af1236202d
- F14: late_chase_risk_score 검증 * GAS가 유일한 생산처 (Python canonical 없음) * migration_action: KEEP_IN_GAS로 정정, status: DONE - F02/F03/F04/F06: priceBasis 로직 포팅 * formulas/price_basis_v1.py: select_price_basis_tier2/tier1 구현 * tests/parity/test_price_basis_parity_v1.py: 8 parity 테스트 (모두 PASS) * GAS Number.isFinite() 의미론 정확히 재현 (math.isfinite 사용) * 모든 테스트 112/112 PASS 남은 작업 (4개): - F05: decision_logic (action assignment) - F07: score_logic (threshold addition) - F10: routing decision - F15: late_chase_gate Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
3.5 KiB
3.5 KiB
Synology Snapshot Admin Final Execution One-Pager
Use this sheet on the NAS during the live verification run.
Goal
Confirm that snapshot_admin_server_v1.py runs on Synology with loopback binding, DSM reverse proxy exposure, and Basic Auth protection.
Required values
- Project root:
/volume1/projects/data_feed - Launcher:
/volume1/projects/data_feed/tools/run_snapshot_admin_synology.sh - Local URL:
http://127.0.0.1:8787/api/state - Public URL:
https://admin.example.com/api/state - Public UI URL:
https://admin.example.com/ - Public tables URL:
https://admin.example.com/tables
Execution order
- Start the service.
bash /volume1/projects/data_feed/tools/run_snapshot_admin_synology.sh start
- Confirm the healthcheck.
bash /volume1/projects/data_feed/tools/run_snapshot_admin_synology.sh healthcheck- Expected:
healthcheck ok
- Confirm local loopback.
curl -i http://127.0.0.1:8787/api/state- Expected:
200 OK - Expected JSON field:
version.app = snapshot-admin-web-v7
- Confirm unauthenticated external access.
curl -i https://admin.example.com/api/state- Expected:
401 Unauthorized - Expected header:
WWW-Authenticate: Basic
- Confirm authenticated external access.
curl -u 'snapshot-admin:<password>' https://admin.example.com/api/state- Expected:
200 OK - Expected same
version.appas local loopback
- Confirm tables page.
curl -i https://admin.example.com/tables- Expected:
200 OK - Expected: Tabler grid HTML
- Confirm browser render.
- Open
https://admin.example.com/ - Open
https://admin.example.com/tables - Expected: Basic Auth prompt, then render
- Open
- Confirm persistence.
- Restart the task or NAS
- Re-run steps 2-7
- Expected: identical response pattern after restart
Queue check
If the deployment workflow stays queued for more than a few minutes:
- Confirm the runner is registered with the host label.
RUNNER_LABEL=snapshot-admin-host- Re-register with
bash tools/re_register_act_runner_synology.shafter setting the registration token.
- Confirm the runner daemon is running.
bash tools/start_act_runner_synology.sh
- Confirm the queue target is the host runner label.
- Deploy workflow uses
runs-on: [self-hosted, snapshot-admin-host]
- Deploy workflow uses
- If another job is occupying the runner, wait for it to finish or cancel the stale workflow from Gitea.
- Re-dispatch
snapshot_admin_deploy.ymlafter the runner is idle.
Pass criteria
- Loopback
200confirmed. - External unauthenticated
401confirmed. - External authenticated
200confirmed. /and/tablesbrowser render confirmed.- Restart persistence confirmed.
- DSM reverse proxy and firewall screenshots archived.
Workflow success evidence
If you need the deploy-job proof from the NAS runner before the full external closeout:
healthcheckretried after startup and passed on the NAS runner.snapshot-admin-web-v6was returned by the deploy verification step.- The workflow finished with
Job succeeded.
This proves the deploy job can launch, wait for readiness, and validate locally on Synology. It does not replace the external reverse-proxy/browser closeout evidence above.
Do not close WBS-7.9 unless
- The
401/200curl pair is saved. - Both browser screenshots are saved.
- The DSM reverse proxy rule screenshot is saved.
- The completion wording in
docs/SYNOLOGY_SNAPSHOT_ADMIN_DEPLOYMENT_CHECKLIST.mdis used only after evidence is archived.