Commit Graph

Select branches

Hide Pull Requests

chore/runner-capacity-2

feat/expected-na-and-tiny-functional

feat/reports-pr-status-proxy

fix/converge-paused-update

fix/converge-rolling-update

fix/converged-oneshot

fix/lint-and-concurrent-runs

main

phase-lvl5

redfix-m2-harness

regression-canaries

restructure/concurrency

restructure/recipe-custom

scratch/m3-demo

terraform-hetzner

test/plausible-psql-quiet

test/plausible-upgrade-base-3.0.1

v6-custom-html-docroot

v6-custom-html-mime

v6-matrix-synapse-real-upgrade-state

#1

#2

#3

#5

#6

#7

#8

#9

mirror-phase-done

Mono Color

• 78cf95aad3 status(2): Q3.2 truthful update — disk-blocker RESOLVED (cc-ci 64G); upgrade tier now REQUIRED green (not deferrable), runs via Q3.2a rework; F2-7 closed out-of-scope per SSO policy autonomic-bot 2026-05-29 09:10:55 +01:00
• 139e8b9797 review(2): close F2-7 out-of-scope per operator SSO policy (keycloak default; Phase-2 DONE not gated on authentik; re-entry only if a recipe REQUIRES authentik); Builder owns DECISIONS/DEFERRED#9/cryptpad-keycloak edits autonomic-bot 2026-05-29 09:09:58 +01:00
• 1537a928d5 decisions(2): record operator SSO-provider policy — keycloak DEFAULT for all recipe OIDC; authentik NOT a Phase-2 DONE gate (enroll only if a recipe REQUIRES it); cryptpad OIDC under keycloak; narrow DEFERRED #9 authentik re-entry trigger autonomic-bot 2026-05-29 09:09:38 +01:00
• 779fb8917c status(2): link plan-lasuite-drive-oidc-robustness.md into Q3.2a (Step 0 logs → Part A install-time OIDC vs warm keycloak [deploy once, no reconverge, real-abra-only] → Part B recipe PR; 3x-green + cold-verified before Q3.2 claim) autonomic-bot 2026-05-29 09:06:43 +01:00
• 542028a6a4 status(2): Q4.5 mattermost-lts DONE — full lifecycle green (install+upgrade+backup+restore+custom, deploy-count=1, clean teardown); P1+P3 met; P4 ops → Q5 sweep autonomic-bot 2026-05-29 09:05:55 +01:00
• 200d599c06 status(2): Q4.5 mattermost-lts ENROLLED + install+custom GREEN (create-message §4.3 round-trip validated live); full lifecycle in flight for P1 autonomic-bot 2026-05-29 08:59:43 +01:00
• 6ff68e625a note(2): record Adversary cold-verify criteria for queued lasuite-drive Q3.2 rework (real-abra-only enforcement, repeat-green + upgrade tier required); not active yet autonomic-bot 2026-05-29 08:58:32 +01:00
• 9b6c0e03dc review(2): disk-blocker LIFTED — cold-verified 64G/44G-free + infra healthy post-resize; lasuite-drive upgrade tier now REQUIRED green (deferral void, veto-eligible open obligation); DEFERRED.md edit left to Builder autonomic-bot 2026-05-29 08:42:52 +01:00
• 6df4757f85 status(2): CLOSE disk-blocker DEFERRED — cc-ci resized to 64G (44G free); heavy-recipe upgrade tiers runnable; lasuite-drive full-lifecycle Q3.2 now active backlog autonomic-bot 2026-05-29 08:42:24 +01:00
• aca1fd5185 inbox(2): consume Adversary BUILDER-INBOX — disk-blocker deferral VOID post-resize; Q3.2 now requires the FULL lasuite-drive lifecycle incl. a GREEN upgrade tier (cold-verified). Aligns with my plan: re-run full after cc-ci healthy, claim only when upgrade green. autonomic-bot 2026-05-29 08:37:10 +01:00
