fix(dispatcher): correct ILI label to packdelivery-{name} + lineage unit test#21
Merged
Conversation
Non-canonical copy deleted. seam-core is the authority and the type has been removed from seam-core in this migration phase.
…rapper Phase 2 step 2.3: delete all infrastructure.ontai.dev CRD YAML files copied into wrapper/config/crd/ -- these were stale copies that would conflict with the new seam.ontai.dev definitions after the move. Phase 3 steps 3.3-3.7: define PackDelivery, PackExecution, PackInstalled, PackReceipt, and PackLog as first-class types under seam.ontai.dev/v1alpha1 in wrapper/api/seam/v1alpha1/. Generate CRD YAML into config/crd/bases/ and wire embed.go to expose them via compileLaunchBundle. WrapperRunnerRBAC gate renamed to DispatcherRunnerRBAC throughout the PackExecution reconciler. clusterPackRef field references updated to packDeliveryRef in all tests and production code.
Update go.mod module declaration from github.com/ontai-dev/wrapper to github.com/ontai-dev/dispatcher. Update all internal import paths to use github.com/ontai-dev/dispatcher. Update seam-core -> seam replace directive and require entry. Add seam-sdk replace + require. No type or logic changes.
Replace ../seam-core with ../seam following the seam-core -> seam filesystem rename. Module path github.com/ontai-dev/seam was already updated in Phase 4; this aligns the local path pointer.
…ontai.dev Update all GroupVersionKind Group fields for RBACProfile, RBACPolicy, and PermissionSnapshot from security.ontai.dev to guardian.ontai.dev in the PackExecution reconciler and associated tests.
…ming - Package comments, suite name, test descriptions: wrapper -> dispatcher - Gate condition comments: WrapperRunnerRBAC -> DispatcherRunnerRBAC - Type comments: InfrastructurePackReceipt -> PackReceipt - It() string: "PackExecution is created by wrapper" -> "by dispatcher" wrapper-schema.md / seam-core-schema.md doc refs left unchanged (Phase 8). All 4 dispatcher test packages pass.
Fresh documentation from current codebase. wrapper renamed to dispatcher throughout. seam.ontai.dev replaces infra.ontai.dev. Type names updated: PackDelivery, PackExecution, PackInstalled, PackReceipt, PackLog. New dispatcher-schema.md replaces stale wrapper-schema.md (redirect left in place).
…am-sdk); fix integration test scheme registration and CRD path
The pack-deploy Job mounts the cluster kubeconfig secret without SubPath, causing the secret key 'value' to appear as a directory entry at /var/run/secrets/kubeconfig/value rather than as a plain file at /var/run/secrets/kubeconfig. Add SubPath: "value" so conductor execute mode can open the path as a regular file.
…nAttempts to PackLog PackInstalled gains spec.remediationPolicyRef for conductor watchdog escalation policy resolution. PackLog gains status.remediationAttempts slice for per-reason attempt tracking. Deepcopy regenerated. pack-name label injection wired into PackExecution reconciler (T-CW-12 through T-CW-20).
Replace all infrastructure.ontai.dev references with seam.ontai.dev across controllers and tests. Fix InfrastructureRunnerConfig -> RunnerConfig and InfrastructureTalosCluster -> TalosCluster GVKs in SetupWithManager watch, isConductorReadyForCluster lookups, and all test helpers. Rename wrapper-runner SA to dispatcher-runner throughout. Update finalizer, annotation, and label keys to seam.ontai.dev prefix. Update unit tests to use post-migration GVKs so gate 0 clears correctly in test scenarios.
PackExecution reconciler was looking for PackDelivery in pe.Namespace
(seam-tenant-{cluster}) but PackDeliveries live in seam-system. This
caused Gate 1 to block indefinitely with "ClusterPack not found".
Fix: hardcode seam-system in the Gate 1 lookup. Update all test
fixtures to use seam-system for PackDelivery namespace.
