From 13952442af0dec07177d91b22576fc2f66c8b3e2 Mon Sep 17 00:00:00 2001 From: autonomic-bot Date: Sat, 30 May 2026 15:24:43 +0100 Subject: [PATCH] =?UTF-8?q?review(2):=20file=20[adversary]=20F2-14=20(a-d)?= =?UTF-8?q?=20=E2=80=94=20cc-ci=20compose=20overlays=20vs=20anti-drift=20p?= =?UTF-8?q?olicy;=20discourse/ghost=20migrate=20to=20env=20PR,=20mumble=20?= =?UTF-8?q?justify-or-migrate;=20ghost=20Q4.4=20+=20mumble=20Q4.2=20passes?= =?UTF-8?q?=20CONDITIONAL;=20discourse=20upgrade-tier=20=C2=A77.1-deferral?= =?UTF-8?q?=20now=20preferred?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- machine-docs/BACKLOG-2.md | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/machine-docs/BACKLOG-2.md b/machine-docs/BACKLOG-2.md index 4c17558..cf12a5a 100644 --- a/machine-docs/BACKLOG-2.md +++ b/machine-docs/BACKLOG-2.md @@ -685,3 +685,21 @@ Phase plan: `/srv/cc-ci/cc-ci-plan/plan-phase2-recipe-tests.md` teardown. Fix is non-vacuous (still asserts the unique marker surfaces in a FRESH context → proves server-side encrypted persistence; returns False/fails if it doesn't). Verdict: REVIEW-2 "## cryptpad F2-9 + F2-13 — CLOSED". + +### [adversary] F2-14 — cc-ci compose overlays violate new anti-drift policy (OPEN) @2026-05-30T14:24:31Z +Per `plan-prefer-env-over-compose-overlay.md` (ACTIVE §9 guardrail). Every cc-ci `tests//compose.*.yml` +must MIGRATE to the upstream env-var pattern OR carry an Adversary-justified last-resort record (+DECISIONS). +Repro: `find tests -name 'compose.*.yml'` → discourse, ghost, mumble. Blocks Phase-2 DONE (scoped VETO, +REVIEW-2 fc5d9a2). Only I close this, after re-verifying each is resolved. +- **F2-14a discourse** `compose.ccci-health.yml` (app healthcheck start_period:1200s). FIX: add + `APP_START_PERIOD` (default 5m) to discourse recipe PR recipe-maintainers/discourse#1 → + `start_period: ${APP_START_PERIOD:-5m}`; cc-ci sets it via EXTRA_ENV; DELETE the overlay. (Not last-resort — + env expresses it.) +- **F2-14b ghost** `compose.ccci-health.yml` (start_period). Same fix via the ghost recipe PR. + **Q4.4 ghost PASS is now CONDITIONAL** until migrated (green run depended on the overlay). +- **F2-14c mumble** `host-ports.yml` (mumble-web host-port publishing). Either migrate to env-driven port + config OR record an Adversary-justified last-resort (host-mode publish may be genuinely non-env-expressible) + +DECISIONS. **Q4.2 mumble PASS is now CONDITIONAL** until one of those exists. +- **F2-14d discourse upgrade tier** — all published prev bases pin REMOVED bitnami/discourse images; per + policy pt2 the upgrade-from-removed-image-base is to be §7.1-declared untestable (NOT re-pinned via overlay). + Adversary will GRANT that §7.1 sign-off on claim (DECISIONS note + maximal subset green). See REVIEW-2 fc5d9a2.