• 4eae6eb208 inbox(2): disk resize 30→70GB in progress — deferral VOID; lasuite-drive upgrade tier now REQUIRED green for Q3.2 sign-off (no longer deferrable); pausing host verify during restart autonomic-bot 2026-05-29 08:36:32 +01:00
• dd137f9683 status(2): disk resize 30->70GB in progress (orchestrator) — disk-blocker LIFTING; deploys paused; plan to re-run lasuite-drive FULL lifecycle + mattermost after cc-ci healthy autonomic-bot 2026-05-29 08:36:17 +01:00
• fc6e35d617 feat(2): mattermost-lts create-message round-trip (§4.3 P3) — first-user→login→team→channel→post→read-back; harness http.post_with_headers (returns response headers, for mattermost login Token) autonomic-bot 2026-05-29 08:31:37 +01:00
• 8ce62c4fa6 feat(2): enroll mattermost-lts (Q4.5) — recipe_meta (HTTP-native, self-contained postgres) + health_check (root + /api/v4/system/ping) + PARITY (no corpus → P2 vacuous; create-message §4.3 + P4 ops planned) autonomic-bot 2026-05-29 08:24:41 +01:00
• 9df900d1cc journal(2): mumble scope correction — non-HTTP health = high-blast-radius core-harness feature (wait_healthy/canonical/generic), deserves dedicated effort; re-pick next unit = mattermost-lts (HTTP-native, no core changes) autonomic-bot 2026-05-29 08:06:03 +01:00
• 7997b98935 journal(2): scouted mumble (Q4.2) — first non-HTTP recipe; design = python sidecar probe on app overlay network for the TLS protocol test; enrollment plan recorded for next tick autonomic-bot 2026-05-29 07:47:42 +01:00
• 426a953c2b status(2): lasuite-drive Q3.2 NOT claimed — OIDC setup redeploy flaky (collabora reconverge); --detach fix validated; test assertions proven correct (run 1); Q3.2a robustness item added; prune-during-deploy lesson recorded autonomic-bot 2026-05-29 07:27:50 +01:00
• 75ae226c0d status(2): Q3.2 lasuite-drive maximal subset GREEN (install+backup+restore+custom: health+MinIO roundtrip+OIDC JWT); upgrade tier deferred pending disk resize; clean re-run w/ --detach fix in flight before claim autonomic-bot 2026-05-29 06:28:03 +01:00
• f1c626cc67 fix(2): lasuite-drive setup_custom_tests — docker service scale --detach for the run-once minio-createbuckets job (blocking scale hung the custom tier forever; --detach submits + returns, bucket-poll confirms) autonomic-bot 2026-05-29 06:21:42 +01:00
• d1aae43c7e inbox(2): consume Adversary BUILDER-INBOX — conditional/deferred sign-off model for lasuite-drive upgrade tier (deferred pending disk resize, NOT waived; veto-eligible open item until cold-verified green). Q3.2 claim will frame accordingly. autonomic-bot 2026-05-29 05:54:49 +01:00
• ccc42699ff chore(2): consume ADVERSARY-INBOX (Q3.2 lasuite-drive heads-up); reply via BUILDER-INBOX — disk blocker is operator-removable, will grant CONDITIONAL/deferred sign-off only, upgrade tier still blocks Phase-2 DONE autonomic-bot 2026-05-29 05:53:51 +01:00
• b78d708c49 decisions/deferred(2): lasuite-drive upgrade tier = disk env-blocker (28GB host, dual multi-GB office image crossover); maximal subset in flight; operator disk-resize escalation; adversary heads-up autonomic-bot 2026-05-29 05:51:31 +01:00
• 2c245c83c7 journal(2): Phase 2 RESUMED post-2w — foundation re-confirmed (72 unit + custom-html full e2e green), reference-corpus mapping, lasuite-drive e2e in flight autonomic-bot 2026-05-29 05:03:46 +01:00
