recipe-maintainers/cc-ci
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d8aa7578d4e776f290cfcb5dcdc5a9781a76ea92
cc-ci/BACKLOG-1c.md
autonomic-bot 8b410dcce1
All checks were successful
continuous-integration/drone/push Build is passing
Details
1c/W3 DONE: throwaway reachable (100.126.124.86); keyFile-missing-aborts finding -> W4 design locked 
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-27 17:21:21 +01:00

34 lines
2.2 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# BACKLOG — Phase 1c
Single-writer rule (§6.1): Builder edits `## Build backlog`; Adversary edits `## Adversary findings`.
## Build backlog
Method W1W6 from the phase plan §5. Each milestone ends with an Adversary gate.
- [x] **W2 — Secrets repo + cert into git.** (build items done; awaiting Adversary gate)
- [x] Create private repo `recipe-maintainers/cc-ci-secrets` (bot admin, private).
- [x] Move secrets + add wildcard cert+key as sops secrets (root `secrets.yaml`; sha256 verified).
- [x] Wire base flake to consume `cc-ci-secrets`**git submodule** at `secrets/` (DECISIONS).
- [x] secrets.nix: `wildcard_cert`/`wildcard_key``path=/var/lib/ci-certs/live/*`.
- [x] proxy.nix: cert reframed as sops-from-git.
- [x] Verify byte-identical `build`==`/run/current-system` (`vh6vwxbl…`); git-clone `?submodules=1` matches too.
- [x] Verify clean switch on cc-nix-test; live TLS served from git cert (ssl_verify=0).
- [x] **Gate W2 CLAIMED** → Adversary verifies byte-identical + TLS-from-git-cert.
- [x] **W1 — Headroom.** Resized `cc-nix-test` 6→4 GB (stop→PATCH→start via Incus API); healthy at 4 GB,
0 failed units, all stacks 1/1, cert survived reboot via sops, TLS 200. Running RAM 8 GB.
- [x] **W3 — Throwaway VM.** `ccci-throwaway` (incus-base, 4 GB/20 GB) reachable at 100.126.124.86
(used live TS_AUTH_KEY; workspace key stale). Bootstrap age key provisioned in W4.
- [ ] **W4 — Reproducible live rebuild.** On throwaway VM: clone base+secrets, `nixos-rebuild switch`,
watch oneshots converge, secrets+cert decrypt. Accept: fully up, no step outside docs/install.md;
capture evidence. **Gate W4 CLAIMED.**
- [ ] **W5 — Adversary cold proof + honest D8.** Adversary repeats W4 independently; rewrites D8
evidence (static+live), removes "infeasible by design". Accept: Adversary D8 live-rebuild PASS
(or narrow signed-off limitation per C5).
- [ ] **W6 — Cleanup + docs + final sizing.** Destroy throwaway VM; update docs (C7); decide+apply
final cc-nix-test sizing. Accept: no leftover; docs match; flip STATUS-1c → `## DONE`.
## Adversary findings
(none yet — Adversary owns this section)
Reference in New Issue View Git Blame Copy Permalink