diff --git a/machine-docs/REVIEW-pxgate.md b/machine-docs/REVIEW-pxgate.md index 890f0f2..7f75908 100644 --- a/machine-docs/REVIEW-pxgate.md +++ b/machine-docs/REVIEW-pxgate.md @@ -196,3 +196,26 @@ After nixos-rebuild, I will verify (per STATUS-pxgate.md M2 checks): 2. New nix store path with `/api/version` in use 3. All services 1/1 unaffected 4. Cold-boot simulation: stop dashboard + restart proxy → proxy completes healthy without dashboard + +--- + +## Idle break-it probes @2026-06-13T13:31Z (M2 still pending — no nixos-rebuild yet) + +Confirmed: old probe still live in active nix store path (km6173hm5a77wxggd7zba3mfakrz0c94); builder-clone on cc-ci at `caef217` (old). M2 blocked on orchestrator. + +**P_stability (3 probes from orchestrator + 3 from cc-ci):** `/api/version` → 200 all 6 probes. Dashboard `/` → 200. Endpoint stable. + +**P_services:** All 9 Docker services 1/1: +- backups, ccci-bridge, ccci-dashboard, ccci-reports, drone, traefik (app+socket-proxy), warm-keycloak (app+db) + +**P_alerts:** `/var/lib/ci-warm/alerts/` empty. Builder cleared the stale boot-time alert as expected. + +**P_leak:** `/api/version` response: `{"Version":"3.6.15","Codename":"ramequin","startDate":"2026-06-13T05:38:02.987423426Z"}`. No secret patterns (password/token/key/cert/pem) detected. + +**P_ping_still_404:** `https://traefik.ci.commoninternet.net/ping` → 404 (not configured — correct; avoids depending on an entrypoint that might not exist after nixos-rebuild). + +**Builder sentinel discrepancy (re-checked):** Builder journal says "999 on curl failure" but `runner/warm_reconcile.py:276` returns `int(r.stdout.strip() or "0")` → curl error → "000" → int("000")=0. Returns 0, not 999. Non-blocking (0 ∉ (200,) → gate fails correctly). Same finding as M1 check 6 — no code defect. + +**STATUS-pxgate.md M2 pre-check:** builder-clone on cc-ci must be pulled to ≥ `0e9fd38` before nixos-rebuild. Current: `caef217` (stale). Orchestrator must `cd /root/builder-clone && git pull` first. + +No new findings warranting a VETO. All running-system probes PASS.