• 7b5ed9c350 review(2): break-it probe @2026-05-29 — 2w WC5 promotion × F2-11 SSO-skip: NO regression (overall-gated, no alt promote path, 72 unit pass cold) autonomic-bot 2026-05-29 04:54:02 +01:00
• aebb28d774 done(2w): Phase 2w COMPLETE — WC1-WC9 (incl WC1.1/WC1.2) all Adversary-verified, NO VETO autonomic-bot 2026-05-29 04:48:02 +01:00
• 2822d60474 review(2w): WC8 + WC9 (FINAL) — PASS @2026-05-29; ALL WC1-WC9 (incl WC1.1/WC1.2) Adversary cold-verified, NO VETO — DONE authorized autonomic-bot 2026-05-29 04:46:30 +01:00
• 40b03a9bf1 claim(2w): WC8 + WC9 (FINAL gates) — resource-safety consolidation + stale-warm prune + docs/warm.md + --quick rollback proof autonomic-bot 2026-05-29 04:43:34 +01:00
• b8b698e2f5 review(2w): WC6 nightly full-cold sweep — PASS @2026-05-29 (declarative timer Persistent + orchestration + live systemd-service run: infra roll health-gated → serial cold sweep → canonical advanced, infra healthy, no leftovers) autonomic-bot 2026-05-29 04:38:51 +01:00
• 465e1059b0 claim(2w): WC6 nightly full-cold sweep — timer+service roll warm/infra (health-gated) then serial cold sweep promoting canonicals (WC5); proven live autonomic-bot 2026-05-29 04:33:08 +01:00
• 1e40a460ba status(2w): WC5 ADVERSARY PASS @2026-05-29 (8 WC items verified); building WC6 nightly sweep autonomic-bot 2026-05-29 04:14:16 +01:00
• 5bbc47cb02 review(2w): WC5 promote-on-green-cold — PASS @2026-05-29 (gate predicate anti-poison verified + live advancement 1.10.0→1.11.0 cold-only; --quick/PR-head/red/unenrolled excluded) autonomic-bot 2026-05-29 04:13:17 +01:00
• 125453df20 claim(2w): WC5 promote-on-green-cold proven — green cold run advances canonical (1.10.0→1.11.0); --quick never promotes; only cold advances autonomic-bot 2026-05-29 04:08:14 +01:00
• cf5999cdda decisions(2w): W3 WC5 promote-on-green-cold mechanism (re-seed canonical from fresh green-latest deploy; never lose known-good; gate=enrolled+green+cold+latest) autonomic-bot 2026-05-29 04:01:59 +01:00
• f2cfee5c32 status+journal(2w): W0.10a traefik WC1.1 ADVERSARY PASS — WC1.1 fully closed (both reconcilers); building W3 WC5 autonomic-bot 2026-05-29 03:59:37 +01:00
• e3b08a9bdf review(2w): traefik WC1.1 (W0.10a) — PASS @2026-05-29 (stateless rollback proven, no TLS outage); CLOSES W0.10 tracked-open → WC1.1 fully verified both reconcilers autonomic-bot 2026-05-29 03:58:33 +01:00
• e678d2e006 claim(2w): W0.10a traefik WC1.1 migrated onto shared health-gated reconciler — no-op converge proven; destructive rollback = Adversary cold proof autonomic-bot 2026-05-29 03:50:32 +01:00
• aec6911c68 status+journal(2w): W2 gate WC4+WC7 ADVERSARY PASS @2026-05-29; advance to W3 (WC5/WC6) + traefik W0.10a quiet window autonomic-bot 2026-05-29 03:34:29 +01:00
• 31f0e426c4 review(2w): WC4 + WC7 — PASS @2026-05-29 (gate 3ff2bf6; --quick never-promote + FAIL-rollback-to-exact-known-good + no-canonical→cold fallback, all cold-verified; live-bridge trigger battery) autonomic-bot 2026-05-29 03:31:57 +01:00
• 3ff2bf6c48 claim(2w): Gate WC4+WC7 CLAIMED — --quick fast lane proven live (PASS keeps known-good, FAIL restores) + bridge !testme --quick deployed autonomic-bot 2026-05-29 03:17:29 +01:00
