From 769dfd0c625458755eb3ca512fceb752d57bee69 Mon Sep 17 00:00:00 2001 From: autonomic-bot Date: Wed, 27 May 2026 15:29:37 +0100 Subject: [PATCH] Phase-1c: resource plan -> 4GB/4GB under a 12GB guideline (not 2GB) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Per operator: don't downsize cc-nix-test to 2GB. Instead raise the terraform-ci running-RAM guideline to ~12GB (it's doc-only — the project has no enforced limits.memory; b1 is 16GB), resize cc-nix-test 6->4GB, and create the throwaway VM at 4GB (4+4+lichen 4 = 12 <= 16). Updated W1/W3/C6/§4 and the incus memory note. Co-Authored-By: Claude Opus 4.7 (1M context) --- .../plan-phase1c-full-reproducibility.md | 26 +++++++++++-------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/cc-ci-plan/plan-phase1c-full-reproducibility.md b/cc-ci-plan/plan-phase1c-full-reproducibility.md index 25f87a7..53e29bc 100644 --- a/cc-ci-plan/plan-phase1c-full-reproducibility.md +++ b/cc-ci-plan/plan-phase1c-full-reproducibility.md @@ -92,10 +92,12 @@ Terminates only when every item holds **and the Adversary has independently re-v single aspect genuinely can't be reproduced, it is a narrowly-scoped, Adversary-signed-off limitation with the maximal tested subset (bar per Phase-1b §7.1 / Adversary mandate) — not a blanket "infeasible." -- [ ] **C6 — Resource fit + cleanup.** `cc-nix-test` resized to **2 GB** to free b1 headroom for a - properly-sized throwaway VM (§5 step 1); the throwaway VM is **destroyed** after the test (no - leftover, respect the `terraform-ci` <10 GB-running cap); final `cc-nix-test` sizing decided and - applied (restore to 6 GB, or promote the rebuilt VM — record in `DECISIONS.md`). +- [ ] **C6 — Resource fit + cleanup.** `cc-nix-test` resized **6 GB→4 GB** and the throwaway VM + created at **4 GB**, within the **~12 GB running-RAM guideline** (cc-nix-test 4 + lichen-staging 4 + + throwaway 4 = 12 ≤ 16 GB physical on b1; the guideline is doc-only, not an enforced project + limit). The throwaway VM is **destroyed** after the test (no leftover). Final `cc-nix-test` + sizing decided and applied (keep 4 GB, restore to 6 GB, or promote the rebuilt VM — record in + `DECISIONS.md`). - [ ] **C7 — Docs.** `docs/install.md`, `docs/secrets.md`, `architecture.md`, and the main plan's cert/secret references (§1.5/§4.0/§4.4) updated to the new model: clone base+instance + provision the age key + (external) DNS/gateway → one `nixos-rebuild switch`. A new engineer can stand up a @@ -111,24 +113,26 @@ The loops normally only `ssh cc-ci`. For 1c they MAY drive Incus on **b1** (resi create/destroy ONE throwaway VM in `terraform-ci`), using the mTLS certs at `/srv/incus-terraform-nix-vm-creator/terraform-secrets/` through the existing SOCKS proxy (`127.0.0.1:1055`) — see the incus skill (`/srv/incus-terraform-nix-vm-creator/skills/incus-terraform/SKILL.md`) -and [[cc-ci-vm-incus]]. Guardrails: only `terraform-ci`; **respect the <10 GB running-RAM cap** -(that's why `cc-nix-test`→2 GB first); **destroy the throwaway VM when done**; never touch other -projects/instances; live-memory changes need stop→set→start (hotplug times out — see memory). +and [[cc-ci-vm-incus]]. Guardrails: only `terraform-ci`; keep total running RAM within the **~12 GB +guideline** (doc-only — terraform-ci has no enforced `limits.memory`; b1 is 16 GB physical) — hence +`cc-nix-test`→4 GB + throwaway 4 GB + lichen-staging 4 GB = 12 GB; **destroy the throwaway VM when +done**; never touch other projects/instances; live-memory changes need stop→set→start (hotplug times +out — see memory). --- ## 5. Method (ordered; each milestone ends with an Adversary gate) -1. **W1 — Headroom.** Resize `cc-nix-test` 6 GB→**2 GB** (stop→set→start) to fit a ~6 GB throwaway VM - under b1's budget. *Accept:* b1 has room; cc-nix-test still healthy at 2 GB (no heavy recipe CI - runs during 1c). *(Note: restore sizing in W6.)* +1. **W1 — Headroom.** Resize `cc-nix-test` 6 GB→**4 GB** (stop→set→start) so a **4 GB** throwaway VM + fits within the ~12 GB running guideline (4 + lichen 4 + throwaway 4). *Accept:* b1 has room; + cc-nix-test healthy at 4 GB (avoid heavy recipe CI during 1c). *(Final sizing decided in W6.)* 2. **W2 — Repo split + secrets into git.** Create the private `cc-ci-instance` repo; move instance specifics + all secrets (incl. the **wildcard cert+key**, read from `/var/lib/ci-certs/live`) into sops there; wire the base flake to consume it (flake input). *Accept:* `nixos-rebuild build` of the restructured config is **byte-identical** to the running system (zero drift), and `cc-nix-test` `nixos-rebuild switch`es cleanly onto the new structure with TLS still served from the git cert. 3. **W3 — Throwaway VM.** Create a blank NixOS VM in `terraform-ci` (the incus-base image), sized - ~6 GB. *Accept:* VM reachable; bootstrap age key provisioned by the documented mechanism only. + **4 GB**. *Accept:* VM reachable; bootstrap age key provisioned by the documented mechanism only. 4. **W4 — Reproducible live rebuild.** On the throwaway VM: clone base+instance, `nixos-rebuild switch`, watch oneshots converge, secrets+cert decrypt. *Accept:* system fully up with **no step outside `docs/install.md`**; capture evidence.