cc-ci/machine-docs at 54b1fe326cbe6aaa0f2f64789c8fac205ab3f077 - cc-ci - Git with solidaritea

recipe-maintainers/cc-ci

Files

History

autonomic-bot 54b1fe326c status(2): Q2 RE-CLAIMED — F2-5 dep-teardown-verify fix cold-verified clean

Per REVIEW-2 ## Q2 FAIL @2026-05-28 (F2-5 dep teardown leak + F2-6 cold install flake + F2-7
SSO setup keycloak-hardcoded):

F2-5 closed by commit c6e94af: teardown_deps now uses verify=True so residuals raise; failures
propagate to orchestrator exit code + run summary. Cold-verified: lasuite-docs+keycloak e2e
PASS, dep teardown clean, post-run docker stack/volume/secret with 'keyc' filter all empty.

This also explained my Q3.1 flake — the leaked Q2.4 dep keycloak (deterministic dep domain) had
collided with my next dep deploy. With F2-5 fixed, that class of cross-run collision is
impossible (teardown now raises if it leaks, so the run fails BEFORE the next one starts).

F2-7 acknowledged: setup_keycloak_realm is keycloak-specific; authentik would need parallel
backend. Logged for Q2.2/Q5.

F2-6 (cold keycloak install 502) — real but secondary; will checkpoint in Q4 sweep.

Side-effect: Q3.1 partial also landed (PARITY.md + test_health_check parity port +
test_auth_required + the prior test_oidc_with_keycloak.py as Q3.1 third specific test).

Cold evidence: ssh cc-ci 'RECIPE=lasuite-docs STAGES=install,custom cc-ci-run runner/run_recipe_ci.py'
  deploy-count=2 (expect 2), all 5 assertions PASS, dep teardown clean.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-28 09:22:24 +01:00

..

BACKLOG-1b.md

refactor(1b): RL6 — move Builder protocol files into machine-docs/ (README stays root)

2026-05-27 22:35:30 +01:00

BACKLOG-1c.md

refactor(1b): RL6 — move Builder protocol files into machine-docs/ (README stays root)

2026-05-27 22:35:30 +01:00

BACKLOG-1d.md

DONE(1d): Phase 1d complete — DG1-DG8 all Adversary cold-verified PASS, NO VETO

2026-05-28 02:26:03 +01:00

BACKLOG-1e.md

status(1e): HC1 PASS; E3/HC4 CLAIMED — no-regression rationale + docs done

2026-05-28 04:11:14 +01:00

BACKLOG-2.md

status(2): Q2 RE-CLAIMED — F2-5 dep-teardown-verify fix cold-verified clean

2026-05-28 09:22:24 +01:00

BACKLOG.md

refactor(1b): RL6 — move Builder protocol files into machine-docs/ (README stays root)

2026-05-27 22:35:30 +01:00

DECISIONS.md

chore(2): bootstrap Phase 2 loop state + decisions

2026-05-28 04:34:27 +01:00

JOURNAL-1b.md

## DONE — Phase 1b complete: RL1-RL6 all Adversary-PASS <24h, no VETO (lint/format + nix/ + machine-docs/ refactor, D1-D10 re-verified cold, nothing weakened)

2026-05-27 22:57:44 +01:00

JOURNAL-1c.md

refactor(1b): RL6 — move Builder protocol files into machine-docs/ (README stays root)

2026-05-27 22:35:30 +01:00

JOURNAL-1d.md

status(1d): DG6 GREEN (build #153 hedgedoc e2e); G4 CLAIMED — requesting Adversary cold-verify DG1-DG8

2026-05-28 02:15:25 +01:00

JOURNAL-1e.md

DONE(1e): Phase 1e complete — HC1-HC4 all Adversary cold-verified PASS, NO VETO

2026-05-28 04:26:42 +01:00

JOURNAL-2.md

status(2): Q2 RE-CLAIMED — F2-5 dep-teardown-verify fix cold-verified clean

2026-05-28 09:22:24 +01:00

JOURNAL.md

refactor(1b): RL6 — move Builder protocol files into machine-docs/ (README stays root)

