v4 validation: live-test fixes + AAP bootstrap + report #3

Merged
anaeem merged 1 commit from final-pipeline-v3 into main 2026-05-21 17:15:38 +00:00
Owner

Follow-up to PR #2 with the live-validation findings, three small Jinja bug fixes surfaced by the run, plus playbooks/apply-v4-to-aap.yml (idempotent AAP bootstrap) and docs/V4_VALIDATION.md (capability comparison + PR #1 artefact).

Follow-up to PR #2 with the live-validation findings, three small Jinja bug fixes surfaced by the run, plus playbooks/apply-v4-to-aap.yml (idempotent AAP bootstrap) and docs/V4_VALIDATION.md (capability comparison + PR #1 artefact).
Bugs surfaced by running per-app-analyze.yml against real MTA + gitea:

* roles/pair_apps/tasks/pair_one.yml — `default([])` doesn't fire on
  null, only on undefined. When the MTA Application returned
  `identities: null` / `tags: null` / `binary: null`, the concat
  `existing + [{...}]` errored with "unsupported operand type(s) for +:
  NoneType and list". Switched to `default([], true)` for all three
  fields so explicit nulls are coerced to the fallback.

* playbooks/per-app-analyze.yml — three small fixes:
  - `app_slug!r` (Python repr syntax) replaced with a quoted literal.
  - `length > 0 | ternary(...)` operator precedence fixed by wrapping
    the comparison.
  - Added a `set_fact: app = ...` step to extract the per-app entry
    from `detected_applications[]` before render_manifests runs
    (fetch_facts_for_app appends to a list; render_manifests expects
    a singular `app`).

* roles/render_manifests/tasks/main.yml — runtime-rich fields
  (jvm/jdbc/keystores/external_connections/env_vars) live in
  `deep_inspection_results[app.id]`, not on the `app` entry itself.
  Updated the role to follow the same `_rm_deep = deep_inspection_results[app.id]`
  indirection generate_artifacts already uses, with `default([], true)`
  to handle nulls.

Added:
* playbooks/apply-v4-to-aap.yml — idempotent one-shot bootstrap that
  creates JT-perapp-analyze + JT-E fan_out and rewires the
  migration-discovery-e2e workflow on the AAP controller. Needs a
  controller-specific personal token (instructions in the docblock).
  Cannot be done from outside because AAP 2.5's gateway doesn't proxy
  /api/controller/v2/ and the controller rejects Basic auth.

* docs/V4_VALIDATION.md — live validation report with baseline vs
  post-run capability comparison. The full per-app loop (pair →
  analyze → fetch_facts → render → publish_bundle) was exercised
  end-to-end against id=71 (legacy-jboss-sample). PR #1 in
  anaeem/migration-targets is the artefact of the run.

Live verification highlights:
- 25/25 stale filesystem-path Application.binary entries cleared
- migration-targets gitea repo auto-created at 2026-05-21T17:11:34Z
- PR #1 opened (mergeable=true) at
  anaeem/migration-targets#1
- Hub Identity id=1 created (kind=source, gitea PAT) and attached to
  legacy-jboss-sample
- analyzer-status tag category + 3 tags bootstrapped on first call
- 6 K8s manifests + Containerfile rendered deterministically

The OpenRouter API key isn't set in this environment so the LLM
Containerfile step was skipped via `generate_artifacts_enabled=false`;
the Containerfile.starter (Jinja seed) was promoted to Containerfile.
With the OpenRouter key set, generate_artifacts runs normally.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
anaeem merged commit df7e5aacc9 into main 2026-05-21 17:15:38 +00:00
Sign in to join this conversation.
No reviewers
No labels
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
anaeem/ansible-collection-discovery!3
No description provided.