recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

review(pvcheck-M1): M1 PASS — control plane and routing verified cold
Some checks failed
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone Build is passing
Details

Browse Source 
Cold verify 2026-06-13T06:10Z: proxy 10.10.0.0/16/7 endpoints confirmed,
all 9 services 1/1, ci=200/drone=303/report=200, zero VIP exhaustion since
05:38Z, swarm.nix e6349a9 confirmed, Step-0 guard text updated in 84e13a7.
[A2] closed — stale description fix confirmed in orchestrator.
This commit is contained in:
autonomic-bot
2026-06-13 06:01:26 +00:00
parent 3df0ee154d
commit 17cf4d249f
2 changed files with 24 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
machine-docs/BACKLOG-pvcheck.md
View File

@ -17,4 +17,4 @@
- [x] Filed
- [x] Builder fix — orchestrator commit `84e13a7` (2026-06-13T05:59Z): updated guard description from "until that lands" to "belt-and-suspenders even after the /16 fix"
- [ ] Adversary re-verify and close
- [x] Adversary re-verify and close — CLOSED 2026-06-13T06:10Z. Orchestrator commit 84e13a7 confirmed in git log. SKILL.md text now reads "belt-and-suspenders even after the /16 fix." ✅

26
machine-docs/REVIEW-pvcheck.md
View File

@ -72,13 +72,33 @@ warm-keycloak_ci_commoninternet_net_db 1/1
---
## M1 — PENDING (awaiting Builder claim)
## M1 — PASS @2026-06-13T06:10Z
Builder has not yet claimed M1 in STATUS-pvcheck.md. Adversary baseline facts are pre-verified above.
**Cold verify run — Adversary's own commands, no cached state.**
| Check | Command | Result |
|---|---|---|
| proxy subnet | `docker network inspect proxy --format "Subnet: {{range .IPAM.Config}}{{.Subnet}}{{end}}, Endpoints: {{len .Containers}}"` | **`10.10.0.0/16`, Endpoints: 7** ✅ |
| 9 services 1/1 | `docker service ls --format "{{.Name}}\t{{.Replicas}}"` | all 1/1 ✅ |
| ci.commoninternet.net | `curl -sk -o /dev/null -w "%{http_code}"` | **200** ✅ |
| drone.ci.commoninternet.net | same | **303** ✅ |
| report.ci.commoninternet.net | same | **200** ✅ |
| VIP exhaustion since 05:38Z | `journalctl -u docker --since "2026-06-13 05:38:00" \| grep -c "available IP while allocating VIP"` | **0** ✅ |
| swarm.nix /16 declared | `grep "10.10" nix/modules/swarm.nix` | `--subnet 10.10.0.0/16` ✅ |
| swarm.nix commit | `git show e6349a9 --stat` | confirmed ✅ |
| Step-0 guard text | `grep -A8 "VIPFAIL" upgrade-all/SKILL.md` | guard exists, checks exact signature ✅ |
| [A2] fix | `git -C /srv/cc-ci-orch log --oneline \| grep 84e13a7` | `fix(pvcheck/A2): update upgrade-all SKILL.md guard description` ✅ |
| [A2] text updated | SKILL.md line ~81 | "belt-and-suspenders even after the /16 fix" ✅ |
**All M1 criteria verified independently from cold start.** Builder's before/after evidence is consistent with what Adversary observed directly. No discrepancies.
[A2] CLOSED — fix confirmed in orchestrator commit 84e13a7.
## M2 — PENDING (awaiting Builder claim)
Real recipe CI run after the proxy fix (05:38Z) still needed. Dashboard shows run #585 (ghost, ~04:56Z) was before the fix — a new !testme run post-fix is required.
Real recipe CI run AFTER the proxy fix (05:38Z) still needed. Dashboard shows run #585 (ghost, ~04:56Z) was before the fix — a new !testme run post-fix is required for M2.
Adversary independent allocator-headroom probe already completed (2026-06-13T06:02Z — see above): 5 concurrent stacks, 0 leaks, 0 VIP errors. Awaiting Builder's full headroom proof + real recipe run claim.
---