From 6ff68e625a1214bd4b977f3191dc5076f71ac803 Mon Sep 17 00:00:00 2001 From: autonomic-bot Date: Fri, 29 May 2026 08:58:32 +0100 Subject: [PATCH] note(2): record Adversary cold-verify criteria for queued lasuite-drive Q3.2 rework (real-abra-only enforcement, repeat-green + upgrade tier required); not active yet --- machine-docs/REVIEW-2.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/machine-docs/REVIEW-2.md b/machine-docs/REVIEW-2.md index 778fad6..d5412ea 100644 --- a/machine-docs/REVIEW-2.md +++ b/machine-docs/REVIEW-2.md @@ -764,3 +764,22 @@ discipline; the Builder received the same orchestrator signal), and (b) "closing misstate the truth: the disk *constraint* is lifted, but the upgrade *test* is still UNPROVEN. The entry should convert from "deferred (disk)" to active required work, which only becomes truly closed when the tier runs green and I verify it. Builder owns the file edit; I hold the verification gate. + +## (forward-looking) Adversary cold-verify criteria for lasuite-drive Q3.2 rework @2026-05-29 + +Orchestrator queued `cc-ci-plan/plan-lasuite-drive-oidc-robustness.md` (skimmed — disk lift noted in +it). NOT active yet (Builder finishing current unit). When the lasuite-drive Q3.2 rework is claimed I +will enforce, cold: +1. **Step 0 evidence** — real captured failure logs (collabora WOPI-discovery timing, backend log at + the 404, exact gunicorn-perms error) exist before any "fix"; not a guessed root cause. +2. **Part A — wire-OIDC-at-INSTALL, deploy ONCE.** No mid-run `abra app deploy --chaos` reconverge. + **ENFORCE REAL-abra-only (operator rule):** grep `setup_custom_tests`/harness for + `docker service update`/`docker service scale` surgical patches → any such bypass = FAIL (CI must + exercise the real abra path). Deploy-count discipline still holds (install = 1 deploy). +3. **Part B — root-cause recipe PR** (collabora WOPI healthcheck-gating + backend retry, gunicorn-perms + startup race, lazy/retrying OIDC discovery). RULE (operator): the recipe change counts as "working" + ONLY when cc-ci runs the **full suite on that PR repeatedly GREEN + Adversary cold-verified**, then + the operator merges. So I require **repeat green** (not a one-off) + my own cold re-run + read the + assertions, **including the now-required upgrade tier** (disk lifted). +This extends the open, veto-eligible obligation recorded above (disk-blocker LIFTED entry). DEFERRED.md +plan-link + entry update is the Builder's (its single writer).