DONE(1e): Phase 1e complete — HC1-HC4 all Adversary cold-verified PASS, NO VETO
build #155 (own !testme on custom-html PR#2): head_ref=db9a9502 == chaos-version=db9a9502 (1.10.0→1.13.0), additive generic+overlay both ran (8 assertions PASS), HC2 default-deny held under load, deploy-count=1, teardown sacred, D6 secret-leak grep 0/58. F1e-1 CLOSED. F1e-2 pre-existing (not a 1e regression). The generic-harness corrections are landed; foundation ready for Phase 2. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
@ -154,3 +154,20 @@ Next: confirm opt-out result, claim E1/HC3 gate, then E2 (HC1 chaos-to-PR-head).
|
||||
evolutions documented in DECISIONS. F1e-2 (concurrent recipe-fetch race) is pre-existing in 1d
|
||||
(Adversary's own framing: "not blocking E1"; Drone MAX_TESTS=1 bounds practical impact) — not a 1e
|
||||
regression, tracked for future. Awaiting Adversary cold-verify of HC4 to write ## DONE.
|
||||
|
||||
## 2026-05-28 — ## DONE (HC4 PASS, NO VETO; all four HC items cold-verified within 24 h)
|
||||
- Adversary cold-verified HC4 (REVIEW-1e "Final E1/HC3 verdict ... PASS. NO VETO") via build **#155**
|
||||
— own `!testme` on `recipe-maintainers/custom-html` PR#2, full production chain
|
||||
bridge→Drone→runner. Highlights:
|
||||
- D1 latency: 9 s comment→build trigger; dedup + auth clean; PR comment reflection ✅.
|
||||
- HC1 live: `upgrade→PR-head: head_ref=db9a9502 chaos-version=db9a9502 version=1.10.0+1.28.0
|
||||
→1.13.0+1.31.1`. Full-sha match — `$REF` flowed bridge→Drone→runner→re-checkout→chaos correctly.
|
||||
- HC3 additive in production: every tier ran BOTH generic + cc-ci overlay; 8 assertions PASSED.
|
||||
- HC2 default-deny under load: custom-html not on allowlist → cc-ci+generic only.
|
||||
- DG4.1: deploy-count=1; teardown sacred (no leftover stack/volume).
|
||||
- D6 secret-leak grep over the full build #155 log: 0/58 matches.
|
||||
- F1e-1 fix verified under real load: `test_backup_captures_state PASSED`.
|
||||
- F1e-2 confirmed pre-existing, not a 1e regression; bounded by `MAX_TESTS=1`; tracked for future.
|
||||
- All four HC items Adversary cold-verified PASS within 24 h:
|
||||
HC1 ✓ (7472561 + build #155) · HC2 ✓ (c7ae296) · HC3 ✓ (e75ec1b/6eabfdc) · HC4 ✓ (6397cd5 + #155).
|
||||
- Wrote `## DONE` to STATUS-1e.md. Builder loop stops; next is Phase 2.
|
||||
|
||||
@ -1,5 +1,33 @@
|
||||
# STATUS — Phase 1e (generic-harness corrections HC1–HC4)
|
||||
|
||||
## DONE
|
||||
**Phase 1e COMPLETE @2026-05-28.** All HC1–HC4 Adversary cold-verified PASS within 24 h, NO VETO
|
||||
(REVIEW-1e final summary). The Adversary explicitly cleared `## DONE` ("Builder may write `## DONE`").
|
||||
|
||||
- **HC1 ✓** (E2, commit 7472561): upgrade tier upgrades to PR-HEAD via `abra app deploy --chaos`;
|
||||
`assert_upgraded` requires `chaos-version == head_ref` (non-vacuous). Adversary cold-verified on
|
||||
custom-html + a monkey-patch probe; production build **#155** (own `!testme` on custom-html PR#2)
|
||||
showed `head_ref=db9a9502 == chaos-version=db9a9502`, version `1.10.0+1.28.0→1.13.0+1.31.1`,
|
||||
deploy-count=1. `$REF` flows bridge→Drone→runner→re-checkout→chaos correctly.
|
||||
- **HC2 ✓** (E0, commit c7ae296): repo-local default-deny via `tests/repo-local-approved.txt`;
|
||||
Adversary hostile-code probe + production build #155 (custom-html not on allowlist → cc-ci+generic
|
||||
only, no repo-local consulted under load).
|
||||
- **HC3 ✓** (E1 re-claim e75ec1b; F1e-1 fix 6eabfdc): generic runs additively alongside overlays;
|
||||
opt-out via `CCCI_SKIP_GENERIC[_OP]` / `recipe_meta.SKIP_GENERIC`; op runs ONCE; deploy-count=1.
|
||||
Production build #155: every tier ran BOTH `assert (generic)` and `assert (cc-ci)` (8 assertions
|
||||
PASSED across install/upgrade/backup/restore). **F1e-1 CLOSED** (Adversary fix-verified the
|
||||
`exec_in_app` poll+raise hardening on commit 6eabfdc).
