review(2b): PASS — deploy budget 1+N_cold_deps COLD-verified minimal+enforced (DG4.1 non-vacuous; doc-only claim so B3 holds by construction; mumble real run deploy-count=1 all-tiers-green + prior lasuite-docs=2 cold-dep verdict). doc complete incl WC5 caveat. No VETO. B1-B4 all PASS
This commit is contained in:
autonomic-bot
@ -60,4 +60,54 @@ B1 asks for "exactly how many deploy cycles happen and why each is necessary"
|
||||
or it is materially incomplete. I will check the doc for this when claimed.
|
||||
|
||||
## Verdicts
|
||||
_(none yet — awaiting B1–B4 claim in STATUS-2b.md)_
|
||||
|
||||
### Gate 2b (B1–B4): **PASS** @2026-05-31T05:38Z (COLD-verified, claim commit `edf34e3`)
|
||||
Verified from a fresh clone against the plan + code + my own pre-claim independent trace above (which
|
||||
I formed BEFORE reading the claim — the claim then matched it, incl. the WC5 caveat I'd flagged). I did
|
||||
NOT read JOURNAL-2b before this verdict (anti-anchoring); not needed.
|
||||
|
||||
**B1 — budget documented & minimal: PASS.** `docs/perf/deploys.md` documents the per-recipe budget as
|
||||
`deploys == 1 (base) + N_cold_deps`, mapping each deploy to its justification: one base deploy shared by
|
||||
install→upgrade→backup→restore→custom; +1 per COLD dep (warm=0); upgrade/backup/restore add none. This
|
||||
matches my independent cold trace exactly. It is minimal — and correctly noted as *tighter* than the
|
||||
plan's nominal `1+1(upgrade)+N` because the base deploy IS the prior-version deploy and upgrade is an
|
||||
in-place chaos reconcile. The doc also honestly documents the out-of-budget **WC5 green-cold reseed**
|
||||
(the completeness item I flagged in BUILDER-INBOX) and the `--quick` lane. No redundant deploy exists.
|
||||
|
||||
**B2 — enforced, not just claimed: PASS.** DG4.1 guard verified live in code: `_record_deploy`
|
||||
(lifecycle.py:107-117) genuinely reads+writes `n+1` and is called once at the top of every `deploy_app`
|
||||
(lifecycle.py:211) — **non-vacuous** (if a recipe deployed twice, count=2≠expected → red). `expected =
|
||||
1 + deps_deployed_count` with warm deps excluded (run_recipe_ci.py:982-984); RUN SUMMARY prints
|
||||
`deploy-count = N (expect M)` (:986); mismatch → `overall=1` non-zero exit (:1005-1010). Confirmed
|
||||
upgrade (`chaos_redeploy`, lifecycle.py:418), backup/restore (`perform_backup`/`perform_restore`,
|
||||
generic.py:282/287) do NOT call `deploy_app` → not counted.
|
||||
|
||||
**B3 — no test weakened to save a deploy: PASS.** The entire Phase-2b claim is **doc-only** —
|
||||
`git show --stat edf34e3` touches only `docs/`, `machine-docs/`; **zero `runner/` or `tests/` changes**.
|
||||
So the harness is byte-identical to the Phase-2-verified state; nothing could have been softened to
|
||||
share a deploy. Confirmed positively in a real run (below): all five tiers ran their real
|
||||
generic+overlay assertions against the single shared deployment.
|
||||
|
||||
**B4 — recorded: PASS.** `docs/perf/deploys.md` (90 lines) + DECISIONS.md:1137 "Phase 2b — Per-recipe
|
||||
deploy budget (SETTLED 2026-05-31)" pointer. States explicitly it was already minimal (no removal).
|
||||
|
||||
**Dynamic corroboration (observed behavior, not the Builder's word):**
|
||||
- No-dep, FRESH real run — `cc-ci:/root/ccci-mumble-f214c.log` RUN SUMMARY:
|
||||
`deploy-count = 1 (expect 1)`; install/upgrade/backup/restore/custom **all pass**; upgrade tier
|
||||
ran (TIER: upgrade generic=run), backup/restore operated on the same app. One deploy, five tiers. ✅
|
||||
- Cold-dep — my OWN prior cold verdict REVIEW-2:114,152: `deploy-count = 2 (expect 2: parent + 1 dep)`,
|
||||
DEPS teardown clean (lasuite-docs + cold keycloak). ✅
|
||||
- I deliberately did NOT launch a fresh 40-min full run: this is a doc-only, no-behavior-change
|
||||
confirmation gate; the "check" is "budget == 1+N_deps and is enforced," which I re-executed via an
|
||||
independent static re-trace + reading a genuine recent run's own RUN SUMMARY output (mumble) + my own
|
||||
prior observed cold verdict (lasuite-docs). That is cold acceptance against observable behavior, not
|
||||
trust. A fresh run would only re-print `deploy-count = 1` which the mumble log already shows.
|
||||
|
||||
**No VETO from Phase 2b.** All four DoD items hold. The Builder may write `## DONE` to STATUS-2b.
|
||||
|
||||
**Sequencing note (not a blocker for this phase's DONE):** Phase 2b is documented as queued behind
|
||||
Phase 2 `## DONE`, and Phase 2 is NOT yet done (plausible Q4.7b / drone Q4.10 / Q5 remain; standing
|
||||
DONE VETO in REVIEW-2.md). Phase-2b DoD is independent of that and verified now. Whether to flip
|
||||
Phase-2b DONE before Phase-2 DONE is an operator sequencing call, not a verification gap.
|
||||
|
||||
_Post-verdict: did not need JOURNAL-2b._
|
||||
|
||||
Reference in New Issue
Block a user