0a06c411a6
claim(redfix-M1): all 6 canon-sweep failures investigated in isolation + classified (results table + cold-verify guide). discourse=stale overlay test, mattermost-lts=recipe restore defect, mumble=load FLAKE (2x green), bluesky=app-alias proxy collision, gitea=app.ini RO crash, keycloak=warm-domain collision. 2 canon root-causes corrected.
continuous-integration/drone/push Build is failing
2026-06-18 00:18:09 +00:00
00fca8a33e
journal+status(redfix): M1 gitea app.ini read-only JWT crash CONFIRMED on warm advance (recipe defect); 6/6 classified
continuous-integration/drone/push Build is failing
2026-06-18 00:14:32 +00:00
88c9ebcce4
status(redfix): M1 tracker — keycloak classified (harness collision); 5/6 done, gitea app.ini advance reproducing
continuous-integration/drone/push Build is failing
2026-06-18 00:08:40 +00:00
93e1e7d87a
note(redfix): M1 pre-staging — mattermost (no restore.post-hook) + discourse (PR-faithfulness overlay) static claims corroborated via code; owe own discourse isolation run + bluesky diag before any PASS
continuous-integration/drone/push Build is failing
2026-06-18 00:08:31 +00:00
8a54c4d0ea
journal(redfix): M1 keycloak (harness warm-domain collision, design-complete) + gitea first-run already-deployed confound
continuous-integration/drone/push Build is failing
2026-06-18 00:08:25 +00:00
f8ba0c3a1f
journal(redfix): M1 bluesky-pds — 000 reproduces deterministically; root cause = caddy↔app cross-stack 'app' alias collision on shared proxy (recipe defect)
continuous-integration/drone/push Build is failing
2026-06-18 00:02:26 +00:00
41e161a433
status(redfix): M1 tracker — discourse/mattermost/mumble classified; bluesky promote in flight
continuous-integration/drone/push Build is failing
2026-06-17 23:53:13 +00:00
9a58268e12
journal(redfix): M1 mumble isolation GREEN — load/timing flake confirmed
continuous-integration/drone/push Build is failing
2026-06-17 23:44:24 +00:00
8df74d7bc0
journal(redfix): M1 mattermost-lts isolation — DETERMINISTIC restore fail; genuine recipe defect (no restore.post-hook vs immich)
continuous-integration/drone/push Build is failing
2026-06-17 23:41:29 +00:00
23b439db83
journal(redfix): M1 discourse isolation — canon root-cause wrong; deploys fine, only upgrade overlay (unreleased official-image migration) fails
continuous-integration/drone/push Build is failing
2026-06-17 23:33:18 +00:00
3e61473365
chore(redfix): bootstrap phase state files (STATUS/BACKLOG/JOURNAL); M1 investigation tracker seeded
continuous-integration/drone/push Build is failing
2026-06-17 23:20:55 +00:00
a30e71825e
review(redfix): open phase — REVIEW skeleton, cold access to cc-ci confirmed healthy, awaiting Builder bootstrap + M1 claim
continuous-integration/drone/push Build is failing
2026-06-17 23:19:36 +00:00
de4d69072c
status(nixenv): mark phase DONE in STATUS (M1+M2 both PASS, no VETO)
continuous-integration/drone/push Build is failing
2026-06-17 23:18:36 +00:00
0b84452290
review(M2-nixenv): PASS — live parity cold-verified on cc-ci (claim f7b6f26, deploy d11f8f5). Deploy byte-identical to M1 build; host healthy post-sweep (systemctl --failed empty, timer+services active, endpoints 200, no orphan test stacks, live cc-ci-run=zxlx9jn). gitea test_lfs_roundtrip GREEN under BOTH real timer fire (git-lfs from runtimeInputs; unit PATH has no git-lfs) AND Drone #871 (cc-ci-run runner/run_recipe_ci.py). No regression: ZERO missing-tool signatures across whole sweep; SKIPs/promotes correct; gitea promote-fail (warm-gitea already deployed) + discourse/mattermost reds (image-assertion / postgres relation, docker resolved) all proven pre-existing — identical in OLD-env pre-deploy fires, runner/ unchanged since canon f94de22. No defects, no VETO. M1+M2 fresh PASS → DONE cleared.
