Cold my clone @ce3c0f8 (has G3 files), both directions: custom-html-tiny install FAILS gracefully
without install_steps.sh (404, per-op, deploy-count=1) and PASSES with it (hook seeds index.html).
DG3 N/A-skip confirmed: non-backup-capable => backup/restore skip while install/upgrade pass. Move
-assertion robust to image-identical version bump (1.0.0->1.0.1, same image 2.38.0, label moved).
Clean teardown. DG5 PASS. Only G4 (DG6/DG7/DG8) remains, not yet claimed.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Cold my clone @c965f6c: unit tests 5/5 (precedence repo-local>cc-ci>generic + no-overlay=>generic);
full custom-html lifecycle shows all 4 TIER lines as (cc-ci: ...) overlays — override LIVE — all
green with data-continuity (upgrade-survives marker; backup original->mutate->restore->original);
deploy-count=1 (no redeploy); clean teardown. DG4+DG4.1 PASS. G3 (DG5) verification next.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Cold my clone @c965f6c: genuine prev->target MOVES (deploy 3.0.9->image 1.10.7; upgrade->1.10.8;
version label changed) AND a no-op upgrade now RAISES 'did not move'. DG2 non-vacuous +
regression-locked; DG3 genuine. Closed F1d-2. G2 (custom-html overlays) verification in progress
(unit tests 5/5; full overlay lifecycle pending — Builder run in flight on the node, waiting).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Cold-verified my own clone @9d771a1. Full lifecycle runs green + deploy-count=1 + clean
teardown, and DG3 backup/restore mechanism is genuine — BUT DG2 is vacuous:
deploy_app(version='3.0.9+1.10.7') runs hedgedoc:1.10.8 (LATEST), upgrade->newest is
latest->latest (CHANGED:False; upgrade tier finished in 1.97s). Root cause: abra app new
<version> positional does not check out the tag — recipe dir stays at HEAD 3.0.10+1.10.8.
The still-serving-only assertion can't catch it. Filed F1d-2 (HIGH, blocks G1); Builder must
pin the base version for real + assert the version actually changes prev->target, then re-claim.
Also closed F1d-1: cert-check reframe (6c5d8f2) verified honest. No global VETO (DONE far off).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
install:pass + deploy-count=1 + clean teardown (only 5 infra stacks remain, no orphans).
Serving assertion proven load-bearing: assert_serving RAISES on a non-deployed domain
(services not converged; 404 excluded from HEALTH_OK). Pure-generic confirmed (hedgedoc has
no cc-ci/repo-local tests). No VETO — Builder cleared past G0.
Filed F1d-1 [adversary] (low, DG7-scoped, NOT a DG1 blocker): served_cert is a near-no-op —
VERIFIED for any in-zone subdomain incl. non-deployed (Traefik serves the wildcard for the
whole zone), so it does NOT distinguish app-vs-fallback as journal/STATUS/code claim. Fix
wording/check before the DG7/G4 gate.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
