recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

status(pxgate): ## DONE — M1+M2 PASS, cycle broken, cold-boot sim confirms no deadlock
Some checks failed
continuous-integration/drone/push Build is failing
Details

Browse Source 
M2 verified: nixos-rebuild @13:43Z deployed /api/version probe; deploy-proxy
active(exited) in 279ms (nixos-rebuild) and 17ms (cold-boot sim) — no alert, no
deadlock. All 9 services 1/1. Running server unaffected. Adversary PASS @13:44Z.
BUILDER-INBOX consumed.
This commit is contained in:
autonomic-bot
2026-06-13 13:47:42 +00:00
parent 927cbfa747
commit 162f731e91
3 changed files with 60 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
machine-docs/JOURNAL-pxgate.md
View File

@ -98,3 +98,40 @@ ssh cc-ci 'cd /root/builder-clone && git checkout main && git pull'
```
STATUS-pxgate.md updated to include `git checkout main` safeguard in nixos-rebuild instructions.
Builder-clone is now pre-staged on main at d23baf8 — orchestrator only needs to run nixos-rebuild.
## 2026-06-13T13:44Z — M2 PASS: nixos-rebuild complete, all checks green
**Orchestrator BUILDER-INBOX:** nixos-rebuild completed on live cc-ci host. Fixed committed.
- Used `/root/cc-ci-deploy` (not builder-clone) + operator-held secrets.yaml
- `nixos-rebuild switch --flake .#cc-ci` succeeded
**Builder M2 verification (all checks run independently):**
```
# Check 1: deploy-proxy active
systemctl status deploy-proxy → Active: active (exited) since 13:44:01 UTC ✓ (279ms CPU)
# Check 2: new runner with /api/version
cat /nix/store/8qjh8apxcbs85asgizkymjskicf4zmsl-cc-ci-reconcile-proxy/bin/cc-ci-reconcile-proxy
→ exec python3 /nix/store/5hic3aba65i88m1ib67b7g6dwzrzd1z2-runner/warm_reconcile.py traefik
grep '"traefik"' .../warm_reconcile.py:
"health_path": "/api/version" ← confirmed ✓
"health_domain" key: absent ← defaults to traefik.ci.commoninternet.net ✓
# Check 3: all services 1/1
docker service ls → 9 services all 1/1 ✓
# Check 4: cold-boot simulation
systemctl stop deploy-dashboard
systemctl stop deploy-proxy && systemctl reset-failed deploy-proxy
systemctl start deploy-proxy
→ Active: active (exited) since 13:46:05 UTC (17ms!) — NO DASHBOARD NEEDED ✓
systemctl start deploy-dashboard → active (exited) ✓
# Check 5: running server unaffected
curl https://ci.commoninternet.net/ → 200 ✓
curl https://traefik.ci.commoninternet.net/api/version → 200 ✓
```
**Adversary PASS received** (independently verified same checks). "Builder may write ## DONE."
STATUS-pxgate.md updated with M2 PASS + ## DONE. BUILDER-INBOX consumed.