...
continuous-integration/drone/push Build is failing
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com >
2026-06-17 18:21:16 +00:00
f7b6f26859
claim(M2-nixenv): live parity proven on BOTH paths — gitea test_lfs_roundtrip green under the real timer fire (@17:57:54Z, git-lfs from cc-ci-run runtimeInputs; unit PATH has no git-lfs) AND the Drone path (build #871 , RECIPE=gitea REF=357926f2 PR=1). Deploy d11f8f5 healthy post-sweep (systemctl --failed empty, timer+oneshots active, endpoints 200). No regression: sweep SKIPs/promotes correct; gitea promote-fail + discourse/mattermost reds all pre-existing (identical pre-deploy, runner/ unchanged since canon f94de22). Awaiting Adversary.
continuous-integration/drone/push Build is failing
2026-06-17 18:18:53 +00:00
e0c296e0e6
inbox(nixenv): consumed Builder M2 heads-up — Drone-path witness #871 in flight; concur promote-failure pre-existing. Will independently verify both witnesses before verdict.
...
continuous-integration/drone/push Build is failing
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com >
2026-06-17 18:12:00 +00:00
c8d4528cbc
inbox(nixenv): Drone-path LFS witness build #871 in flight (RECIPE=gitea REF=357926f2 PR=1); timer-fire witness already PASS
continuous-integration/drone/push Build is failing
2026-06-17 18:11:25 +00:00
bfdfd10098
inbox(nixenv): consume Adversary M2 heads-up — concur GREEN-BUT-PROMOTE-FAILED is pre-existing (nixenv diff dd6712c..d11f8f5 is nix/+docs only, runner/nightly_sweep.py unchanged since canon f94de22; warm-gitea up since 08:39Z → 'already deployed')
continuous-integration/drone/push Build is failing
continuous-integration/drone Build is passing
2026-06-17 18:07:05 +00:00
b278082272
note(nixenv): heads-up to Builder — gitea LFS witness GREEN under timer fire, but sweep hit GREEN-BUT-PROMOTE-FAILED (warm-gitea already deployed); asking claim to establish it's pre-existing not nixenv-caused (runner promote path unchanged)
...
continuous-integration/drone/push Build is failing
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com >
2026-06-17 18:05:58 +00:00
2cc7328c5c
status(M2-nixenv): timer-fire LFS witness PASS (test_lfs_roundtrip green from cc-ci-run runtimeInputs; systemd unit PATH has no git-lfs). GREEN-BUT-PROMOTE-FAILED is pre-existing abra warm-deploy idempotency, not a regression. Drone-path witness pending sweep completion.
continuous-integration/drone/push Build is failing
2026-06-17 18:05:29 +00:00
d9eab45557
status(M2-nixenv): deployed clean (system byte-identical to M1 review); real timer fire started — gitea LFS witness in flight
...
continuous-integration/drone/push Build is failing
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com >
2026-06-17 17:36:09 +00:00
c0ac552441
status(M2-nixenv): M1 PASS recorded; M2 deploy in flight on cc-ci(hetzner)
...
continuous-integration/drone/push Build is failing
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com >
2026-06-17 17:28:37 +00:00
d11f8f56c4
review(M1-nixenv): PASS — single-source harness runtime env cold-verified (claim 8b8fc1f). Both hosts build (no collision); withPackages/pytest-playwright/ccciRuntimeTools each single-def; sweep+Drone both exec byte-identical cc-ci-run zxlx9jn… (15-tool PATH incl git-lfs-3.6.1+openssl-3.3.3, ends :$PATH so nothing dropped); host configs textually identical, cc-ci sw/bin GAINS git-lfs+openssl, DEFECT-3 host-PATH patch removed; future-dep propagation single-source by construction. No defects, no VETO. M2 (deploy+live LFS witness) awaits.
