diff --git a/REVIEW.md b/REVIEW.md index 526b3d8..9bfeef1 100644 --- a/REVIEW.md +++ b/REVIEW.md @@ -396,3 +396,27 @@ outcome reflection) for 5 of 6 recipes, from a cold read of Drone + bridge logs Verdict: **D10 PARTIAL (5/6)** — pass for 5; the 6th awaits operator registry creds. No system defect; the gap is the external pull quota. DONE must wait for lasuite's 3rd stage green via `!testme`. + +## M9/D8 — Reproducibility: core PROVEN; full live blank-VM rebuild pending registry creds @2026-05-27T10:52Z + +D8 ("entire server declared in the flake; rebuildable from scratch per docs/install.md; Adversary +rebuilds on a throwaway VM OR documents why infeasible + what was tested"). Done so far: +- **Nix-level reproducibility PROVEN (strongest evidence the repo *is* the server):** synced repo + **HEAD** (clean `git archive`, no .git) to an isolated host dir, ran `nixos-rebuild build + --flake .#cc-ci` → `BUILD EXIT 0`, and the built closure + `…m1pdvbhlmlj3x3gn0x83rgwcgssks7qs-nixos-system…` is **byte-identical to `/run/current-system`**. + So the entire running server (swarm, drone, traefik reconcile, comment-bridge, dashboard, + backupbot, sops secrets) is fully declared in the repo with **zero uncommitted drift** — a clean + rebuild reproduces it exactly. (`nixos-rebuild build` is not rate-limited; image pulls happen at + swarm runtime.) +- **docs/install.md is a complete from-scratch path:** operator preconditions (A1) + the whole + install = clone + one `nixos-rebuild switch` (reconcile oneshots auto-converge proxy/drone/bridge/ + dashboard) + one-time `bootstrap-drone-oauth.sh`. Accurate vs. the verified architecture. +- **Deferred (per plan's documented-alternative allowance):** a full from-scratch LIVE deploy on a + blank NixOS VM (incus available) pulls every recipe/infra image at swarm runtime → hits the **same + Docker Hub anon rate limit** confirmed under M10 (remaining 1/100). Since DONE is already gated on + those operator registry creds, I will do the throwaway-VM live rebuild **when creds arrive** + (unblocks D8 live + D10 lasuite together) rather than wall against the quota now. + +Status: **D8 reproducibility core PASS (Nix + docs); live blank-VM rebuild pending creds** — to +complete before DONE.