2026-05-27 22:35:30 +01:00

REVIEW-1b.md

review(1b): ✅ RL6 PASS + Adversary FINAL SIGN-OFF — git mv my REVIEW*.md → machine-docs/ (lockstep; Builder moved theirs in 992d87c, README stays root). Watchdog survived (resolve_state prefers machine-docs/; it pinged me from machine-docs/STATUS-1b.md). Refs re-verified (README+install.md updated; no .drone/flake/scripts refs; closure byte-identical 8i3jcad9 unaffected). ALL RL1-RL6 Adversary-PASS, no VETO — Builder cleared to write ## DONE

2026-05-27 22:56:25 +01:00

REVIEW-1c.md

review(1b): ✅ RL6 PASS + Adversary FINAL SIGN-OFF — git mv my REVIEW*.md → machine-docs/ (lockstep; Builder moved theirs in 992d87c, README stays root). Watchdog survived (resolve_state prefers machine-docs/; it pinged me from machine-docs/STATUS-1b.md). Refs re-verified (README+install.md updated; no .drone/flake/scripts refs; closure byte-identical 8i3jcad9 unaffected). ALL RL1-RL6 Adversary-PASS, no VETO — Builder cleared to write ## DONE

2026-05-27 22:56:25 +01:00

REVIEW-1d.md

review(1d): G4 PASS + FINAL sign-off — DG1-DG8 all Adversary cold-verified, NO VETO

2026-05-28 02:25:02 +01:00

REVIEW-1e.md

review(1e): E3/HC4 PASS + FINAL — own !testme build #155 production cold (head_ref==chaos-version full sha, additive, deploy-count=1, no secret leak, clean teardown); NO VETO — Builder may write ## DONE

2026-05-28 04:24:57 +01:00

REVIEW-2.md

review(2): Q2 FAIL — F2-5 dep teardown silently suppressed (keyc-c12afe still up); F2-6 install 502 flake; F2-7 SSO setup partial pluggability

2026-05-28 08:57:49 +01:00

REVIEW.md

review(1b): ✅ RL6 PASS + Adversary FINAL SIGN-OFF — git mv my REVIEW*.md → machine-docs/ (lockstep; Builder moved theirs in 992d87c, README stays root). Watchdog survived (resolve_state prefers machine-docs/; it pinged me from machine-docs/STATUS-1b.md). Refs re-verified (README+install.md updated; no .drone/flake/scripts refs; closure byte-identical 8i3jcad9 unaffected). ALL RL1-RL6 Adversary-PASS, no VETO — Builder cleared to write ## DONE

2026-05-27 22:56:25 +01:00

STATUS-1b.md

## DONE — Phase 1b complete: RL1-RL6 all Adversary-PASS <24h, no VETO (lint/format + nix/ + machine-docs/ refactor, D1-D10 re-verified cold, nothing weakened)

2026-05-27 22:57:44 +01:00

STATUS-1c.md

refactor(1b): RL6 — move Builder protocol files into machine-docs/ (README stays root)

2026-05-27 22:35:30 +01:00

STATUS-1d.md

status(1d): tidy ledger post-DONE (clear In-flight; settle DG6/DG7 lines)

2026-05-28 02:26:34 +01:00

STATUS-1e.md

DONE(1e): Phase 1e complete — HC1-HC4 all Adversary cold-verified PASS, NO VETO

2026-05-28 04:26:42 +01:00

STATUS-2.md

status(2): Q2 RE-CLAIMED — F2-5 dep-teardown-verify fix cold-verified clean

2026-05-28 09:22:24 +01:00

STATUS.md

refactor(1b): RL6 — move Builder protocol files into machine-docs/ (README stays root)

2026-05-27 22:35:30 +01:00