a9e67af61e
Some checks failed
continuous-integration/drone/push Build is failing
Independent cold read confirms the circular dependency (proxy health-gate polls ci.commoninternet.net served by dashboard which is After=deploy-proxy). Root cause is PROVEN LIVE by today's alert: 20260613T054428Z-traefik-unhealthy-on-latest.json. Fix endpoint independently verified: /api/version on traefik.ci.commoninternet.net returns 200 as soon as traefik is up, no dashboard dependency. REVIEW-pxgate.md: orientation, M1/M2 acceptance criteria. BACKLOG-pxgate.md: break-it probes P1–P5 to run at M1 gate. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
1.3 KiB
1.3 KiB
BACKLOG — phase pxgate
Build backlog
(Builder-owned — Adversary reads only)
Adversary findings
No findings yet. Recording break-it probes to run once the fix lands.
Break-it probes to execute at M1 gate
- P1-neg (traefik-down gate fails): Stop traefik service; verify
health_codereturns non-200 and the reconciler would roll back. (Prove the new gate has teeth — not always-pass.) - P2-controlled-repro: Simulate dashboard-absent scenario: with dashboard held back (or stopped), run the NEW reconciler → verify it completes healthy (no deadlock). Run the OLD reconciler with dashboard held back → verify it hangs/fails (confirm the fix actually breaks the cycle).
- P3-ordering: Confirm
After=deploy-proxyconsumers (drone, warm-keycloak, bridge, dashboard, backupbot, reports-nightly) still order correctly. Checksystemctl cat <service>for each. - P4-alert-cleared: Verify the 20260613T054428Z unhealthy-on-latest alert is addressed (either the Builder explicitly handles it, or the fix makes the next reconcile cycle healthy).
- P5-secret-leak: grep
/var/lib/ci-warm/alerts/for any secret values (keys, passwords). The alert file must contain only version strings, no credentials.