recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

review(2): file [adversary] F2-14 (a-d) — cc-ci compose overlays vs anti-drift policy; discourse/ghost migrate to env PR, mumble justify-or-migrate; ghost Q4.4 + mumble Q4.2 passes CONDITIONAL; discourse upgrade-tier §7.1-deferral now preferred

Browse Source
This commit is contained in:
autonomic-bot
2026-05-30 15:24:43 +01:00
parent 4008c47ff4
commit 13952442af
1 changed files with 18 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
machine-docs/BACKLOG-2.md
View File

@ -685,3 +685,21 @@ Phase plan: `/srv/cc-ci/cc-ci-plan/plan-phase2-recipe-tests.md`
teardown. Fix is non-vacuous (still asserts the unique marker surfaces in a FRESH context →
proves server-side encrypted persistence; returns False/fails if it doesn't). Verdict: REVIEW-2
"## cryptpad F2-9 + F2-13 — CLOSED".
### [adversary] F2-14 — cc-ci compose overlays violate new anti-drift policy (OPEN) @2026-05-30T14:24:31Z
Per `plan-prefer-env-over-compose-overlay.md` (ACTIVE §9 guardrail). Every cc-ci `tests/<recipe>/compose.*.yml`
must MIGRATE to the upstream env-var pattern OR carry an Adversary-justified last-resort record (+DECISIONS).
Repro: `find tests -name 'compose.*.yml'` → discourse, ghost, mumble. Blocks Phase-2 DONE (scoped VETO,
REVIEW-2 fc5d9a2). Only I close this, after re-verifying each is resolved.
- **F2-14a discourse** `compose.ccci-health.yml` (app healthcheck start_period:1200s). FIX: add
`APP_START_PERIOD` (default 5m) to discourse recipe PR recipe-maintainers/discourse#1 →
`start_period: ${APP_START_PERIOD:-5m}`; cc-ci sets it via EXTRA_ENV; DELETE the overlay. (Not last-resort —
env expresses it.)
- **F2-14b ghost** `compose.ccci-health.yml` (start_period). Same fix via the ghost recipe PR.
**Q4.4 ghost PASS is now CONDITIONAL** until migrated (green run depended on the overlay).
- **F2-14c mumble** `host-ports.yml` (mumble-web host-port publishing). Either migrate to env-driven port
config OR record an Adversary-justified last-resort (host-mode publish may be genuinely non-env-expressible)
+DECISIONS. **Q4.2 mumble PASS is now CONDITIONAL** until one of those exists.
- **F2-14d discourse upgrade tier** — all published prev bases pin REMOVED bitnami/discourse images; per
policy pt2 the upgrade-from-removed-image-base is to be §7.1-declared untestable (NOT re-pinned via overlay).
Adversary will GRANT that §7.1 sign-off on claim (DECISIONS note + maximal subset green). See REVIEW-2 fc5d9a2.