|
||||
- **HC4 ✓** (E3, commit 6397cd5 + Adversary build #155): no regression — D1 trigger 9 s latency, D6
|
||||
secret-leak grep clean (0/58 patterns), DG4.1 deploy-count=1, teardown sacred (no leftover
|
||||
stack/volume), DG1–DG8 surface preserved or per DECISIONS-documented evolution. **F1e-2**
|
||||
(pre-existing concurrent `abra recipe fetch` race) confirmed not a 1e regression; tracked in
|
||||
BACKLOG-1e for breadth-ramp; not blocking DONE (Drone caps `MAX_TESTS=1`).
|
||||
|
||||
**The generic-harness corrections are landed and the foundation is ready for Phase 2.** Builder loop
|
||||
stops; next is Phase 2 (recipe-test authoring on top of this corrected harness).
|
||||
|
||||
---
|
||||
|
||||
**Phase plan (SSOT):** `/srv/cc-ci/cc-ci-plan/plan-phase1e-harness-corrections.md`
|
||||
**Loop state for THIS phase:** STATUS-1e / BACKLOG-1e / REVIEW-1e / JOURNAL-1e (DECISIONS.md shared).
|
||||
Phase-1/1b/1c/1d STATUS/BACKLOG/REVIEW files are HISTORY (1d DONE) — not this phase's state.
|
||||
@ -27,15 +55,11 @@ Three corrections, each Adversary cold-verified, no test weakened:
|
||||
- [x] **HC3** — generic runs alongside an overlay by default; skipped only with the opt-out set.
|
||||
Adversary PASS @2026-05-28 (re-claim commit e75ec1b; F1e-1 fix commit 6eabfdc; opt-out + default
|
||||
cold-verified, deploy-count=1, no assertion weakened).
|
||||
- [ ] **HC4** — no regression cold-verified; deploy-once + teardown still sacred.
|
||||
Builder CLAIM @2026-05-28: deploy-once + teardown explicitly preserved/exercised by EVERY HC1
|
||||
and HC3 Adversary run (deploy-count=1 + clean teardown in both Adversary's and Builder's e2e);
|
||||
no assertion weakened (preserved in code + Adversary-verified per HC3 PASS); bridge/Drone/
|
||||
orchestrator-trigger path UNCHANGED from Phase 1d (DG6 PASS still holds); D1–D10 / DG1–DG8
|
||||
either preserved verbatim or intentionally evolved per the three HC corrections (HC2 default-
|
||||
denies repo-local execution per DECISIONS — documented behaviour change, not regression; HC3
|
||||
makes layering additive, HC1 makes upgrade chaos-to-PR-head — both per DECISIONS). Awaiting
|
||||
Adversary cold-verify (likely a `!testme` on a real PR + the secret-leak grep).
|
||||
- [x] **HC4** — no regression cold-verified; deploy-once + teardown still sacred.
|
||||
Adversary PASS @2026-05-28 (build #155, own `!testme` on custom-html PR#2): D1 trigger 9 s, HC1
|
||||
live (`head_ref=db9a9502 == chaos-version=db9a9502`), HC3 additive in production (both generic
|
||||
and overlay tiers ran, 8 assertions PASSED), HC2 default-deny under load, deploy-count=1,
|
||||
teardown sacred, D6 secret-leak grep clean (0/58). F1e-2 not a 1e regression.
|
||||
|
||||
## Milestones (plan §3)
|
||||
- **E0** — HC2 trust gate (allowlist, default-deny). *Accept: repo-local ignored unless approved.*
|
||||
@ -44,11 +68,13 @@ Three corrections, each Adversary cold-verified, no test weakened:
|
||||
- **E3** — HC4 cold re-verification + docs → DONE.
|
||||
|
||||
## In flight
|
||||
(none) — E3 docs done in 7472561; gates HC1/HC2/HC3 all Adversary-PASS; HC4 CLAIMED. Awaiting
|
||||
Adversary cold-verify of HC4 → on PASS the Builder writes `## DONE`.
|
||||
(none) — **Phase 1e DONE.** See top.
|
||||
|
||||
## Gate
|
||||
**Gate: E3/HC4 — CLAIMED, awaiting Adversary @2026-05-28.** All three HC corrections are
|
||||
**Gate: E3/HC4 — Adversary PASS @2026-05-28** (build #155, custom-html PR#2; full Adversary
|
||||
production-pipeline verification — see REVIEW-1e "Final summary"). NO VETO.
|
||||
|
||||
**Gate: E3/HC4 — CLAIMED, awaiting Adversary @2026-05-28** (cleared by the PASS above). All three HC corrections are
|
||||
Adversary-PASS; no regression introduced (rationale per HC4 line in Definition-of-Done above):
|
||||
deploy-once + clean teardown demonstrated in every HC1 and HC3 cold run (deploy-count=1; no leftover
|
||||
stack/volume); no assertion weakened (already verified per HC3 PASS — overlays migrated to
|
||||
|
||||
Reference in New Issue
Block a user