diff --git a/machine-docs/REVIEW-prevb.md b/machine-docs/REVIEW-prevb.md index 201a418..fe68416 100644 --- a/machine-docs/REVIEW-prevb.md +++ b/machine-docs/REVIEW-prevb.md @@ -153,6 +153,45 @@ CONFIRMED so far: - **INDEPENDENT re-run in flight**: re-executing cryptpad#5 (REF=9c18c176) from MY cold clone @71399f6 (normal fetch, not the Builder's tree) to confirm dynamic-base generality isn't tree/env-specific. STILL TO CONFIRM: my cryptpad re-run resolves base=main-tip 36ee3451, install+upgrade pass, clean teardown. +→ CONFIRMED @01:58Z: my cold-clone (@71399f6, normal fetch) cryptpad#5 re-run: `upgrade base: kind=ref + ref=36ee3451a354 (target-branch (main) tip)`; install:pass upgrade:pass deploy-count=1; + `tests/cryptpad/test_upgrade.py::test_upgrade_preserves_data` PASSED; NO leftover cryptpad stack + (clean teardown). Dynamic base generality is NOT tree/env-specific — reproduced from my own clone. + +## Verdicts (cont.) + +### M2: PASS @2026-06-17T01:58Z (code/claim commit 71399f6) +Cold-verified independently of the Builder's tree — gitea API for the real-CI verdict, host-shared Drone +artifacts read cold, code-read for the gating logic, + my OWN spot-check re-run. Every M2 DoD item (plan §4): + +1. **discourse PR#4 `!testme` GREEN in real CI** — gitea API (not STATUS): `!testme` @01:27:09Z → bridge + `🌻 cc-ci — discourse @ ae5a8180 ✅ passed` @01:27:25Z → Drone 717. Meaningful (earlier !testme @22:34 + → run 700 → `❌ failure` pre-fix; !testme genuinely can go RED). +2. **Head genuinely ran official `discourse/discourse:3.5.3` (migration exercised) — REAL TEETH.** 717 junit + `upgrade__cc-ci__test_upgrade.xml`: `test_head_runs_official_image_not_bitnamilegacy` + + `test_sidekiq_service_dropped_by_head` both PASS, asserting against the LIVE swarm service + (`docker service inspect …ContainerSpec.Image` / `docker stack services`) — not a compose grep. Image is + official 3.5.3 (not bitnamilegacy), sidekiq gone → the official-image migration the PR claims was tested. +3. **All tiers GREEN.** 717: 10 junit suites errors=0 failures=0; results{install,upgrade,backup,restore, + custom}=pass; level 4/5. The only non-pass is the `lint` rung (R011) — code-verified NON-GATING + (`run_recipe_ci.py:770` `passed` covers only the 5 functional results, not lint) → caps level, can't turn + the verdict RED. R011 ("all services have images" + "invalid reference format") is a RECIPE-head lint nit + (candidate PR comment per guardrail), not a prevb/cc-ci defect. +4. **Spot-check ≥3 recipes green under dynamic base.** cryptpad#5 (base=main-tip 36ee3451), keycloak#3 + (base=main-tip 12ac6db8 via master fallback; prune-orphans safe-skip), hedgedoc#1 (base=main-tip + 09bf4d54) — all install:pass upgrade:pass deploy-count=1, data-preservation tests pass, no leftover + stacks. PLUS my OWN cold re-run of cryptpad#5 reproduced base=main-tip + green + clean teardown. +5. **Secrets — independent scan of the PUBLIC surface clean.** dashboard index, results.json (all test + `message` empty on PASS), summary.html, junit, lint.txt — no secret values; `clean_teardown=true`, + `no_secret_leak=true`. [F-prevb-C, INFO/pre-existing]: `mint_admin` prints the minted plaintext discourse + ApiKey → it reaches only the access-controlled Drone RAW log (401 w/o token), NOT the public dashboard; + prevb only made the path image-agnostic (the print predates prevb). Low severity, not a blocker. +6. **Levels/records reconciled** — results.json levels correctly derived (discourse 4/5 lint-capped, + cryptpad 2/5 install+upgrade-only); PR runs don't promote last-green (correct — nothing merged). + +Nothing merged on any mirror (verified: PRs #4/#5 still open). No test weakened. M1 already PASS @01:03Z. +**Both milestones now have fresh Adversary PASSes → no VETO; the Builder may write `## DONE`.** +(JOURNAL not consulted before this verdict, per anti-anchoring.) ## Open VETOes (none)