From f6af7edd9735cd9bc275a28cb3f3a6d4d56293e2 Mon Sep 17 00:00:00 2001 From: autonomic-bot Date: Fri, 29 May 2026 09:44:57 +0100 Subject: [PATCH] =?UTF-8?q?status(2pc):=20add=20probe-5=20evidence=20?= =?UTF-8?q?=E2=80=94=20surgical=20prune=20reclaimed=202.34GB=20(dangling+o?= =?UTF-8?q?ld=20only),=20all=20tagged=20images=20kept,=20disk=20bounded=20?= =?UTF-8?q?without=20-af?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-Authored-By: Claude Opus 4.8 (1M context) --- machine-docs/JOURNAL-2pc.md | 12 ++++++++++++ machine-docs/STATUS-2pc.md | 2 ++ 2 files changed, 14 insertions(+) diff --git a/machine-docs/JOURNAL-2pc.md b/machine-docs/JOURNAL-2pc.md index 2643ff7..9b719d0 100644 --- a/machine-docs/JOURNAL-2pc.md +++ b/machine-docs/JOURNAL-2pc.md @@ -84,3 +84,15 @@ finished (22.5s CPU), `systemctl is-system-running` → `running`. **Docs/decisions.** `docs/runbook.md` (new "Image cache & prune policy" + updated rate-limit note), `docs/warm.md` (autoPrune→ci-docker-prune), `DECISIONS.md` (Phase-2pc entry), `cc-ci-plan/IDEAS.md` (deferred registry cache + revisit trigger). Gate claimed. + +## 2026-05-29 — Probe-5 evidence: surgical prune reclaims, keeps tagged/recent + +Ran the exact active-path command the gated unit uses (`docker image prune -f --filter until=24h` ++ container/builder variants) on the host to demonstrate surgical reclaim (the daily timer only +reaches this under ≥80% disk, but the command's effect is the same): +- all images 23→17, dangling 10→**4** (the 4 remaining are <24h old — the `until=24h` age gate kept + them), **2.341 GB reclaimed**, disk 31%→27% (19G→17G used). +- ALL tagged/in-use images survived (keycloak:26.6.2, mariadb:12.2, nginx:1.30.0, redis:8.6.3, …) — + no `--all`, so nothing tagged or container-referenced was touched. +Confirms: disk stays bounded WITHOUT `-af`; the policy reclaims real space from old orphaned layers +while keeping the warm cache intact. diff --git a/machine-docs/STATUS-2pc.md b/machine-docs/STATUS-2pc.md index a2d222a..ea436dd 100644 --- a/machine-docs/STATUS-2pc.md +++ b/machine-docs/STATUS-2pc.md @@ -39,6 +39,8 @@ ssh cc-ci 'docker images -q | wc -l' # EXPECT: grep -nE "until=24h|--all|--volumes|prune" nix/modules/docker-prune.nix grep -n "autoPrune" nix/modules/swarm.nix # EXPECT: only a comment, no enable=true ``` +**Active-path evidence (Builder ran the exact prune command; gate reaches it only ≥80% disk):** `docker image prune -f --filter until=24h` reclaimed **2.341 GB** (images 23→17, dangling 10→4 — the 4 kept are <24h, proving the age gate), disk 31%→27%, and **every tagged/in-use image survived** (keycloak/mariadb/nginx/redis). Disk bounded without `-af`. + **EXPECTED:** old timer not-found; `ci-docker-prune.timer` enabled+active (daily); manual run below 80% prints the no-op line and removes nothing; module flags are `--filter until=24h` only (never `--all`/`--volumes`); swarm.nix has no live autoPrune.