• 9afc7f64b9 feat(2w): W2 WC7 trigger surface — bridge parses !testme --quick autonomic-bot 2026-05-29 03:10:56 +01:00
• 191ebde466 fix(2w): W2 --quick live-proof fixes (time import + stale-TYPE reset) autonomic-bot 2026-05-29 03:05:39 +01:00
• f68e9d463f feat(2w): W2 --quick mode in run_recipe_ci.py (WC4+WC7) autonomic-bot 2026-05-29 02:45:44 +01:00
• 307269b5c6 status+journal(2w): W1 gate WC2+WC3 ADVERSARY PASS @2026-05-29; advance to W2 (--quick mode) autonomic-bot 2026-05-29 02:35:55 +01:00
• 0246296370 review(2w): WC2 + WC3 — PASS @2026-05-29 (gate 4ce80f8; data-warm round-trip + restore round-trip cold-verified from own clone, canonical left idle+clean) autonomic-bot 2026-05-29 02:33:35 +01:00
• 62f03191ed chore(2w): consume ADVERSARY-INBOX — WC2+WC3 formally claimed (4ce80f8); running cold reproduce autonomic-bot 2026-05-29 02:26:03 +01:00
• 99d1a64ac2 inbox(2w): notify Adversary — WC2+WC3 gate IS claimed (4ce80f8); W1.2 data-warm proof done; custom-html canonical idle for cold reproduce autonomic-bot 2026-05-29 02:25:27 +01:00
• b56a15403c review(2w): watchdog [C2 C3] premature — no formal WC2/WC3 claim (W1.2 live data-warm proof pending); read-only glance at canonical.py, await formal claim autonomic-bot 2026-05-29 02:24:38 +01:00
• 4ce80f8751 claim(2w): W1 gate WC2+WC3 CLAIMED — data-warm canonical proven (custom-html round-trip: undeploy-keep-volume → reattach → data survives) autonomic-bot 2026-05-29 02:23:22 +01:00
• 9144eeac2f status(2w): W1.1 registry module done; next W1.2 enroll custom-html + live data-warm proof autonomic-bot 2026-05-29 02:15:35 +01:00
• b6ef83ab0b feat(2w): W1 canonical registry module (WC2) + alerts archived autonomic-bot 2026-05-29 02:15:11 +01:00
• 563156ae7e decisions(2w): W1 canonical registry design (recipe_meta.WARM_CANONICAL enrollment, warm-<recipe> data-warm lifecycle, canonical.json registry) autonomic-bot 2026-05-29 02:11:58 +01:00
• 56a95c68ef status+journal(2w): W0 gate WC1+WC1.2+WC1.1(keycloak) ADVERSARY PASS @2026-05-29; advance to W1 (canonical registry); traefik W0.10 tracked before DONE autonomic-bot 2026-05-29 02:10:55 +01:00
• 31ac86d644 review(2w): WC1 + WC1.2 + WC1.1(keycloak-stateful) — PASS @2026-05-29 (gate 985686f cleared, all 6 checks cold-verified from own clone); traefik WC1.1/W0.10 tracked open before DONE autonomic-bot 2026-05-29 02:08:49 +01:00
• 3f566436a4 review(2w): recovery OK (kc canonical) + check6 WC1.2 holds PASS; check3 headline e2e in progress autonomic-bot 2026-05-29 02:04:11 +01:00
• 95ada595aa review(2w): WC1 checks 1/2/4 PASS + WC1.1 MARQUEE rollback PASS (data intact, last_good held, alert correct); test-script cleanup bug noted, recovery in flight autonomic-bot 2026-05-29 01:59:12 +01:00
• eb54c95bfa chore(2w): consume ADVERSARY-INBOX — gate-claim confirmed, alerts-dir flag resolved (intentional cleanup), keycloak parked for my reproduce autonomic-bot 2026-05-29 01:45:44 +01:00
• d87cb8eee9 inbox(2w): consume BUILDER-INBOX; reply — gate IS claimed (985686f), pull+reproduce; alerts-dir cleaned test artifact intentionally autonomic-bot 2026-05-29 01:45:22 +01:00
• 38ba153e90 review(2w): watchdog [C1] ping — no formal gate yet; read-only pre-review (reconciler clean, alerts-dir flag) + inbox heads-up to coordinate live reproduce autonomic-bot 2026-05-29 01:44:02 +01:00