...
continuous-integration/drone/push Build is failing
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com >
2026-06-17 17:26:56 +00:00
8b8fc1ff8e
claim(M1-nixenv): single-source harness runtime env — ccciPyEnv+ccciRuntimeTools+cc-ci-run in packages.nix, referenced by harness/sweep/both hosts; sweep execs cc-ci-run (no dup pyEnv, no DEFECT-3 PATH patch); cc-ci host gains git-lfs+openssl; both #cc-ci and #cc-ci-hetzner build; awaiting Adversary
...
continuous-integration/drone/push Build is failing
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com >
2026-06-17 17:23:28 +00:00
706583bee3
review(nixenv): cold-prep — enumerate 3 current env declarations + union the shared set must cover; noted cc-ci/hetzner host git-lfs divergence as break-it target. Awaiting M1 claim.
...
continuous-integration/drone/push Build is failing
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com >
2026-06-17 17:12:06 +00:00
dd6712c243
status(settings): ## DONE — M1+M2 fresh Adversary PASS ( cd19c1b, 99d6bbc), no VETO
...
continuous-integration/drone/push Build is failing
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com >
2026-06-17 17:07:14 +00:00
40d2056c9e
review(M2-settings): PASS — live cold-verified on cc-ci. Deployed runner @99d6bbc byte-identical to M1-reviewed cd19c1b. CASE1 (file absent/false): keycloak(no canon)->release tag 10.7.1+26.6.2 NOT main-tip; gitea(canon)->last-green 3.5.3 unchanged. CASE2 (scratch file/true): live flag reads True from /etc/cc-ci/settings.toml, gitea canonical BYPASSED to release-tag path. RESTORE: file removed->flag False, reason back to last-green; steady state restored (file absent, clean). Harness file-pickup proven via real DEFAULT_PATH. No defects, no VETO. M1+M2 fresh PASS.
continuous-integration/drone/push Build is failing
2026-06-17 17:06:24 +00:00
a9ff941dda
claim(M2-settings): live server verified — no-canonical recipe (keycloak) -> release tag 10.7.1+26.6.2; flag true bypasses gitea canonical to release-tag path, restored false. Deployed /etc/cc-ci@99d6bbc; awaiting Adversary
...
continuous-integration/drone/push Build is failing
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com >
2026-06-17 17:04:16 +00:00
99d6bbc1a1
chore(settings): add scripts/show-upgrade-base.py — faithful live resolver probe for M2 evidence
continuous-integration/drone/push Build is failing
2026-06-17 17:02:33 +00:00
b7a2a5d699
journal(settings): M2 prep — server canonical registry inventory + M2 evidence candidates
continuous-integration/drone/push Build is failing
2026-06-17 16:58:59 +00:00
fb2dbeae05
review(M1-settings): PASS — cold-verified loader + flag + release-tag-first fallback. 32+315 tests pass; independent loader probes (absent/malformed/wrong-type/int-bool/unknown-key all correct, env override, get() default False); resolver matrix all 6 cells (false=canonical unchanged, true=canonical bypassed to release tag); samever helper reused; scope narrow (flag read only in resolve_upgrade_base, promote/--quick untouched); stdlib-only; no secrets. No defects, no VETO.
continuous-integration/drone/push Build is failing
2026-06-17 16:58:52 +00:00
fed2678200
claim(M1-settings): settings loader + SKIP_CANONICALS_FOR_UPGRADE + release-tag-first fallback implemented + unit-tested (315 pass); awaiting Adversary cold-verify
...
continuous-integration/drone/push Build is failing
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com >
2026-06-17 16:55:59 +00:00
cd19c1b172
feat(settings): server settings.toml loader + SKIP_CANONICALS_FOR_UPGRADE + release-tag-first no-canonical fallback
...
continuous-integration/drone/push Build is failing
- harness/settings.py: stdlib tomllib loader, [upgrade].skip_canonicals_for_upgrade
(bool, default false), _SCHEMA single-source defaults+validation; graceful on
absent/malformed (WARN+defaults), warn-and-ignore unknown keys/tables, TypeError on
wrong type. Path $CCCI_SETTINGS / /etc/cc-ci/settings.toml. + tracked settings.toml.example.
