9a8850affa
claim(Q4.1): matrix-synapse full lifecycle GREEN — §4.3 register transient post-restore 500 root-caused (synapse DB pool closed by restore DROP DATABASE FORCE) + fixed with bounded readiness-retry (not weakened); 5 tiers + 3 functional pass, P4 ci_marker survives, deploy-count=1, clean teardown
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-30 01:00:38 +01:00
db124d5107
fix(2): matrix register test — bounded readiness-retry on transient post-restore 5xx (synapse re-establishing DB pool after restore-tier DROP DATABASE); assertion unchanged, RAISEs on persistent failure
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-30 00:52:18 +01:00
cf54fe36a8
status(2): Q4.1 matrix — 4 tiers green; §4.3 register test 500 M_UNKNOWN, diagnosing with synapse log capture (not weakening)
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-30 00:45:31 +01:00
f39bae71ea
status(2): Q3.5 immich Adversary PASS (P4-restore CLOSED); Q4.1 matrix-synapse full-lifecycle run in flight
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-30 00:39:57 +01:00
11c5498bfa
review(2): Q3.5 immich PASS — COLD first-hand full lifecycle GREEN (my clone, log adv-immich-cold); 5 tiers + 3 custom, deploy-count=1, P4 restore test_restore_returns_state PASSED (ci_marker survives recipe-PR pg_dump backup→restore; non-vacuous: pre_restore DROPs+asserts), negative control 7eb3937 lacks DB backupbot labels (bug confirmed), real upgrade crossover 1.5.1+v2.6.3→1.6.0+v2.7.5, 2 distinct P3 functional, clean teardown; P4-restore RED CLOSED; no veto
2026-05-30 00:36:17 +01:00
191a647dcf
journal(2): immich claimed; remaining-recipe scope + backup-capability survey (ghost/bluesky/uptime-kuma/mattermost all backup-capable → P4 overlays required)
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-30 00:22:12 +01:00
0487631bac
claim(Q3.5): immich full lifecycle GREEN — P4 fixed via recipe-PR recipe-maintainers/immich#1 (recipe backed up NO database); 5 tiers + 3 custom pass, deploy-count=1, clean teardown
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-30 00:20:48 +01:00
ecd770b9ca
feat(2): immich P3 2nd functional test (asset-processing: metadata extraction + library statistics) + PARITY/DECISIONS for immich postgres-backup recipe-PR
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-30 00:08:10 +01:00
4f0eeb54bd
status(2): immich P4 — mechanism validated, recipe-PR recipe-maintainers/immich#1 opened, full-lifecycle run in flight
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 23:59:39 +01:00
6241e735ca
review(2): drone leftover CLOSED (Builder removed stack+vol, node clean); immich Q3.5 P4 recipe-PR deploy in flight (immi-074f69); no gate pending; drone still operator-blocked (/etc/timezone absent)
2026-05-29 23:49:51 +01:00
a4a2e60b87
status(2): immich Q3.5 P4 in-flight — recipe-PR for postgres backup (recipe backs up no DB); inbox consumed, node clean
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 23:45:08 +01:00
7e2a5bc09c
journal(2): immich Q3.5 P4 decision — recipe-PR to add postgres backup (recipe backs up NO DB as published); validate vchord dump/restore empirically first
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 23:44:47 +01:00
9b2ce09a67
inbox(2): consume adversary heads-up — removed forgotten drone smoke stack+volume (NOT pre-staging; drone integration awaits operator /etc/timezone host-deploy). Node clean: only infra stacks (traefik/bridge/dashboard/backups/warm-keycloak).
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 23:39:23 +01:00
dd45e9555e
revert(2): drop adversary scratch probe scripts accidentally staged by git add -A (runner/adv_*.py are local-only adversary scratch, not Builder code)
2026-05-29 23:37:48 +01:00
af94708de4
review(2): resume checkpoint — no gate pending; drone block genuine (/etc/timezone still absent on host); leftover drone smoke stack flagged (housekeeping); immich P4-restore still OPEN, unsigned
2026-05-29 23:37:17 +01:00
18577336f0
docs(2): Q5.1 — enroll-recipe.md §2.4 non-HTTP/multi-service/host-dependent recipes + mumble/mailu examples
...
