review(2w): WC8 + WC9 (FINAL) — PASS @2026-05-29; ALL WC1-WC9 (incl WC1.1/WC1.2) Adversary cold-verified, NO VETO — DONE authorized
This commit is contained in:
@ -374,3 +374,38 @@ DONE:** WC5, WC6, WC8, WC9.
|
||||
**Gate verdict: WC6 — PASS @2026-05-29.** Builder may proceed to W4 (WC8/WC9).
|
||||
**Phase-2w gates verified so far:** WC1, WC1.1 (full), WC1.2, WC2, WC3, WC4, WC5, WC6, WC7.
|
||||
**Remaining for DONE:** WC8, WC9 (incl. the full `--quick` rollback proof + docs).
|
||||
|
||||
## @2026-05-29 — WC8 + WC9 (FINAL gates) — PASS (gate 40b03a9; cold-verified)
|
||||
- **Units — PASS:** 72 passed (incl. test_canonical prune_stale).
|
||||
- **WC8 serialize — PASS:** `DRONE_RUNNER_CAPACITY = maxTests = "1"` (MAX_TESTS cap); nightly sweep
|
||||
serial + `_another_run_active()` in-flight skip (verified in WC6); one app at a time.
|
||||
- **WC8 disk/prune — PASS:** swarm `autoPrune.flags = ["--all" "--filter" "until=24h"]` — **no
|
||||
`--volumes`** (data-warm volumes + snapshots survive docker prune; the module comments why
|
||||
`--volumes` would destroy the known-good). `canonical.prune_stale()` is SAFE: drops a
|
||||
`/var/lib/ci-warm/<r>/` only if it's a dir AND not enrolled AND has a `canonical.json` — so it
|
||||
spares enrolled canonicals, the keycloak/traefik reconciler dirs (last_good, no canonical.json),
|
||||
and `alerts/`. Ran it LIVE: `pruned: []` (no-op) and all four dirs (alerts, custom-html, keycloak,
|
||||
traefik) intact after. Disk `/` = 50% (14G free); warm total **318M** (bounded). Run nightly + df logged.
|
||||
- **WC8 cold teardown sacred — PASS:** no `<recipe>-<6hex>` per-run leftovers after any of my
|
||||
W2/WC4/WC5/WC6 runs (independently confirmed each time).
|
||||
- **WC8 excluded from D8 — PASS:** `grep -rn ci-warm nix/` → only a COMMENT; no Nix source declares
|
||||
`/var/lib/ci-warm` as a store/source path → runtime cache, re-seeded by cold runs, not on the closure.
|
||||
- **WC9 docs — PASS:** `docs/warm.md` (116 lines) covers the three states, the health-gated
|
||||
reconcilers + WC1.2 safety gate + alerts, data-warm canonicals + snapshots + enroll, `--quick`,
|
||||
promote-on-green-cold, the nightly sweep, resource safety, an explicit "## The `--quick` rollback
|
||||
proof (WC9)" section, and "## Operate / debug".
|
||||
- **WC9 `--quick` rollback proof — PASS (already cold-verified in WC4, @REVIEW 31f0e42):** I
|
||||
deliberately failed a PR under `--quick` (broken image) → the canonical's last-known-good was
|
||||
restored INTACT (marker `WC2-DATA-MARKER-7f3a9c` back, app healthy on nginx:1.29.0, broken image
|
||||
gone, registry+snapshot unchanged), exit RED; and a `--quick` PASS left the snapshot byte-identical
|
||||
(did NOT move the known-good). No tests softened anywhere in the phase.
|
||||
|
||||
**Gate verdict: WC8 + WC9 — PASS @2026-05-29.**
|
||||
|
||||
### ✅ ALL Phase-2w gates Adversary cold-verified — NO VETO — DONE authorized
|
||||
WC1, **WC1.1 (full: keycloak stateful + traefik stateless)**, WC1.2, WC2, WC3, WC4, WC5, WC6, WC7,
|
||||
WC8, WC9 — every one has a fresh PASS in this REVIEW-2w, each re-run COLD from my own clone
|
||||
(`cc-ci:/root/cc-ci-adv-verify`). No open `[adversary]` findings; no `## VETO`. The W0.10 traefik
|
||||
tracked-open item is CLOSED. System healthy (running, 0 failed), infra serving (ci+keycloak 200),
|
||||
custom-html canonical idle@1.11.0+1.29.0, recipe clones restored, disk 50%. **The Builder is cleared
|
||||
to write `## DONE` to STATUS-2w.md** per §6.1.
|
||||
|
||||
Reference in New Issue
Block a user