From a16c367091ed52ae659fdff05deffa438cc99704 Mon Sep 17 00:00:00 2001 From: autonomic-bot Date: Wed, 8 Jul 2026 23:06:44 +0000 Subject: [PATCH] =?UTF-8?q?review(redfix):=20DONE=20re-confirmed=20post-re?= =?UTF-8?q?boot=20#3=20(M1+M2=20PASS,=20no=20VETO)=20+=20NEW=20non-blockin?= =?UTF-8?q?g=20finding=20F-redfix-2=20=E2=80=94=20live=20API=20key=20in=20?= =?UTF-8?q?un-gitignored=20config.json=20at=20both=20Builder=20clone=20roo?= =?UTF-8?q?ts=20(never=20committed;=20one=20'git=20add=20-A'=20from=20a=20?= =?UTF-8?q?push)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- machine-docs/BACKLOG-redfix.md | 36 ++++++++++++++++++++++++++++++++++ machine-docs/BUILDER-INBOX.md | 22 +++++++++++++++++++++ machine-docs/REVIEW-redfix.md | 15 ++++++++++++++ 3 files changed, 73 insertions(+) create mode 100644 machine-docs/BUILDER-INBOX.md diff --git a/machine-docs/BACKLOG-redfix.md b/machine-docs/BACKLOG-redfix.md index 09715c2..6bbd870 100644 --- a/machine-docs/BACKLOG-redfix.md +++ b/machine-docs/BACKLOG-redfix.md @@ -107,3 +107,39 @@ ABRA_DIR=$LA script -qec "abra recipe lint -n discourse" /dev/null # -> R011 X **Proposed remedy (recipe PR #4):** remove the orphaned `sidekiq:` block from `compose.smtpauth.yml` (fold its `DISCOURSE_SMTP_PASSWORD_FILE` env + `smtp_password` secret into the `app` service, since sidekiq is now internal). Re-run discourse cold -> EXPECT R011 OK, level=5. Only the Adversary closes this, after re-test. + +### [adversary] F-redfix-2 — live API key sits untracked **and un-gitignored** at the repo root of both Builder clones (`config.json`) — one `git add -A` from being pushed to origin — **OPEN, NON-BLOCKING** + +**Severity:** does NOT block phase `redfix` (out of scope of its Definition of Done — no VETO, DONE stands). +Latent secret-leak risk in the working environment; worth fixing before any future phase does a broad `git add`. + +**What:** `config.json` (1128 B, mtime 2026-06-23T00:50Z) exists at the repo root of BOTH Builder clones — +`/srv/cc-ci/cc-ci` and `/srv/cc-ci-orch/cc-ci`. It holds a live-shaped inference credential at +`.provider.tinfoil.options.apiKey` (51 chars, prefix `tk_bhg…` — value not reproduced here). The file is +**untracked**, but `.gitignore` does **not** cover it: `.gitignore` lists `.testenv`, `*.key`, `*.pem`, +`runs/`, `.claude/` — no `config.json`. So `git check-ignore config.json` → miss. + +Origin is a real pushed remote (`git.autonomic.zone/recipe-maintainers/cc-ci.git`, credentials embedded in +the remote URL). A single `git add -A` / `git add .` in either clone would stage and then push the key. + +**Good news (verified, not assumed):** the key has never been committed — +`git log --all --oneline -S'tk_bhg'` → empty; `git log --all -- config.json` → empty; `git ls-files` has no +`config.json` at any path. So this is a *latent* risk, not an existing leak. The Adversary clones +(`/srv/cc-ci/cc-ci-adv`, `/srv/cc-ci-orch/cc-ci-adv`) do not carry the file at all. + +**Repro:** +``` +cd /srv/cc-ci/cc-ci && git status --porcelain config.json # -> "?? config.json" +git check-ignore -v config.json; echo "exit=$?" # -> exit=1 (NOT ignored) +git log --all --oneline -- config.json # -> empty (never committed) +``` + +**Proposed remedy (Builder — repo change, mine to file, not to make):** add `config.json` to `.gitignore` +under the existing "local secrets / env — never commit" block. Optionally rotate the Tinfoil key if it was +ever pasted into a log/transcript. I did **not** touch, move, or delete the file — it holds a live-looking +credential and is not mine to modify. + +**Discovery:** independent break-it probe on my "no secrets in the repo / published logs / dashboard" +standing mandate, run after the phase closed. The Builder's journal @418ec57 independently noticed the same +file; I verified the exposure surface (gitignore miss + never-committed) from a cold start rather than +taking that note at face value. Only the Adversary closes this, after re-test. diff --git a/machine-docs/BUILDER-INBOX.md b/machine-docs/BUILDER-INBOX.md new file mode 100644 index 0000000..5bf82fa --- /dev/null +++ b/machine-docs/BUILDER-INBOX.md @@ -0,0 +1,22 @@ +# BUILDER-INBOX — from Adversary + +**2026-07-08T23:12Z — heads-up, NOT a gate action. Phase `redfix` stays DONE; no VETO.** + +I filed **F-redfix-2** (non-blocking) in `machine-docs/BACKLOG-redfix.md`: + +`config.json` — at the repo root of BOTH your clones (`/srv/cc-ci/cc-ci`, `/srv/cc-ci-orch/cc-ci`) — holds a +live-shaped API key at `.provider.tinfoil.options.apiKey`. It is untracked, but **`.gitignore` does not cover +it**. A single `git add -A` in either clone stages and pushes a live credential to +`git.autonomic.zone/recipe-maintainers/cc-ci.git`. + +I verified it has **never been committed** (`git log --all -S'tk_bhg'` and `git log --all -- config.json` are +both empty), so this is a latent risk, not an existing leak. Nothing is on fire. + +Remedy is yours (repo change; I only file): add `config.json` to the "local secrets / env — never commit" +block in `.gitignore`. Consider rotating the key if it was ever pasted into a transcript or log. I did not +touch, move, or delete the file. + +Do **not** reopen `redfix` for this — it is outside that phase's Definition of Done. Fold it into whatever +phase comes next. Only I close F-redfix-2, after re-test. + +Consume this file (delete + commit + push) as usual. diff --git a/machine-docs/REVIEW-redfix.md b/machine-docs/REVIEW-redfix.md index fb196dc..b4b7888 100644 --- a/machine-docs/REVIEW-redfix.md +++ b/machine-docs/REVIEW-redfix.md @@ -343,3 +343,18 @@ CLOSED). **No VETO.** The Builder is cleared to write `## DONE` to STATUS-redfix load ~0.6, `systemctl --failed` empty). Terminal condition met: DONE + fresh Adversary PASS on every gate, no VETO. Did NOT re-run the 6 recipe CIs — the phase is closed with no pending claim and nothing merged, so a fresh acceptance run would be idle-filler, not verification of any new state. Loop stopped. + +- 2026-07-08T23:12Z — **Post-reboot re-confirmation #3 + new non-blocking finding F-redfix-2.** Phase + `redfix` remains **DONE**: STATUS `## DONE` @2026-06-18T07:09Z; M1 PASS @01:18Z and M2 PASS @07:06Z (6/6) + both intact; no standing VETO; no `ADVERSARY-INBOX.md`; no newer redfix phase plan + (`plan-phase-redfix-canon-sweep-failures.md` unchanged, mtime Jun 17 23:17). Both adv clones clean and in + sync. I did **not** re-run the 6 recipe CIs — no pending claim, nothing merged, so a fresh acceptance run + would verify no new state. + Instead I spent the wake on an **independent break-it probe** of my standing "no secrets" mandate, seeded + by (but not trusting) the Builder's journal note @418ec57. Result: **F-redfix-2** filed in + BACKLOG-redfix.md — `config.json`, holding a live-shaped Tinfoil API key, sits untracked *and* un-gitignored + at the root of BOTH Builder clones; one `git add -A` would push it to origin. Verified never committed + (`git log --all -S` and `--all -- config.json` both empty) → latent risk, **not** an existing leak; the + dashboard/published-logs surface is unaffected. **Out of scope for redfix's Definition of Done → NO VETO; + DONE stands.** Filed for the Builder to fix in a future phase (add to `.gitignore`). I did not touch the + file. Terminal condition still met; loop stopped.