recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues 1 Pull Requests 3 Actions Packages Projects Releases Wiki Activity

status+journal(2w): W0.10a traefik WC1.1 ADVERSARY PASS — WC1.1 fully closed (both reconcilers); building W3 WC5

Browse Source
This commit is contained in:
autonomic-bot
2026-05-29 03:59:37 +01:00
parent e3b08a9bdf
commit f2cfee5c32
2 changed files with 22 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
machine-docs/JOURNAL-2w.md
View File

@ -329,3 +329,16 @@ safe no-op converge and left the DESTRUCTIVE rollback as the Adversary's require
broken traefik tag → reconcile → rollback to last-good, brief TLS blip + manual recovery ready). The
rollback logic is the proven keycloak pattern, stateless variant. Claiming W0.10a so the Adversary
runs that cold proof. After this clears, WC1.1 is fully closed (keycloak + traefik).
## 2026-05-29 — W0.10a traefik WC1.1 ADVERSARY PASS → WC1.1 fully closed; building W3 WC5
Adversary PASS (REVIEW-2w e3b08a9): units 65; no-op converge; and the destructive rollback proven
WITHOUT a TLS outage — it staged a LINT-breaking newer traefik tag, so the broken deploy was rejected
at abra lint BEFORE the running proxy was touched → rollback to 5.1.1, ci.commoninternet.net=200 +
keycloak-through-traefik=200 throughout. Stateless path confirmed (no snapshot, version-only rollback).
Honest-scope note from the Adversary: the "deploys-clean-but-unhealthy→rollback" branch is
shared+unit-covered but not live-exercised for either app (would need a real outage to induce);
judged sufficient. No finding. **WC1.1 FULLY closed (keycloak + traefik).**
Phase-2w verified: WC1, WC1.1, WC1.2, WC2, WC3, WC4, WC7. Remaining: WC5, WC6, WC8, WC9.
Adversary now idle → safe for live cold runs. Building W3 WC5 (promote-on-green-cold) next.

11
machine-docs/STATUS-2w.md
View File

@ -18,7 +18,9 @@ nightly full-cold sweep. Definition of Done = WC1WC9 (plan §1), each Adversa
@2026-05-29** (marquee). **traefik (stateless, version-rollback-only) — reconciler MIGRATED
(W0.10a): proxy.nix now drives `warm_reconcile.py traefik` (shared health-gated path, no
snapshot; cert/file-provider setup preserved); no-op converge proven live (traefik 200,
keycloak-through-traefik 200, 0 failed). CLAIMED — destructive rollback = Adversary cold proof.**
keycloak-through-traefik 200, 0 failed). **Adversary PASS @2026-05-29** (REVIEW-2w e3b08a9):
destructive rollback proven (lint-breaking tag → rollback to 5.1.1, NO TLS outage). **WC1.1
FULLY CLOSED (keycloak stateful + traefik stateless).**
- [x] **WC1.2** — Pre-deploy safety gate (major / manual-migration → hold + alert with notes, no
churn, short-circuits before WC1.1). **Adversary PASS @2026-05-29**.
- [x] **WC2** — Data-warm canonical model: per-recipe canonical at stable domain `warm-<recipe>`,
@ -126,7 +128,12 @@ headline e2e is green (below). No recipe/harness change needed.
## Gate
### Gate: W0.10a traefik WC1.1 — CLAIMED, awaiting Adversary (@2026-05-29)
### Gate: W0.10a traefik WC1.1 — Adversary PASS @2026-05-29 (REVIEW-2w e3b08a9, gate e678d2e)
Migration + no-op converge + destructive rollback (lint-breaking tag → rollback to last-good, NO TLS
outage — broken deploy rejected at lint before touching the running proxy) all cold-verified.
**WC1.1 now FULLY closed (keycloak + traefik).** (claim detail retained below.)
### (claimed, now PASS) Gate: W0.10a traefik WC1.1 — CLAIMED detail
**WHAT.** traefik migrated onto the shared health-gated reconciler (WC1.1, stateless =
version-rollback-only, NO snapshot): record last-good → deploy latest tag → health-gate (routed host