…or mgmt cluster
The management cluster's PermissionSnapshot is named snapshot-management
(role-derived) not snapshot-ccs-mgmt (cluster-name-derived). G-BL-SNAPSHOT-ALIAS.
isPermissionSnapshotCurrent now tries snapshot-{clusterRef} first then falls
back to snapshot-management, matching Guardian's naming convention for the
management cluster self-import case.
buildPackDeployJob was using a hardcoded conductorImageDefault
("conductor-execute:dev") instead of reading the RunnerConfig's
spec.runnerImage. Changed buildPackDeployJob to accept runnerImage
parameter; call site reads it from RunnerConfig in ont-system with
conductorImageDefault as fallback.
cmd/wrapper/main.go: LeaderElectionID was "wrapper-leader"; corrected to "dispatcher-leader" per post-migration naming. config/crd/: add generated seam.ontai.dev CRD manifests for PackDelivery, PackExecution, PackInstalled, PackLog, PackReceipt. api/seam/v1alpha1/zz_generated.deepcopy.go: regenerated deep copy.
…mespaces constants
Eliminates all hardcoded namespace strings from dispatcher controllers
per Governor invariant 2026-05-20: never hardcode namespaces in code.
Key fix: PackDelivery lookup now uses pe.Namespace (seam-tenant-{clusterRef})
instead of hardcoded seam-system. This was the root cause of TC-MC-2
failing when PackDelivery was correctly placed in the tenant namespace.
- packexecution_reconciler.go: 8 literals replaced with namespaces.* calls
- clusterpack_reconciler.go: 3 literals replaced; removed unused strings import
- packinstance_reconciler.go: 1 literal replaced
- identity/identity.go: 2 literals replaced
- Tests updated: capabilities format changed from []CapabilityEntry to []string;
PackDelivery namespace in test fixtures aligned with PackExecution namespace
… for lineage label
- clusterpack_reconciler: SetDescendantLabels on new PackExecution using
IndexName("PackDelivery", cp.Name) so the descendant registry lookup resolves
to the correct LineageRecord (packdelivery-{name} not packexecution-{name})
- packexecution_reconciler: same fix for PackInstalled label at reconcile time
- helpers_test: fix RunnerCapabilityEntry format from plain string to
map[string]interface{}{"name":...} matching the seam type definition
- packinstance_lifecycle_test: add TestPackInstalled_LineageLabelUsesPackDeliveryName
verifying the root-ili label value (unblocks TC-MC-13, TC-MC-23)
- packexecution_reconciler_test: same RunnerCapabilityEntry format fix
…n-wis # Conflicts: # api/seam/v1alpha1/packinstalled_types.go # api/seam/v1alpha1/packlog_types.go # api/seam/v1alpha1/zz_generated.deepcopy.go # cmd/wrapper/main.go # config/crd/bases/seam.ontai.dev_packdeliveries.yaml # config/crd/infrastructure.ontai.dev_infrastructureclusterpacks.yaml # config/crd/seam.ontai.dev_packdeliveries.yaml # config/crd/seam.ontai.dev_packinstalleds.yaml # internal/controller/clusterpack_reconciler.go # internal/controller/packexecution_reconciler.go # internal/controller/packinstance_reconciler.go
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
clusterpack_reconciler.goandpackexecution_reconciler.gonow setinfrastructure.ontai.dev/root-ilitopackdelivery-{name}(usinglineage.IndexName("PackDelivery", ...)) on created PackExecution and PackInstalled CRs. Previous value waspackexecution-{name}which caused the seam DescendantReconciler to look up a non-existent LineageRecord.TestPackInstalled_LineageLabelUsesPackDeliveryNameverifies the corrected label value.newRunnerConfig()helpers updated from string capability format tomap[string]interface{}{"name": "pack-deploy"}matching theRunnerCapabilityEntrytype. Unblocks TC-MC-13, TC-MC-23.Test plan
go test ./...-- all pass