From 2c245c83c75d18fb4cd09bb528c31ce7717605d2 Mon Sep 17 00:00:00 2001 From: autonomic-bot Date: Fri, 29 May 2026 05:03:46 +0100 Subject: [PATCH] =?UTF-8?q?journal(2):=20Phase=202=20RESUMED=20post-2w=20?= =?UTF-8?q?=E2=80=94=20foundation=20re-confirmed=20(72=20unit=20+=20custom?= =?UTF-8?q?-html=20full=20e2e=20green),=20reference-corpus=20mapping,=20la?= =?UTF-8?q?suite-drive=20e2e=20in=20flight?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- machine-docs/JOURNAL-2.md | 46 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) diff --git a/machine-docs/JOURNAL-2.md b/machine-docs/JOURNAL-2.md index ef4467a..f98ca12 100644 --- a/machine-docs/JOURNAL-2.md +++ b/machine-docs/JOURNAL-2.md @@ -589,3 +589,49 @@ Full e2e (real deploy with a forced setup_custom_tests failure → observe overa the Docker Hub rate limit lifts; the unit + cold-real-test proofs cover the predicate, the conftest signal on real files, and the count flow — only the sequential read→sum→predicate→overall wiring is unexercised by a live run, and it's straight-line code. + +--- + +## 2026-05-29 — Phase 2 RESUMED after the 2w (warm-canonical) detour + +Builder loop resumed on Phase 2 (per-recipe test authoring). Phase 2w ran to DONE in the interim +(warm-canonical/quick); the 2w changes (`runner/warm*.py`, `canonical.py`, `nightly_sweep.py`, WC5 +promote-on-green-cold wired into `run_recipe_ci.main()`) are merged on origin/main HEAD `7b5ed9c`. + +**Re-orientation done this tick:** +- Adversary's last Phase-2 commit `7b5ed9c review(2)` is a cross-phase break-it probe (2w WC5 + promotion × F2-11 SSO-skip): NO regression, no finding, NO VETO — F2-11 protection holds under + WC5 (promotion strictly gated on the fully-computed `overall`, which the F2-11 predicate flips to + 1 before the promote check). So no gate of mine to advance, nothing to fix. +- All Adversary findings closed (F2-10, F2-11). Gates Q0/Q1/Q2 PASS. Q3/Q4 partial. + +**Server build clone established:** `/root/builder-clone` (origin/main, secrets submodule skipped — +not needed for recipe tests; Gitea token comes from `/run/secrets/bridge_gitea_token`, dockerhub +auth from sops-rendered `/root/.docker/config.json`). `/root/cc-ci` is the nix-deploy materialised +copy (no `.git`), `/root/adv-verify` is the Adversary's. I run e2e from `/root/builder-clone`. + +**Foundation re-confirmed post-2w (this tick):** +- `cc-ci-run -m pytest tests/unit -q` → **72 passed** (Phase-2 harness survived the 2w merge). +- `RECIPE=custom-html cc-ci-run runner/run_recipe_ci.py` → all 5 tiers PASS, deploy-count=1, WC5 + promoted canonical custom-html → 1.11.0+1.29.0. Full install→upgrade→backup→restore→custom + pipeline healthy on the current harness. + +**Reference-corpus mapping (key planning fact).** Corpus at `/srv/recipe-maintainer/recipe-info/` +(NOT `references/` — that path in the plan is stale). Present: authentik, bluesky-pds, cryptpad, +custom-html, gitea, hedgedoc, immich, keycloak, lasuite-docs, lasuite-drive, lasuite-meet, lichen, +lichen-markdown, matrix-synapse, mumble, n8n. Implication for P2 (parity): +- §5 recipes WITH reference parity still to port: **lasuite-meet, immich, mumble** (+ already done: + bluesky-pds, cryptpad, custom-html, keycloak, lasuite-docs, lasuite-drive, matrix-synapse, n8n). +- §5 recipes with NO reference → P2 vacuous, need only ≥2 specifics + lifecycle: **plausible, ghost, + uptime-kuma (done), mattermost-lts, discourse, mailu, drone**. +- authentik: SSO provider, Q2.2 deferred (lands only if a dependent needs it). +- gitea/hedgedoc/lichen* are in the corpus but NOT in §5 → out of scope. + +**Remaining §5 work:** Q3.3 lasuite-meet, Q3.5 immich, Q4.2 mumble (parity+specifics, need +mirror/enroll), Q4.5 mattermost-lts, Q4.6 discourse, Q4.7 plausible (finish specifics), Q4.9 mailu, +Q4.10 drone (specifics only), + deferral lift cryptpad create-pad (F2-9, must lift before DONE). + +**In flight this tick:** full `RECIPE=lasuite-drive` e2e on `/root/builder-clone` +(log `/root/ccci-resume-lasuite-drive.log`) — lasuite-drive suite (health parity + real MinIO S3 +upload/list/download round-trip + OIDC password-grant JWT-claims against dep keycloak) is fully +authored; driving it to its first verified-green full run (the Q3.2 acceptance evidence).