• 0f6e7d75e3 status(2w): gate scope note — WC1.1 proven for keycloak (stateful); traefik WC1.1 = W0.10 follow-up autonomic-bot 2026-05-29 01:41:27 +01:00
• 985686f60e claim(2w): Gate WC1+WC1.1+WC1.2 CLAIMED — warm keycloak headline e2e GREEN + concurrency/reaping + rollback/holds proven autonomic-bot 2026-05-29 01:40:32 +01:00
• cbc193e535 journal(2w): record docker-prune WC8 fix autonomic-bot 2026-05-29 01:26:42 +01:00
• e73e4393ed fix(2w): docker autoPrune drop --volumes (was failing daily + would wipe warm vols) [WC8] autonomic-bot 2026-05-29 01:26:24 +01:00
• 819c1bc0fd status+journal(2w): W0.9 WC1.1 live proofs PASS (healthy upgrade + marquee rollback); reconciler-side WC1/WC1.1/WC1.2 proven autonomic-bot 2026-05-29 01:21:59 +01:00
• 32f00717ac fix(2w): W0.9 WC1.1 hardening (proven live: healthy upgrade + marquee rollback) autonomic-bot 2026-05-29 01:21:05 +01:00
• 07ea951f31 fix(2w): WC1.1 reconcile rolls back on deploy FAILURE too (not just unhealthy) autonomic-bot 2026-05-29 01:01:25 +01:00
• 0812132452 review(2w): standing WC8 probe — lasu-0a6fb2 fully torn down (no app/svc/vol/secret), disk 63% autonomic-bot 2026-05-29 00:55:49 +01:00
• 4808d0354a status(2w): W0.6 reconciler delivered + WC1.2 holds proven; next W0.9 WC1.1 live proofs autonomic-bot 2026-05-29 00:43:10 +01:00
• a044abb298 feat(2w): W0.6 unpinned warm reconciler + WC1.2 safety gate + WC1.1 scaffold autonomic-bot 2026-05-29 00:42:02 +01:00
• aff50aac0a journal(2w): W0.5 proven + WC8 disk reclaim (96%->62%); checkpoint before W0.6 autonomic-bot 2026-05-29 00:29:42 +01:00
• 67240dca92 decisions+status(2w): W0.5 done (WC3 snapshot proven); W0.6 reconciler version model (deploy-by-tag, recipe-semver pre-+, python entrypoint in store) autonomic-bot 2026-05-29 00:15:38 +01:00
• 4cc1e15a53 feat(2w): W0.5 WC3 snapshot/restore helper (warmsnap.py) autonomic-bot 2026-05-29 00:12:46 +01:00
• ceacd0e6de backlog+decisions(2w): re-sequence W0 (WC3 helper first); unpin/snapshot/alert decisions autonomic-bot 2026-05-29 00:05:13 +01:00
• 740d7bac4c status(2w): W0 core mechanism proven + reconciler up; absorb design update (unpin+WC1.1+WC1.2); re-sequence to WC3 snapshot helper first autonomic-bot 2026-05-29 00:04:10 +01:00
• b127078516 review(2w): add WC1.2 pre-deploy safety gate (major/manual-migration hold + alert-with-notes) to verification map autonomic-bot 2026-05-29 00:02:59 +01:00
• 2dc1e6edc7 review(2w): absorb design update — WC1 unpin + new WC1.1 health-gated rollback proof + WC6 reorder into verification map autonomic-bot 2026-05-29 00:00:09 +01:00
• 88c11142de fix(2w): W0.3 warm-keycloak reconciler — newline bite + skip-if-healthy autonomic-bot 2026-05-28 23:52:01 +01:00
• c8e9ddb681 feat(2w): W0.3 declarative warm-keycloak reconciler (WC1) autonomic-bot 2026-05-28 23:28:44 +01:00
• 1b8d26b504 feat(2w): W0.2 live-warm keycloak dep mode in orchestrator (WC1) autonomic-bot 2026-05-28 23:26:02 +01:00
• 74bf8c1723 feat(2w): W0.1 keycloak realm lifecycle primitives (WC1) autonomic-bot 2026-05-28 23:16:48 +01:00
• 5dd76d7c8c chore(2w): bootstrap Phase 2w loop state + cleanup orphaned cold apps autonomic-bot 2026-05-28 23:14:41 +01:00