Documents the Phase-2 Q4 patterns proven this session: EXTRA_ENV callable, READY_PROBE (HTTP+TCP),
CHAOS_BASE_DEPLOY, recipe_checkout -f, install_steps overlay-drop; non-HTTP protocol tests (mumble
host-ports + _mumble_proto), in-container functional tests (mailu flask/sendmail/doveadm under
TLS_FLAVOR=notls), and P4-N/A when a recipe ships no backupbot label. Worked-example pointers to
tests/mumble + tests/mailu.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 22:33:43 +01:00
1d99f91b44
status/backlog(2): Q4.10 drone BLOCKED on operator host /etc/timezone deploy ( 3bde76f); surfaced
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 22:20:35 +01:00
03b0a3b44d
deferred(2): Q4.10 drone blocked on host /etc/timezone deploy (gitea SCM dep); integration scoped
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 22:19:55 +01:00
3bde76f239
fix(2): cc-ci host — declare /etc/timezone (gitea + Debian-image recipes bind it)
...
gitea (drone's SCM dep) binds /etc/timezone:ro; NixOS time.timeZone only creates /etc/localtime, so
the bind failed ('bind source path does not exist: /etc/timezone') → container rejected. Declare
environment.etc.timezone=UTC. Enables drone Q4.10's gitea dep.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 22:16:24 +01:00
f86a58addf
journal(2): drone+gitea integration fully scoped (gitea dep config + admin/token/OAuth-app + install_steps wiring; §4.3 build-creation deferred)
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 21:59:07 +01:00
25ae2935b9
status(2): Q4.9 mailu Adversary PASS (REVIEW-2 2958eb6, P4-N/A signed off) — DONE; next drone Q4.10
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 21:51:57 +01:00
2958eb6c97
review(2): Q4.9 mailu PASS — COLD first-hand full lifecycle GREEN ×2 (my clone @6a216ed); deploy-count=1, real upgrade crossover 3.0.0→3.0.1 (head_ref==chaos-version), 2 non-vacuous P3 (unique-mailbox round-trip + unique-marker postfix→dovecot delivery), wait_healthy real gate, clean teardown; P4-N/A §7.1 sign-off GRANTED (no backupbot label, independently confirmed); P5/P6 N/A justified; no veto
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 21:51:06 +01:00
3c79e3de32
journal(2): drone Q4.10 analysis — needs gitea SCM dep + OAuth + build-trigger pipeline (heaviest §4.3)
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 21:46:06 +01:00
6a216ed73b
claim(2): Q4.9 mailu full lifecycle GREEN (P4 N/A) — awaiting Adversary
...
mailu (full email stack) install+upgrade(3.0.0→3.0.1 real crossover, head_ref==chaos-version)+custom
all green; deploy-count=1; clean teardown. backup/restore N/A-skip (no backupbot → P4 N/A; PARITY.md+
DEFERRED.md; Adversary §7.1 sign-off requested). P2 vacuous. P3: create-mailbox (flask→config-export)
+ mail-flow (in-container sendmail→doveadm deliver/store/fetch). TLS_FLAVOR=notls; in-container tools.
HOW/EXPECTED/WHERE in STATUS-2 Gate Q4.9. Logs ccci-mailu-full2 + smoke/smoke2.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 21:39:02 +01:00
88449431e1
fix(2): Q4.9 mailu — rewrite mail-flow via in-container sendmail+doveadm; drop network IMAP-auth test
...
Root cause of the 2 failing custom tests: TLS_FLAVOR=notls → dovecot refuses plaintext auth over
network 143, so host-side IMAP login/auth isn't a meaningful signal. Smoke2 PROVED the in-container
path: sendmail (postfix container) local-injects a marker mail → doveadm search (imap container) finds
it in INBOX. test_mail_flow now exercises the real postfix→rspamd→dovecot deliver/store/fetch via
exec_in_app(service=smtp/imap). Dropped test_imap_login (network plaintext-auth disallowed under notls).
test_mailbox (create+config-export read-back) unchanged. PARITY.md updated.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 21:33:11 +01:00
916bdd8b68
feat(2): Q4.9 mailu — recipe_meta + health + 3 functional (create-mailbox/imap-login/mail-flow); P4 N/A deferred
...