- resolve_upgrade_base: flag true bypasses the canonical lookup -> no-canonical fallback;
canonical-present path (incl. samever step-back) unchanged when false.
- _no_canonical_base (always-on, §2.C): newest release tag < head (reuse
warm_reconcile.newest_older_version) -> main-tip -> skip; replaces jump-to-main-tip.
- unit: full resolution matrix + loader tests; 315 unit pass, ruff clean.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com >
2026-06-17 16:55:22 +00:00
90228cffc4
chore(settings-adv): init REVIEW-settings.md + baseline orientation (awaiting Builder bootstrap)
continuous-integration/drone/push Build is failing
2026-06-17 16:46:09 +00:00
f68f1c56d9
status(dash): ## DONE — M1+M2 fresh Adversary PASS ( 3595e80, 4c0b289), no VETO
...
continuous-integration/drone/push Build is failing
Per-recipe history now sources the full run list from local /var/lib/cc-ci-runs
artifacts; deployed (image 11ac2a1e6c07, 1/1) + verified live: bluesky-pds 8 in
exact host ts order, ghost 24/immich 28/discourse 25, plausible/custom-html
capped 30 newest; overview+badges 200; traversal/injection rejected; retention
no-trim. DoD plan §5 met.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com >
2026-06-17 16:40:29 +00:00
7507cf4736
review(M2): PASS — live full per-recipe history verified (image 11ac2a1e6c07 1/1; bluesky-pds 8/ghost 24/immich 28/discourse 25 = host, plausible+custom-html capped 30; exact ts order incl mixed-id trap; cap keeps newest=758; overview+badge 200; live traversal/injection 404, no leak; retention no-trim confirmed). M1+M2 fresh PASS, no VETO.
continuous-integration/drone/push Build is failing
2026-06-17 16:39:35 +00:00
4c0b289881
claim(M2): dashboard redeployed (image 15addbc7bf45 -> 11ac2a1e6c07), live full per-recipe history verified
...
continuous-integration/drone/push Build is failing
bluesky-pds 8 rows in exact host ts order (753 556 435 427 423 ab-* m2rr-* m2r-*),
plausible 30 (capped from 33), ghost 24; overview+badges 200; service 1/1.
Deploy via path: flake (git-flake drops secrets/ submodule). Retention: no trim
job on /var/lib/cc-ci-runs (439 dirs / 17 days) — adequate.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com >
2026-06-17 16:37:21 +00:00
84ac65f6d2
review(M1): PASS — local-artifact history cold-verified vs host (bluesky-pds=8 exact ts order, mixed-id trap handled, 308 rows, cap keeps newest, malformed dirs skip no-500, security guards intact, stdlib-only, 13/13 unit). No defects.
continuous-integration/drone/push Build is failing
continuous-integration/drone Build is passing
2026-06-17 16:28:09 +00:00
931a2bed89
status(dash): record M2 deploy procedure + expected image tag roll (15addbc7bf45 -> 11ac2a1e6c07)
continuous-integration/drone/push Build is failing
2026-06-17 16:26:54 +00:00
3595e80d08
claim(M1): per-recipe history sourced from local /var/lib/cc-ci-runs artifacts (full history, not Drone 100-build slice)
...
continuous-integration/drone/push Build is failing
history_for() now enumerates run dirs' results.json, groups by recipe, sorts
newest-first by finished timestamp (mixed numeric+named ids — timestamp is the
only correct key), caps at HISTORY_CAP=30, skips malformed/empty/no-recipe dirs.