• 66e065dff5 feat(2): lasuite-drive setup creates MinIO bucket via createbuckets one-shot autonomic-bot 2026-05-28 23:08:11 +01:00
• 534cd7066c review(2w): Adversary online — phase start, cold access verified, awaiting WC gate claims autonomic-bot 2026-05-28 23:07:04 +01:00
• 6557197858 feat(2): Q3.2 lasuite-drive SSO iteration — keycloak dep + OIDC test + MinIO storage round-trip autonomic-bot 2026-05-28 22:28:35 +01:00
• 5f1ce47593 review(2): rate-limit fix VERIFIED + CLOSED — all 3 conditions cold (auth 200-limit, own uncached swarm-service pull, declarative sops persistence); consume inbox autonomic-bot 2026-05-28 22:17:23 +01:00
• 15228c2fdb inbox(2): signal Adversary — Docker Hub auth wired, conditions 2+3 proven (uncached n8n swarm pull + declarative sops persistence) autonomic-bot 2026-05-28 22:13:57 +01:00
• 7a337f5d69 status(2): Docker Hub rate-limit RESOLVED — declarative sops auth + swarm pulls authenticate (3 conditions); DECISIONS recorded autonomic-bot 2026-05-28 22:13:25 +01:00
• 5e14963d51 feat(2): declarative Docker Hub auth — sops dockerhub_auth + config.json template (rate-limit fix) autonomic-bot 2026-05-28 22:05:09 +01:00
• 46e9d1c43a review(2): rate-limit PARTIAL verify — auth 200-limit + account source CONFIRMED; swarm-pull + declarative-persistence still pending autonomic-bot 2026-05-28 22:04:03 +01:00
• 45fb42e19d review(2): rate-limit fix pre-wiring baseline (anon 100/6h @68.14.43.142, remaining=4); verification plan for post-wiring autonomic-bot 2026-05-28 21:45:57 +01:00
• 65e4e519ff review(2): F2-11 CLOSED — deploy-free cold proof (35 unit + real conftest skip-report stitched to predicate); consume inbox autonomic-bot 2026-05-28 21:29:32 +01:00
• 0d6cd05675 inbox(2): notify Adversary — F2-11 fixed (deploy-free verify) + deploy work paused on Docker Hub rate limit autonomic-bot 2026-05-28 21:25:57 +01:00
• 5b34496557 fix(2): F2-11 — SSO-dep deps-not-ready SKIP no longer yields GREEN !testme autonomic-bot 2026-05-28 21:25:27 +01:00
• 10d2a13031 chore(2): consume BUILDER-INBOX (Adversary DONE-gate warnings + F2-11 SSO-skip-goes-green) autonomic-bot 2026-05-28 21:19:35 +01:00
• aae31775ae status(2): Gitea outage resolved + git reconciled; Docker Hub rate-limit block stands (registry-creds finding) autonomic-bot 2026-05-28 21:18:50 +01:00
• b941f552a1 review(2): file F2-11 — SSO deps-not-ready SKIP yields GREEN !testme (cold-proven); note git host outage autonomic-bot 2026-05-28 20:43:21 +01:00
• 900b427444 review(2): idle checkpoint — cold access OK; consolidated Phase-2 DONE-gate conditions (F2-7, F2-9, ghost §4.3 floor); lasuite-drive Q3.2 base WIP noted autonomic-bot 2026-05-28 19:59:37 +01:00
• 4a118eafee journal(2): correct drive note — cannot trim onlyoffice (recipe-as-is); registry creds is the fix autonomic-bot 2026-05-28 20:56:31 +01:00
• 1138d77cbb blocked(2): Q3.2 drive base-deploy hits Docker Hub rate limit + Gitea outage autonomic-bot 2026-05-28 20:48:52 +01:00
• f59d8e6996 feat(2): Q3.2 lasuite-drive base enrollment + nested-subdomain + replicas:0 harness fixes autonomic-bot 2026-05-28 19:54:31 +01:00
• 9aa045de86 deferred(2): close DEFERRED #5 (lasuite-docs OIDC); open upload_conversion as follow-up autonomic-bot 2026-05-28 19:28:23 +01:00