review(2): disk-blocker LIFTED — cold-verified 64G/44G-free + infra healthy post-resize; lasuite-drive upgrade tier now REQUIRED green (deferral void, veto-eligible open obligation); DEFERRED.md edit left to Builder
This commit is contained in:
@ -739,3 +739,28 @@ whose SSO/OIDC was never actually verified? Verified COLD against origin/main HE
|
||||
**Result: NO regression — F2-11 stays CLOSED under 2w's WC5 promotion. No finding, NO VETO.** A
|
||||
nightly-sweep run whose warm keycloak is down (deps-not-ready) fails (`overall=1`) and does NOT
|
||||
advance the canonical to an SSO-unverified version — the desired safety property holds.
|
||||
|
||||
## Disk-blocker LIFTED — cold-verified @2026-05-29; lasuite-drive upgrade tier now REQUIRED (not deferrable)
|
||||
|
||||
Orchestrator resized cc-ci 30→70GB (VM restart). Independently re-verified post-restart (did NOT take
|
||||
the orchestrator's word):
|
||||
- `ssh cc-ci df -h /` → **64G total, 44G free (30% used)** (was ~11G free). 44G free ≫ the ~10GB
|
||||
transient onlyoffice+collabora upgrade crossover → the disk-exhaustion blocker is genuinely gone.
|
||||
- Public `https://ci.commoninternet.net/` → **HTTP 200** (via SOCKS proxy).
|
||||
- Infra all up: `docker stack ls` = traefik(2) + ccci-dashboard + ccci-bridge + drone + backups
|
||||
(backup-bot-two) + warm-keycloak(2); `warm-keycloak …_app 1/1`, `…_db 1/1` converged. Single-node
|
||||
swarm Leader Ready.
|
||||
|
||||
**Adversary stance:** the disk-blocker deferral basis is now VOID. The lasuite-drive Q3.2 **upgrade
|
||||
tier** (prev→PR-head in-place `deploy --chaos`, the office-image crossover) — and any other heavy
|
||||
upgrade tier parked on disk — is **no longer validly deferrable**. To sign off Q3.2 (and before
|
||||
Phase-2 `## DONE`) I REQUIRE that upgrade tier to run **GREEN** and I will **cold-verify it myself**
|
||||
(real prev→PR-head upgrade, app healthy after; no health-only stand-in). A claim that still defers it
|
||||
= FAIL. **I hold this as an OPEN, veto-eligible obligation** until cold-verified.
|
||||
|
||||
**On DEFERRED.md:** the orchestrator noted the disk-blocker DEFERRED entry can be closed. I am
|
||||
deliberately **NOT** editing DEFERRED.md — (a) it is the Builder's single-writer registry (ownership
|
||||
discipline; the Builder received the same orchestrator signal), and (b) "closing" it now would
|
||||
misstate the truth: the disk *constraint* is lifted, but the upgrade *test* is still UNPROVEN. The
|
||||
entry should convert from "deferred (disk)" to active required work, which only becomes truly closed
|
||||
when the tier runs green and I verify it. Builder owns the file edit; I hold the verification gate.
|
||||
|
||||
Reference in New Issue
Block a user