Overview + badges + /runs + security guards + stdlib-only unchanged.
Local verify: 13/13 unit tests; full-fixture vs 308 real results.json →
bluesky-pds=8 in exact ts order, plausible capped 30 newest, edge dirs skipped.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com >
2026-06-17 16:25:39 +00:00
2d5211f401
review(dash): pre-claim independent ground truth baseline — 432 run dirs/308 parseable/124 unparseable, bluesky-pds=8 runs w/ mixed numeric+named ids (timestamp-sort trap), per-recipe counts, break-test plan
continuous-integration/drone/push Build is passing
2026-06-17 16:20:53 +00:00
4f6d73302a
review(canon): CLOSE DEFECT-1/2/3 — all re-verified resolved at M2 PASS (honest labels, faithful-install promote 16 clean, env-parity git-lfs proven in production timer fire)
continuous-integration/drone/push Build is passing
2026-06-17 16:16:35 +00:00
86d61fe662
status(canon): ## DONE — M1+M2 fresh Adversary PASS ( 8149a2c, no VETO), §5 DoD fully cold-verified
...
continuous-integration/drone/push Build is passing
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com >
2026-06-17 16:16:02 +00:00
8149a2cd4a
review(M2): PASS — canonical sweep proven end-to-end, no VETO. 16 canonicals commit==tag (cold re-derived), real non-hollow timer fire (Result=success, single serial, custom-html 1.11→1.13 advance), determinism 2nd sweep 15-skip/5-documented-exception-run (no overlap, launched 14:41 after 14:37 fire end), tagged-gate both ways, samever step-back never fires in-sweep, UPGRADE_BASE_VERSION retired (plausible dynamic base 3.0.1 re-derived), my own --quick warm reattach reuses retained volume + 200, all 6 exceptions in DECISIONS, AI-free. DEFECT-3 CLOSED (parity byte-match + gitea lfs PASS in prod fire). M1+M2 fresh PASS → Builder may write ## DONE
continuous-integration/drone/push Build is passing
2026-06-17 16:15:28 +00:00
a4f1df435b
claim(M2): canonical sweep proven end-to-end — real timer fire promoted 16 canonicals (custom-html 1.11→1.13 live advance), determinism 2nd sweep clean (15 at-latest SKIP, only documented exceptions RUN), tagged-promote/samever-orthogonality/disk-budget/UPGRADE_BASE_VERSION-retirement all proven; 6 exceptions in DECISIONS; AI-free runtime
continuous-integration/drone/push Build is passing
2026-06-17 16:07:18 +00:00
29ca9b92a1
status(canon): stage M2 claim body (all sub-items WHAT/HOW/EXPECTED/WHERE) — finalizing on determinism 2nd sweep completion
continuous-integration/drone/push Build is passing
2026-06-17 15:59:05 +00:00
009bc60dc0
decisions(canon): record M2.7 warm-volume disk budget — 38G free, all-enrolled sustainable, no recipe dropped
continuous-integration/drone/push Build is passing
2026-06-17 15:57:14 +00:00
245c937ed7
chore(canon): consume ADVERSARY-INBOX — clean determinism 2nd sweep heads-up (M2.3 evidence in flight, pid 2248547); staying off-node, will verify SKIP/RUN partition + single-serial at M2 claim
continuous-integration/drone/push Build is passing
2026-06-17 14:42:52 +00:00
5c67543f6d
inbox(canon): heads-up — clean determinism 2nd sweep in flight (M2.3 evidence), single node, ~96m
continuous-integration/drone/push Build is passing
2026-06-17 14:42:07 +00:00
e8822165dd
journal(canon): production re-fire COMPLETE (Result=success, gitea cold-green via lfs PASS under parity PATH) — DEFECT-3 closed; launched clean determinism 2nd sweep (custom-html now at 1.13.0 → all 16 promoted at-latest)
continuous-integration/drone/push Build is passing
2026-06-17 14:41:45 +00:00
