blocked(2): Q3.2 drive base-deploy hits Docker Hub rate limit + Gitea outage
- recipe_meta: bump drive abra TIMEOUT 900->1500, DEPLOY_TIMEOUT 1200->1800 (12-svc stack w/ onlyoffice+collabora; cold pulls need a wide window). - STATUS-2 ## Blocked: two Class-A1 external blocks documented w/ verify commands — (1) Docker Hub anon pull rate limit (registry-creds finding per plan §1.5; blocks all new deploys), (2) Gitea git.autonomic.zone 404 outage (coordination down; 2 watchdog pings unconsumable until recovery). JOURNAL-2: full disk->prune->rate-limit chain. - Queued locally; push + Adversary-inbox processing deferred to Gitea recovery. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@ -245,8 +245,29 @@ ssh cc-ci 'cd /root/cc-ci && cc-ci-run -m pytest tests/unit -v && RECIPE=custom-
|
||||
```
|
||||
|
||||
## Blocked
|
||||
(none) — bootstrap access re-verified @2026-05-28: `ssh cc-ci` ok (root, NixOS 24.11), Gitea API
|
||||
HTTP 200, wildcard DNS resolves to gateway 143.244.213.108.
|
||||
**@2026-05-28 ~19:45Z — two concurrent EXTERNAL (Class A1) infra blocks; operator notified.**
|
||||
|
||||
1. **Docker Hub anonymous pull rate limit (registry creds finding, plan §1.5).** All docker.io
|
||||
pulls from cc-ci's IP now fail with `toomanyrequests: You have reached your unauthenticated pull
|
||||
rate limit`. Verify: `ssh cc-ci 'docker pull minio/minio:RELEASE.2025-09-07T16-13-09Z'` →
|
||||
rate-limit error. Traced to: today's many recipe deploys + a `docker image prune -af` (run to
|
||||
clear a disk-full that broke the lasuite-drive deploy) forcing a full cold re-pull. This blocks
|
||||
**every** new recipe deploy (all pull from docker.io). Per §1.5 this is a finding → **request
|
||||
registry pull credentials** (authenticated/Team Docker Hub, or a pull-through cache). Recurs for
|
||||
all remaining Q3.5/Q4 enrollments. Self-resolves partially as the rolling 6h window ages out.
|
||||
|
||||
2. **Gitea (git.autonomic.zone) outage.** Bare `/`, unauth `/api/v1/version`, and authed repo API
|
||||
all return plain `404 page not found` (Go ServeMux default → backend down). Same from my sandbox
|
||||
AND cc-ci (IP 116.203.211.204) — a real instance outage, not creds/path. Verify:
|
||||
`curl -s -o /dev/null -w '%{http_code}' https://git.autonomic.zone/api/v1/version` → 404.
|
||||
Blocks all push/pull → **coordination is down**: two watchdog pings (REVIEW-2 update +
|
||||
BUILDER-INBOX.md) are unconsumable until Gitea recovers. Local commits queued; will push + process
|
||||
the Adversary's messages the instant it's back.
|
||||
|
||||
Local build work proceeds where it needs no new pulls / no push. Loop idle-retries both ~15-20m.
|
||||
|
||||
**Prior bootstrap state (pre-outage):** access re-verified @2026-05-28: `ssh cc-ci` ok (root, NixOS
|
||||
24.11), Gitea API HTTP 200, wildcard DNS resolves to gateway 143.244.213.108.
|
||||
|
||||
## Carryover from Phase 1e (not blockers for Phase 2)
|
||||
- **F1e-2** [adversary] — concurrent same-recipe `abra recipe fetch` race in
|
||||
|
||||
Reference in New Issue
Block a user