mailu (full email stack). TLS_FLAVOR=notls avoids certdumper/ACME dep (cc-ci file-provider cert);
MAIL_DOMAIN/HOSTNAMES=run domain; TRAEFIK_STACK_NAME for the letsencrypt-volume mount. P2 vacuous (no
corpus). P3: test_mailbox (flask mailu user create + config-export read-back), test_imap_login
(mailbox authenticates over dovecot IMAP:143), test_mail_flow (SMTP submission send → IMAP retrieve,
auth to avoid greylisting). P4 N/A (no backupbot label) — DEFERRED.md + PARITY.md, Adversary §7.1
sign-off pending. Smoke-validated: 8 services converge, mail ports 25/587/143/993 host-open, flask CLI.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 21:13:56 +01:00
3ab04cd07a
journal(2): mailu Q4.9 deeper recon — certdumper/ACME TLS friction; start with TLS_FLAVOR=notls
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 20:57:39 +01:00
594f2d3389
review(2): Q4.6 discourse deferral VERIFIED SOUND — bitnami/discourse:3.3.1 + :3.1.2 both GONE, bitnamilegacy present; genuine upstream env-blocker (§8), pre-cleared for DONE; no veto
2026-05-29 20:56:01 +01:00
7282caef30
journal(2): mailu Q4.9 enrollment plan + discourse Q4.6 block recorded (handoff to next iteration)
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 20:54:21 +01:00
bdc05e24c4
status/backlog(2): Q4.6 discourse blocked (bitnami images gone); pivot to Q4.9 mailu (images pullable)
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 20:53:09 +01:00
848cc31fea
deferred(2): Q4.6 discourse BLOCKED — upstream bitnami/discourse images removed from Docker Hub (undeployable)
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 20:52:14 +01:00
ca7acf3d52
feat(2): Q4.6 discourse — recipe_meta + postgres P4 overlays + health (WIP, §4.3 create-topic next)
...
discourse (forum: postgres+redis+sidekiq). HEALTH_PATH=/srv/status (slow Rails boot, DEPLOY_TIMEOUT=1800).
P4 via postgres ci_marker (db service, pg_dump backupbot — matrix-synapse pattern). Health functional
test. §4.3 create-a-topic + PARITY.md to follow after smoke discovers the admin/API bootstrap path.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 20:38:25 +01:00
e36656f688
status(2): Q4.2 mumble Adversary PASS (REVIEW-2 1daa1ea) — DONE; advancing to discourse
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 20:35:50 +01:00
1daa1ea067
review(2): Q4.2 mumble PASS — COLD first-hand full-lifecycle GREEN (my clone @1ba5613); 5 tiers, deploy-count=1, tcp ready-probe 2x, real upgrade crossover, P3 config round-trips non-vacuous (max_users=42 + welcome marker), P4 sqlite ci_marker survives, clean teardown; no veto. Minor: leftover mumb-smoke volume (housekeeping)
2026-05-29 20:34:57 +01:00
f4e11d4cca
journal(2): next-recipe recon — discourse chosen (only remaining recipe with a backup mechanism for real P4)
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 20:33:03 +01:00
1ba56139fb
claim(2): Q4.2 mumble full lifecycle GREEN — awaiting Adversary
...
mumble (§5 TCP/voice recipe) all 5 tiers green: install+upgrade(real 0.2.0→1.0.0+ crossover,
head_ref==chaos-version 9fa5e949)+backup+restore+custom; deploy-count=1; clean teardown.
P2=3 parity ports (health_check/mumble_connect/web_client), P3=2 specific (welcome-text + max-users
config round-trips over the protocol), P4=sqlite ci_marker survives backup→restore. ready-probe OK
(tcp 3x) twice. Harness additions: CHAOS_BASE_DEPLOY, recipe_checkout -f, TCP READY_PROBE; install_steps
provides host-ports.yml. Log /root/ccci-mumble-full6.log; HOW/EXPECTED/WHERE in STATUS-2 Gate Q4.2.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 20:25:37 +01:00
ec76072489
fix(2): Q4.2 mumble — TCP voice-server READY_PROBE gates backup past upgrade host-port churn
...
Diagnostic (RECIPE=mumble STAGES=install,backup,restore,custom, no upgrade) PROVED backup+restore green
on a stable 1.0.0 deploy incl. ci_marker survival (P4). The full-run backup 409 ('container not
running') was the chaos UPGRADE redeploy: host-mode 64738 must be released by the old task + rebound by
the new, and HEALTH_PATH '/' only proves the mumble-web sidecar (not the voice server), so wait_healthy
passed while the app churned → backup-bot execed a not-running container. Fix: extend
lifecycle.wait_ready_probes to support a TCP probe ({tcp_host,tcp_port,stable=N consecutive connects});
mumble recipe_meta READY_PROBE returns 64738 (stable=3) so the harness waits for the voice server up
after install AND upgrade before backup.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 20:19:07 +01:00
1890cb58f3
fix(2): recipe_checkout force (-f) — fixes mumble upgrade-tier checkout collision with cc-ci overlay
...
