recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

claim(2pc): PC1 conservative prune deployed+verified; PC2/PC3 local-store cache confirmed

Browse Source 
ci-docker-prune (gated surgical prune) live on cc-ci: old autoPrune --all gone, new timer
enabled (daily), no-ops below 80% disk keeping the local image cache, never --all/--volumes.
Daemon stays PAT-authenticated (nptest2); /var/lib/docker retained across rebuild. PC3 proof:
redis:7-alpine deploy->teardown(service rm, image retained)->redeploy = "Image is up to date",
no layer re-download (cold 5303ms -> warm 674ms). Docs: runbook "Image cache & prune policy",
warm.md, DECISIONS Phase-2pc, IDEAS (registry pull-through cache deferred + revisit trigger).
Gate 2pc CLAIMED, awaiting Adversary cold-verify.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
autonomic-bot
2026-05-29 09:42:36 +01:00
parent 16d177e73a
commit de6103d41d
5 changed files with 185 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
docs/warm.md
View File

@ -85,10 +85,12 @@ back cleanly to a full cold run (the PR is still tested).
- **Serialize:** `DRONE_RUNNER_CAPACITY = MAX_TESTS` (default 1); the nightly sweep is serial and
skips if a `run_recipe_ci.py` is active. At most MAX_TESTS apps are ever live at once.
- **Warm keycloak shared safely** via per-run namespaced realms (above); orphan realms reaped.
- **Disk** (warm is the budget, not RAM): `virtualisation.docker.autoPrune` prunes
images/containers/networks/build-cache older than 24h but **never `--volumes`** (so data-warm
canonical volumes survive). Each canonical = one data volume + one snapshot (small; the keycloak DB
snapshot ~300M dominates). `canonical.prune_stale()` (run nightly) drops warm data for
- **Disk** (warm is the budget, not RAM): the `ci-docker-prune` unit (`nix/modules/docker-prune.nix`,
Phase-2pc) prunes only **dangling** images/containers/build-cache (`until=24h`), and only under
genuine disk pressure (`/` ≥ 80%) with nothing in flight — **never `--all`** (keeps cached base/
in-use images warm; the local store IS the cache on this single host) and **never `--volumes`** (so
data-warm canonical volumes survive). Each canonical = one data volume + one snapshot (small; the
keycloak DB snapshot ~300M dominates). `canonical.prune_stale()` (run nightly) drops warm data for
**de-enrolled** canonicals. Monitor with `df -h /` (the nightly logs it).
- **Cold teardown stays sacred:** a cold per-run app's volumes/secrets are always deleted at run end
(or janitor-reaped); promote re-seeds the canonical separately (never reuses a per-run volume).