exact name/case) + reset state cache — see docs/work-items/ORCH-059/07-infra-requirements.md.

Test plan

  • test_plane_states.py (TC-01/02/03), test_plane_confirm_deploy.py (TC-04/05/06), test_stage_engine_phase_b.py (TC-07/08), test_stage_engine_phase_a_cta.py (TC-09), test_confirm_deploy_integration.py (TC-10/11/12)
  • test_deploy_approve.py updated to the new trigger
  • Full suite green: pytest tests/ -q -> 763 passed
## Summary - Splits the overloaded Plane `Approved` status: it was BOTH the human BRD gate on `analysis` AND the silent Phase B prod-deploy trigger on `deploy` (ORCH-036), so a routine approve could launch a self-hosting prod restart serving all projects. - Introduces a dedicated logical status `confirm_deploy` ("Confirm Deploy") that triggers **only** Phase B on `deploy`; `Approved` stays purely a pipeline gate (no-op on `deploy`). - Fail-closed: `confirm_deploy` is absent from `_DEFAULT_STATES`, so environments without the status resolve `None` via `.get` — no `KeyError`, no blind deploy. ## Changes - `src/plane_sync.py`: `"Confirm Deploy" -> "confirm_deploy"` in `_PLANE_NAME_TO_KEY` (not in `_DEFAULT_STATES`). - `src/webhooks/plane.py`: `handle_issue_updated` routes "Confirm Deploy" to new `handle_confirm_deploy` (guarded to `stage=="deploy"`) -> `_try_advance_stage(confirm_deploy=True)`. - `src/stage_engine.py`: `advance_stage` gains keyword-only `confirm_deploy=False`; Phase B initiates only when `True`, else a plain `Approved` is a deterministic no-op returning before `check_deploy_status` (no false BUG-8 rollback). Phase A CTA asks for "Confirm Deploy". - Docs: `CLAUDE.md`, `docs/architecture/README.md`, `CHANGELOG.md`. ## Invariants (unchanged) `STAGE_TRANSITIONS`, `QG_CHECKS`, `check_deploy_status`, hook exit codes (0/1/2), Phases A/C, merge-gate, terminal-sync, DB schema. Conditional like ORCH-35/36 (self-hosting only). ## Ops precondition Create the "Confirm Deploy" board status in the Plane ORCH project (exact name/case) + reset state cache — see `docs/work-items/ORCH-059/07-infra-requirements.md`. ## Test plan - test_plane_states.py (TC-01/02/03), test_plane_confirm_deploy.py (TC-04/05/06), test_stage_engine_phase_b.py (TC-07/08), test_stage_engine_phase_a_cta.py (TC-09), test_confirm_deploy_integration.py (TC-10/11/12) - test_deploy_approve.py updated to the new trigger - Full suite green: pytest tests/ -q -> 763 passed
admin added 6 commits 2026-06-07 22:20:42 +03:00
docs: init ORCH-059 business request 8fcb867dcf
analyst(ET): auto-commit from analyst run_id=333 b67a61ecef
architect(ET): auto-commit from architect run_id=334 dd07b58165
feat(deploy): dedicated "Confirm Deploy" status triggers prod deploy 86fe8dd509 
Split the overloaded `Approved` Plane status: it served BOTH as the human BRD
gate on `analysis` AND as the silent Phase B prod-deploy trigger on `deploy`
(ORCH-036), so a routine approve could launch a self-hosting prod restart.

ORCH-059 introduces a dedicated logical status `confirm_deploy` ("Confirm
Deploy") that triggers ONLY Phase B on `deploy`; `Approved` stays purely a
pipeline gate.

- plane_sync: map "Confirm Deploy" -> "confirm_deploy" in _PLANE_NAME_TO_KEY;
  intentionally absent from _DEFAULT_STATES => fail-closed (no UUID -> .get
  yields None, no KeyError, no blind deploy).
- webhooks/plane: handle_issue_updated routes "Confirm Deploy" (fail-closed
  .get) to new handle_confirm_deploy (guarded to stage=="deploy") ->
  _try_advance_stage(confirm_deploy=True).
- stage_engine: advance_stage gains keyword-only confirm_deploy=False; Phase B
  block returns early for deploy+finished_agent is None but only initiates the
  deploy when confirm_deploy=True; a plain Approved is a deterministic no-op
  (returns before check_deploy_status -> no false БАГ-8 rollback).
- Phase A CTA now asks the operator for "Confirm Deploy", not "Approved".

Contracts unchanged: STAGE_TRANSITIONS, QG_CHECKS, check_deploy_status, hook
exit codes, Phases A/C, merge-gate, DB schema. Conditional like ORCH-35/36
(self-hosting only). Docs updated (CLAUDE.md, architecture/README.md, CHANGELOG).

Refs: ORCH-059

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
reviewer(ET): auto-commit from reviewer run_id=336 48943fe10a
tester(ET): auto-commit from tester run_id=337
All checks were successful
CI / test (push) Successful in 20s
Details
CI / test (pull_request) Successful in 17s
Details
ca41d9210b
admin force-pushed feature/ORCH-059-approve-confirm-deploy-approve from 8b9c604b53 to ca41d9210b 2026-06-07 22:20:42 +03:00 Compare
admin added 1 commit 2026-06-07 22:29:37 +03:00
deploy(ORCH-036): finalize SUCCESS for ORCH-059
All checks were successful
CI / test (push) Successful in 18s
Details
CI / test (pull_request) Successful in 18s
Details
7cdef6d377
admin added 1 commit 2026-06-07 22:44:41 +03:00
docs(ORCH-021): post-deploy HEALTHY/NONE for ORCH-059
All checks were successful
CI / test (push) Successful in 18s
Details
CI / test (pull_request) Successful in 19s
Details
9f4d79baee
admin commented 2026-06-08 10:55:32 +03:00
Author
Owner
Copy Link

Superseded by #71 (restore-main 2026-06-08): ORCH-059 code restored to main after phantom-merge.

Superseded by #71 (restore-main 2026-06-08): ORCH-059 code restored to main after phantom-merge.
admin closed this pull request 2026-06-08 10:55:32 +03:00
All checks were successful
CI / test (push) Successful in 18s
Details
CI / test (pull_request) Successful in 19s
Details

Pull request closed

Please reopen this pull request to perform a merge.
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
admin
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: admin/orchestrator#68
Delete Branch "feature/ORCH-059-approve-confirm-deploy-approve"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?