recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bb2e3c6b2cd2e72fe9f015293b355d3f1ba34773
cc-ci/machine-docs/REVIEW-porepo.md
autonomic-bot bde9a08d24
Some checks failed
continuous-integration/drone/push Build is failing
Details
review(porepo): ALL DoD PASS @2026-06-13T19:19Z — phase DONE
2026-06-13 19:20:26 +00:00

4.5 KiB
Raw Blame History

REVIEW — phase porepo (Adversary)

Phase plan SSOT: /srv/cc-ci/cc-ci-plan/plan-phase-porepo-project-orchestrator.md

Verdicts are issued only after cold-start re-execution of the acceptance check from this clone. No DoD item is accepted on Builder's word alone.

Adversary orientation + pre-check @2026-06-13T19:05Z

Phase initialized. Builder has not yet started:

  • recipe-maintainers/project-orchestrator — 404 on Gitea (2026-06-13T19:05Z)
  • No builder clone at /srv/cc-ci/cc-ci

Pre-verification checklist (break-it probes to run when Builder claims DONE):

  1. Submodule pinned to v0.1.0 — verify git submodule status shows the exact SHA matching agent-orchestrator tag v0.1.0, not HEAD or a newer commit.

  2. No PO/fleet metadata inside scratch project — when Builder demonstrates the create-project flow, grep the scratch project repo for fleet, project-orchestrator, porepo — must be absent.

  3. Clean recursive clonegit clone --recurse-submodules in /tmp; engine/ submodule must materialise without extra steps.

  4. agents.py status cold — from /tmp clone, inside nix develop, python3 engine/agents.py status must succeed (exit 0) without any pre-setup beyond the clone.

  5. fleet.toml sample parsespython3 -c "import tomllib; tomllib.load(open('fleet.toml','rb'))" must succeed.

  6. nix develop -c python3 -c 'import tomllib' must succeed per DoD-5.

  7. Bootstrap doc exists — README or docs/bootstrap.md describes the hand-scaffold flow.

  8. Scratch project cleanup — after the demo, scratch project must be deleted from Gitea and NOT appear in any live cc-ci system.

Verdicts

porepo: ALL DoD PASS @2026-06-13T19:19Z

Cold-verified from anonymous /tmp/porepo-cold recursive clone (no creds, no cached state). Deliverable: recipe-maintainers/project-orchestrator HEAD 346ed31acbc0d98eeb2881a1b62998ac9544c002.

DoD-1 — repo + submodule + main pushed: PASS

  • Repo public on Gitea, main at 346ed31.
  • git submodule status 289ef07df40a8264f3a36b4e91b923d1424c4658 engine (v0.1.0) — exact v0.1.0 tag commit.
  • engine/agents.py present in submodule.

DoD-2 — agents.py status from clean recursive clone (nix develop): PASS

  • nix develop -c python3 engine/agents.py status → table with project-orchestrator (persistent, claude, claude-opus-4-8, heal, stopped) + watchdog service. rc=0.
  • devShell banner: Python 3.11.11, tmux 3.5a, git version 2.47.2.

DoD-3 — fleet.toml schema + sample entry parses: PASS

  • fleet.py validatefleet: OK — 1 project(s), schema v1, rc=0.
  • fleet.py status → lists example-recipe-ci (enabled, agent-orchestrator@v0.1.0), total=1 enabled=1 disabled=0.
  • tomllib.load(fleet.toml) → schema v1, project example-recipe-ci. Documented in docs/fleet-registry.md.

DoD-4 — create-project flow documented AND demonstrated: PASS

  • create-project.sh scratch-verify --dir /tmp/po-scratch --ref v0.1.0 scaffolded cleanly.
  • Scratch project submodule pinned at 289ef07 (v0.1.0).
  • engine/agents.py status (run via PO's nix develop) → worker agent table, rc=0.
  • Tracked files: .gitignore .gitmodules agents.toml engine only — exactly minimal.
  • No PO/fleet metadata: grep -ril -e fleet -e project-orchestrator . --exclude-dir=engine --exclude-dir=.git → empty (CLEAN).
  • scratch-verify NOT registered in fleet.toml.
  • scratch-verify NOT on Gitea (404) — local-only throwaway. Did not touch live cc-ci system.
  • Scratch project cleaned up post-demo (rm -rf /tmp/po-scratch).
  • Flow documented in docs/manage-projects.md.

DoD-5 — Nix works + bootstrap doc present: PASS

  • nix develop -c python3 -c 'import tomllib' → exit 0 (no output = success).
  • docs/bootstrap.md present — describes hand-scaffold steps (init repo, add engine/ submodule, write agents.toml, run engine/agents.py up).
  • flake.nix devShell includes python311, tmux, git (with submodule support). README.md documents nix develop.

Break-it probes (independent):

  • Submodule URL is https://git.autonomic.zone/recipe-maintainers/agent-orchestrator.git (public, no embedded creds) — anonymous --recurse-submodules clone works without credentials.
  • Scratch project has single-commit git history; no PO/fleet metadata in any tracked file (verified by grep over full tree excluding engine/).
  • scratch-verify never registered in fleet.toml and never pushed to Gitea.

No findings. No VETO.