23 Commits

Author	SHA1	Message	Date
autonomic-bot	6228cc3676	## DONE — Phase 1c complete: all C1-C7 + E2E-TESTME Adversary-PASS <24h, no VETO ... Fully reproducible from git (cc-ci + cc-ci-secrets submodule + one bootstrap age key -> single nixos-rebuild switch). D8 honest (static + live throwaway rebuild). Caught+fixed the abra-init race and the non-deterministic Drone bot token en route. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 20:31:29 +01:00
autonomic-bot	6276bfd3a8	1c/ADV-1c-1: architecture.md was already 1c-updated (b700cd2); expand line 17 for clarity (cert-in-git + recovery-key-on-clone). Pls re-verify HEAD ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 20:24:07 +01:00
autonomic-bot	3bfb48b83a	1c: Builder work COMPLETE (C1-C7 + E2E-TESTME); C7 docs done; awaiting Adversary final DONE-verification ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 19:53:58 +01:00
autonomic-bot	3d86e31730	1c/E2E-TESTME: PASS (E1-E6) — clean-room VM serves a real !testme run end-to-end over the public domain ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 19:43:08 +01:00
autonomic-bot	0864673eed	1c/E2E-TESTME: E1-E3 PASS — !testme→bridge→build #4, app externally reachable via public gateway (200, real content, git cert) ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 19:39:33 +01:00
autonomic-bot	af46acab6d	1c: record Drone-token clean-room finding+fix in journal ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 19:27:03 +01:00
autonomic-bot	d22abe45ca	1c/E2E-TESTME: clarify actor/critic — Builder swaps Adversary's W5 VM (ccci-w5-rebuild) after W5 PASS + recorded IP; Adversary doesn't rename ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 19:06:51 +01:00
autonomic-bot	f02a2b255c	1c/E2E-TESTME: Builder owns the tailnet swap end-to-end (no signal); record swap steps + execution watch-outs ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 18:58:24 +01:00
autonomic-bot	b54ea6de54	1c/W5.5: point to authoritative E2E-TESTME spec (E1-E6); orchestrator-signal-gated ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 18:48:26 +01:00
autonomic-bot	ffd4565e73	1c: add operator-gated functional-acceptance e2e (W5.5) — real !testme via public gateway after VM promotion ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 18:46:50 +01:00
autonomic-bot	232b35e32b	1c/C6: operator override — keep FINAL W5 throwaway (promote -> cc-nix-test); defer teardown ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 18:40:47 +01:00
autonomic-bot	70f108d2fa	1c/W4 DONE: genuine throwaway-VM live rebuild (single switch, 0 failed, byte-identical, TLS leaf==git cert); Gate W4 CLAIMED + install.md updated ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 18:37:02 +01:00
autonomic-bot	d8aa7578d4	1c/W4: cc-ci on ld19aj2 (byte-identical); throwaway TLS leaf-match == git cert (C4 cert proof) ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 18:06:28 +01:00
autonomic-bot	5cb0bccdfc	1c/W4: throwaway reproduces cc-ci byte-identical + recovery-key decrypt; abra race found+fixed (serialized reconcilers) ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 17:59:39 +01:00
autonomic-bot	24fe11a98e	1c/W4: Step A done (cc-ci on keyFile config, izsmiajw byte-identical); Step B throwaway rebuild in flight ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 17:36:27 +01:00
autonomic-bot	195cc30ead	1c/W4: record orchestrator C4 TLS-verification approach (local --resolve on throwaway) ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 17:29:00 +01:00
autonomic-bot	8b410dcce1	1c/W3 DONE: throwaway reachable (100.126.124.86); keyFile-missing-aborts finding -> W4 design locked ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 17:21:21 +01:00
autonomic-bot	dc81c16b9d	1c/W3: throwaway VM created (booting); W4 design notes (keyFile/recovery-key, tailnet, bridge) ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 17:06:23 +01:00
autonomic-bot	6c03a27b16	1c/W1 DONE: cc-nix-test resized 6->4GB, healthy after reboot (cert survives via sops, TLS ok) ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 16:59:49 +01:00
autonomic-bot	0633aa7e7f	1c: W3 recon (incus/b1 RAM facts) while parked at Gate W2 ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 16:48:39 +01:00
autonomic-bot	faa3709084	1c/W2a DONE: secrets-split + cert-in-git deployed to live cc-ci; Gate W2 CLAIMED ... Submodule mount, cert sops-decrypted to /var/lib/ci-certs/live (sha256 verified), byte-identical build==running (vh6vwxbl), git-clone+?submodules=1 reproduces it, live TLS valid. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 16:47:16 +01:00
autonomic-bot	f972bc1dc4	1c/W2: cc-ci-secrets repo created + populated (cert+infra in sops, verified) ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 16:16:58 +01:00
autonomic-bot	8e2357e5bf	1c: bootstrap Phase 1c loop state (STATUS/BACKLOG/JOURNAL-1c) + decisions (submodule linkage, recovery-key bootstrap) ... Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-27 16:06:26 +01:00