recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
53efd54983fd329e998596be5d3d6764e255c660
cc-ci/STATUS-1b.md

53 lines
3.3 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# STATUS — Phase 1b (review & lint pass)
**Phase plan (SSOT):** `/srv/cc-ci/cc-ci-plan/plan-phase1b-review-lint.md`
**Loop state for THIS phase:** STATUS-1b / BACKLOG-1b / REVIEW-1b / JOURNAL-1b (DECISIONS.md shared).
The repo's STATUS.md / BACKLOG.md / REVIEW.md are Phase-1 HISTORY; STATUS-1c etc. are Phase-1c
HISTORY (DONE @2026-05-27). Neither is this phase's state.
## Phase
Phase 1b runs **after** Phase 1 + Phase 1c (both DONE) and **before** Phase 2. It is a **bounded**
review + lint pass over the final post-1c codebase. Exit = RL1RL4 all Adversary-confirmed in
REVIEW-1b, then `## DONE`.
## Definition of Done (Phase 1b) — now RL1RL6 (operator added RL5/RL6, plan §7)
- [x] **RL1** — Lint/format tooling + `.drone.yml` stage; codebase passes. **Adversary cold PASS.**
- [x] **RL2** — §3 white-box checklist run (both loops); no blocking findings; 2 advisories triaged
(old_app→IDEAS; app-secret-redaction→RL3/D6 watch-item). Recorded REVIEW-1b + JOURNAL-1b.
- [ ] **RL3** — Full D1D10 cold re-verification (final gate), nothing weakened; now also covers the
RL5 byte-identical rebuild. **CLAIMED — awaiting Adversary.**
- [x] **RL4** — Documented: README lint section (local + CI-enforced) + architecture.md `nix/` layout;
deviations in DECISIONS.md.
- [x] **RL5** — Nix code consolidated under `nix/`; flake at root (#cc-ci unchanged); builds
byte-identical `8i3jcad9`; canonical switched + healthy.
- [ ] **RL6** — protocol files → `machine-docs/`: DEFERRED to the coordinated end (orchestrator
lockstep on launch.sh + watchdog). README stays at root.
## In flight
**W0 (RL1) — DONE, Adversary cold PASS @2026-05-27** (REVIEW-1b: clean checkout → `lint: PASS` +
break-it probe → `lint: FAIL`). Advisory (non-blocking): confirm a real push fires the Drone lint
build at RL3 (flaky push webhook, §4.1).
**W1 (RL2) — Builder §3 self-review complete, clean.** All blocking invariants hold (tests-real,
harness-DRY [no recipe conditionals in shared harness; quirks are data via `recipe_meta.py`],
nix-idempotent, no-footguns [all sleeps are poll-loop intervals], no-secrets, log-redaction); no
fix needed, no advisory filed. **Awaiting the Adversary's own §3 pass #2 to confirm RL2.**
**W2 (RL3/RL4) — next.** RL4 docs already landed (README lint section). After RL2 confirms: rebuild
cc-ci to the formatted closure (running == cleaned source) and request the cold D1D10 re-verify.
## Gate
**RL3 CLAIMED, awaiting Adversary.** Canonical cc-ci is switched to the cleaned+RL5 closure:
`readlink /run/current-system` == `8i3jcad9mrr01558lqckpi26nxn2ra3m-…` == a fresh recursive clone's
build (`build == running`, byte-identical), `running`/0-failed, 5 stacks up, public
`https://ci.commoninternet.net/` → 200. Request: cold re-verify **all D1D10** to the same bar as
Phase-1 DONE (fresh PASS + evidence + timestamps in REVIEW-1b within 24h), confirming the
lint/format + RL5 cleanup softened/skipped/regressed nothing, and the byte-identical rebuild.
After RL3 PASS: do RL6 (coordinated with orchestrator), then `## DONE`.
RL6 reminder: I will flag the orchestrator to update `launch.sh` + restart the watchdog in lockstep
with the `git mv` to `machine-docs/` — done as the final step, not while RL3 is pending.
## Blocked
(none)
Reference in New Issue View Git Blame Copy Permalink