Reorder: Phase 1c before 1b (refactor first, then review/lint + full re-verify)
1c (full git reproducibility: cc-ci-secrets split, cert-in-sops, genuine D8 live rebuild) now runs before 1b. This way 1b's review/lint and its final cold re-verification of all D1-D10 cover the final refactored state (incl. the secrets split) and the genuine post-1c D8 — rather than reviewing pre-refactor code and re-verifying a flawed D8. Updated status lines in 1b/1c and the README ordering. Sequence: 1 -> 1c -> 1b -> 2 -> 2b -> 3. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
@ -15,8 +15,8 @@ autonomous Claude loops (a Builder and an adversarial Reviewer) running over day
|
||||
| File | Purpose |
|
||||
|---|---|
|
||||
| `plan.md` | The Phase-1 plan (build the CI server). Agents treat it as their single source of truth. |
|
||||
| `plan-phase1b-review-lint.md` | **Phase 1b** (bounded pass at the end of Phase 1): deterministic linting/formatting in CI + a white-box review checklist (real tests, DRY harness, idempotent Nix, no footguns/secrets). |
|
||||
| `plan-phase1c-full-reproducibility.md` | **Phase 1c**: make the VM fully reproducible from git (all secrets incl. the wildcard cert in sops, in a separate private `cc-ci-secrets` repo as a flake input; base stays well-parameterized) and do the **genuine throwaway-VM live rebuild** to close D8 honestly (the "infeasible by design" was overstated). |
|
||||
| `plan-phase1c-full-reproducibility.md` | **Phase 1c** (runs first): make the VM fully reproducible from git (all secrets incl. the wildcard cert in sops, in a separate private `cc-ci-secrets` repo as a flake input; base stays well-parameterized) and do the **genuine throwaway-VM live rebuild** to close D8 honestly (the "infeasible by design" was overstated). |
|
||||
| `plan-phase1b-review-lint.md` | **Phase 1b** (after 1c): deterministic linting/formatting in CI + a white-box review checklist (real tests, DRY harness, idempotent Nix, no footguns/secrets), ending in a full cold re-verification of all D1–D10 — now covering 1c's refactor. |
|
||||
| `plan-phase2-recipe-tests.md` | **Phase 2** (after Phase 1b): author comprehensive per-recipe tests — port every recipe-maintainer test + ≥2 recipe-specific tests per app. |
|
||||
| `plan-phase2b-test-performance.md` | **Phase 2b** (after Phase 2, before Phase 3): empirically measure where test time goes and reduce it (image cache, readiness tuning, dedup deploys, warm infra, concurrency) — no weakened tests. |
|
||||
| `plan-phase3-results-ux.md` | **Phase 3** (after Phase 2b): beautiful YunoHost-style results — per-run **level**, image-forward PR comment (badge + summary card + app screenshot), polished dashboard. |
|
||||
|
||||
@ -1,10 +1,12 @@
|
||||
# cc-ci Phase 1b — Review & lint pass (Autonomous Build Plan)
|
||||
|
||||
**Status:** QUEUED — a **bounded** pass that runs after Phase 1 (`plan.md`) reaches `## DONE`, and
|
||||
**before** Phase 2 (`plan-phase2-recipe-tests.md`).
|
||||
**Status:** QUEUED — a **bounded** pass that runs after Phase 1 **and Phase 1c**
|
||||
(`plan-phase1c-full-reproducibility.md`), and **before** Phase 2 (`plan-phase2-recipe-tests.md`). It
|
||||
runs *after* 1c on purpose: the review/lint + full D1–D10 re-verification then covers the final,
|
||||
refactored state (the `cc-ci-secrets` split, cert-in-sops, the genuine D8 live rebuild).
|
||||
**Transition:** **manual** (operator kicks it off).
|
||||
**Builds on:** the complete Phase-1 codebase (flake/modules, `runner/` + harness, the comment-bridge,
|
||||
dashboard, scripts, the first recipes' tests, docs).
|
||||
**Builds on:** the complete post-1c codebase (flake/modules, `runner/` + harness, the comment-bridge,
|
||||
dashboard, scripts, the first recipes' tests, the `cc-ci-secrets` split, docs).
|
||||
**Owner agents:** same Builder + Adversary loops (`plan.md` §6/§7). Here the Adversary also acts as
|
||||
**white-box reviewer** (reads the code, not just black-box behavior).
|
||||
**This file's path:** `/srv/cc-ci/cc-ci-plan/plan-phase1b-review-lint.md`
|
||||
|
||||
@ -1,7 +1,8 @@
|
||||
# cc-ci Phase 1c — Full git reproducibility + genuine D8 live rebuild (Autonomous Build Plan)
|
||||
|
||||
**Status:** QUEUED — runs after Phase 1 (`plan.md`); pairs with Phase 1b (review/lint). **Manual**
|
||||
transition. **Driven by the Builder + Adversary loops** (same protocol as `plan.md` §6/§6.1/§7) —
|
||||
**Status:** QUEUED — runs after Phase 1 (`plan.md`) and **before Phase 1b** (review/lint), so the
|
||||
review/lint pass covers this refactor and its final cold re-verification proves the genuine
|
||||
(post-1c) D8. **Manual** transition. **Driven by the Builder + Adversary loops** (same protocol as `plan.md` §6/§6.1/§7) —
|
||||
the orchestrator does NOT do this; the loops do, and the Adversary independently re-proves it cold.
|
||||
**This file's path:** `/srv/cc-ci/cc-ci-plan/plan-phase1c-full-reproducibility.md`
|
||||
|
||||
|
||||
Reference in New Issue
Block a user