git checkout <head_ref> aborted on the untracked install_steps-provided compose.host-ports.yml (which
head_ref tracks). Force-checkout yields the exact ref tree. Also fixes the mumble restore tier: backup
labels exist only in 1.0.0+, so backup/restore are meaningful only after the (now-working) upgrade moves
the app to head_ref. DECISIONS.md updated.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 20:03:41 +01:00
191fa774ec
review(2): Q4.2 mumble PRE-CLAIM code audit (NOT a verdict) — P7 non-vacuous at code level; cold-verify checklist staged for when claimed
2026-05-29 19:59:48 +01:00
850c3c4fb9
inbox(2): consume Adversary node-free/mumble-unblocked notice (already acting — mumble run in flight)
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 19:58:57 +01:00
7054e9bcd0
review(2): Q4.7 plausible teardown CLOSED (plau-0c70fd fully clean); cold run done, node FREE; §4.3 first-hand PASS still pending; inbox-notify Builder mumble unblocked
2026-05-29 19:58:01 +01:00
a0fd58b4c5
fix(2): Q4.2 mumble — set sqlite busy timeout via silent .timeout dot-command, not PRAGMA
...
PRAGMA busy_timeout=N emits its own result row, polluting the read-back parse (seed read back
'20000\nupgrade-survives' → AssertionError 'seed did not commit', failing upgrade/backup/restore ops
— though the INSERT actually committed). Switch _sqlite to 'sqlite3 -cmd ".timeout 20000"' which sets
the busy timeout silently. install+custom already green (handshake/welcome/web/tcp PASS); this fixes
the P4 lifecycle ops.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 19:54:10 +01:00
27abce678b
review(2): Q4.7 plausible CONSOLIDATED verdict — self-corrects 0efcc36+1ecae1c (both had errors); §4.3 green in ONE clean Builder log + non-vacuous; full-lifecycle unproven (upstream clickhouse stall); not cleared, no veto
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 19:45:51 +01:00
3360f1b266
status(2): Q4.2 mumble code complete; full run queued behind Adversary plausible cold run (single node)
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 19:34:22 +01:00
999dd0d564
fix(2): Q4.2 mumble — CHAOS_BASE_DEPLOY meta flag for chaos base deploy (clean-tree gate)
...
mumble's pinned base deploy (prev version 0.2.0) FATAs 'has locally unstaged changes' because
install_steps provides an untracked compose.host-ports.yml. New recipe_meta CHAOS_BASE_DEPLOY=True +
lifecycle._recipe_meta_flag + deploy_app branch -> base uses chaos (skips clean-tree/lint, deploys the
checked-out pinned version, not LATEST), mirroring the lightweight-tag chaos-base path. DECISIONS.md
records the full mumble enrollment design.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 19:32:48 +01:00
1b6c77c76a
inbox(2): consume Adversary BUILDER-INBOX (Q4.7 plausible evidence) — corrected by review 1ecae1c (§4.3 green substantiated)
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 19:31:21 +01:00
1ecae1ce27
review(2): Q4.7 plausible CORRECTION — retract 'no evidence'; §4.3 event tests ARE green (2 Builder logs, 1 clean) + non-vacuous; my own cold run launched; full-lifecycle still deferred
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 19:30:26 +01:00
38db17af0c
status(2): ACK Adversary Q4.7 plausible finding — will provide preserved green-run log post-cooldown
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 19:28:54 +01:00
6bf0425f50
fix(2): Q4.2 mumble — provide host-ports overlay for every version via install_steps
...
The upstream compose.host-ports.yml exists only from v1.0.0+, but the upgrade-tier base deploy is
the previous published version (0.2.0+), which predates it — so EXTRA_ENV's COMPOSE_FILE failed to
resolve on the base deploy (config --images rc=14, deploy FATA). install_steps.sh now copies a
cc-ci-owned identical overlay into the recipe checkout when absent, so 64738 is host-published for
every version (base + upgrade) and on-host protocol tests reach 127.0.0.1:64738.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 19:27:38 +01:00
0efcc36207
review(2): Q4.7 plausible — deferral sound + test content non-vacuous, but '§4.3 proven green' UNVERIFIED (no evidence log on host); Q4.7 not cleared
...
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com >
2026-05-29 19:26:59 +01:00
