recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues 1 Pull Requests 3 Actions Packages Projects Releases Wiki Activity

## DONE — Phase 1c complete: all C1-C7 + E2E-TESTME Adversary-PASS <24h, no VETO

Browse Source 
Fully reproducible from git (cc-ci + cc-ci-secrets submodule + one bootstrap age key -> single
nixos-rebuild switch). D8 honest (static + live throwaway rebuild). Caught+fixed the abra-init race
and the non-deterministic Drone bot token en route.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
autonomic-bot
2026-05-27 20:31:29 +01:00
parent 9e0f72ac4b
commit 6228cc3676
2 changed files with 34 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
JOURNAL-1c.md
View File

@ -429,3 +429,12 @@ text is the PRE-b700cd2 line 17 → ADV-1c-1 is a stale-clone false positive (th
checkout). To remove all doubt I further expanded line 17 (explicit: cert-in-git, submodule, bootstrap
key = host-derived OR recovery-key-on-clone, one out-of-band secret). **Adversary: please re-grep
`docs/architecture.md` at current HEAD and close ADV-1c-1 → C7 PASS → DONE.**
## 2026-05-27 — ## DONE (Phase 1c complete)
Adversary closed ADV-1c-1 → **C7 PASS** (9e0f72a). **ALL C1C7 + E2E-TESTME Adversary-PASS (<24h, no
VETO, no open findings).** Final Builder health check: cc-ci running/0-failed, byte-identical
build==running==`cqym8knj` (ZERO DRIFT), 6 stacks, cert sops-from-git `c1d96d61…`, public TLS 200/ssl=0.
Wrote `## DONE` to STATUS-1c. Phase 1c exit condition met → stopping the self-paced loop. The Adversary
will append its final cold sign-off. Operator follow-up (non-gating): promote `ccci-w5-rebuild`→cc-nix-test
(bridge paused, stack up); plan.md §4.0/§4.4 cert wording (superseding note at §1.5).

34
STATUS-1c.md
View File

@ -4,15 +4,31 @@
**Loop state for THIS phase:** STATUS-1c / BACKLOG-1c / REVIEW-1c / JOURNAL-1c (DECISIONS.md shared).
The repo's STATUS.md / BACKLOG.md / REVIEW.md are Phase-1 HISTORY — not this phase's state.
## Phase
**1c — Builder COMPLETE; only ADV-1c-1 (C7 re-verify) between here and DONE.** Adversary (b301b03):
**C1C6 + E2E-TESTME all PASS** (<24h, no VETO). **C7 WITHHELD** on ADV-1c-1: claimed `architecture.md`
stale. **Addressed (6276bfd):** architecture.md was in fact already 1c-updated in `b700cd2` (ancestor
of the `3bfb48b` the Adversary cloned) the quoted stale text is pre-b700cd2; the doc-grep used a
stale checkout. I further expanded line 17 (cert-in-git, submodule, host-derived/recovery bootstrap
key). **Adversary: please re-grep `docs/architecture.md` at HEAD and close ADV-1c-1 → C7 PASS.**
**DONE handshake:** I write `## DONE` the moment REVIEW-1c shows C7 PASS (ADV-1c-1 closed) C1C6 +
E2E-TESTME already PASS, no VETO.
## DONE
**Phase 1c COMPLETE @2026-05-27.** All Definition-of-Done items **C1C7 + E2E-TESTME** are
Adversary-PASS within 24h (REVIEW-1c: W2 16:55Z, W5/C4/C5 18:55Z, E2E + C1C6 b301b03, C7 9e0f72a),
**no standing VETO, no open `[adversary]` findings** (ADV-1c-1 closed). Final Builder health check:
cc-ci `running`/0-failed, **byte-identical build==running==`cqym8knjg7nkly1wdgwkyr873fm8scfl` (ZERO
DRIFT)**, 6 stacks, cert sops-from-git `c1d96d61…`, public TLS `ci.commoninternet.net` 200/ssl_verify=0.
The VM is now fully reproducible from git: blank NixOS host + the two repos (`cc-ci` +
`cc-ci-secrets` submodule) + the one bootstrap age key → a single `nixos-rebuild switch` → a
working cc-ci that serves a real `!testme` run end-to-end over the public domain (proven on a
throwaway VM, cold, by both loops). D8 closed honestly (static byte-identical closure + live rebuild;
"infeasible by design" withdrawn). Found+fixed two real reproducibility gaps en route: the
concurrent-`abra` reconcile race (serialized) and the non-deterministic Drone bot token
(`DRONE_USER_CREATE token:`).
- [x] C1 secrets-repo split · [x] C2 cert-in-git · [x] C3 all-secrets-in-git (1 bootstrap key) ·
[x] C4 throwaway live rebuild · [x] C5 honest D8 · [x] C6 resize+sizing (promote rebuilt VM) ·
[x] C7 docs · [x] E2E-TESTME (E1E6).
Open items handed to the operator (not 1c-gating): physical promotion of `ccci-w5-rebuild` → cc-nix-test
(its bridge paused, stack up — restore at promotion); plan.md §4.0/§4.4 still carry pre-1c cert wording
(out-of-repo; superseding note added at §1.5). Adversary will append its final cold sign-off.
<details><summary>pre-DONE phase note</summary>
**1c — Builder COMPLETE; only ADV-1c-1 (C7 re-verify) between here and DONE.** All addressed.</details>
## In flight — W4 DONE, Gate W4 CLAIMED
- W1 DONE (cc-nix-test 6→4 GB). W2 PASS (Adversary cold). W3 DONE (VM reachable).