clawdie/colibri
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 43

docs: proof runbook → clean CLI + sweep #126 markdown corruption #127

Merged
clawdie merged 1 commit from docs/proof-runbook-clean-cli-and-markdown-sweep into main 2026-06-21 14:59:51 +02:00
Conversation 0 Commits 1 Files changed 3 +72 -55
clawdie commented 2026-06-21 14:47:02 +02:00
Owner
Copy link

What

Two doc-correctness fixes in one PR:

  1. Refresh the first-proof runbook to the clean CLI — the three gaps that forced the raw-SQLite/nc manual path are all closed now (#101/#102 via PR #107, #92 via PR #119), so the runbook is stale.
  2. Sweep markdown corruption introduced by #126 — it merged while the CI runner was down, so the prettier gate never ran.

1. docs/VAULT-PROVISION-FIRST-PROOF.md → clean CLI

Step Before (interim manual path) After (clean CLI)
3 — register tenant sudo sqlite3 … INSERT INTO tenants … sudo colibri register-tenant T root collection
4 — jailed spawn printf '…json…' | nc -U sock sudo colibri spawn-agent local … --jail-name T --jail-root …
5 — verify status sqlite3 SELECT … colibri list-tenants | grep active

Plus:

  • Status header marks #101/#102/#92 as closed.
  • Chain-resolution section documents the #92/#119 containment guard (canonicalize target + assert under COLIBRI_JAIL_ROOT_BASE before any write).
  • Notes that this proof validates the production deployment pattern — the bare-metal Clawdie service runs exactly this Bastille-jail + provisioned-.env model (per the Project-Identity reframe in #126).
  • Follow-ups updated: what landed vs. what's still open (no delete-tenant verb yet; CI runner intermittently down).

2. Markdown corruption sweep (#126)

#126 merged without CI, so the prettier gate didn't catch two real defects:

  • docs/COLIBRI-SKILLS-PLAN.md — Ownership table was corrupted. The colibri-skills row was split across two lines: a | consumer. | orphan row held what should be its "Reads" column value, and an Agents row was duplicated. Restored to 5 clean logical rows.
  • AGENTS.md — prettier reflow (was flagged but never applied).

Checks

npx prettier@3 --check 'docs/**/*.md' AGENTS.md README.md   # 0 warnings
cargo fmt --check                                            # clean

Why one PR

Both are doc-correctness fixes unblocked by the same fact: #101/#102/#92 landed. Low-risk, no logic changes, no gates to verify beyond prettier/fmt.

Co-Authored-By: Hermes & Sam <hello@clawdie.si>

## What Two doc-correctness fixes in one PR: 1. **Refresh the first-proof runbook to the clean CLI** — the three gaps that forced the raw-SQLite/`nc` manual path are all closed now (#101/#102 via PR #107, #92 via PR #119), so the runbook is stale. 2. **Sweep markdown corruption introduced by #126** — it merged while the CI runner was down, so the prettier gate never ran. ## 1. `docs/VAULT-PROVISION-FIRST-PROOF.md` → clean CLI | Step | Before (interim manual path) | After (clean CLI) | |------|------------------------------|-------------------| | 3 — register tenant | `sudo sqlite3 … INSERT INTO tenants …` | `sudo colibri register-tenant T root collection` | | 4 — jailed spawn | `printf '…json…' \| nc -U sock` | `sudo colibri spawn-agent local … --jail-name T --jail-root …` | | 5 — verify status | `sqlite3 SELECT …` | `colibri list-tenants \| grep active` | Plus: - Status header marks #101/#102/#92 as **closed**. - Chain-resolution section documents the #92/#119 containment guard (canonicalize target + assert under `COLIBRI_JAIL_ROOT_BASE` before any write). - Notes that this proof validates the **production deployment pattern** — the bare-metal Clawdie service runs exactly this Bastille-jail + provisioned-`.env` model (per the Project-Identity reframe in #126). - Follow-ups updated: what landed vs. what's still open (no `delete-tenant` verb yet; CI runner intermittently down). ## 2. Markdown corruption sweep (#126) #126 merged without CI, so the prettier gate didn't catch two real defects: - **`docs/COLIBRI-SKILLS-PLAN.md` — Ownership table was corrupted.** The `colibri-skills` row was split across two lines: a `| consumer. |` orphan row held what should be its "Reads" column value, and an `Agents` row was duplicated. Restored to 5 clean logical rows. - **`AGENTS.md` — prettier reflow** (was flagged but never applied). ## Checks ```sh npx prettier@3 --check 'docs/**/*.md' AGENTS.md README.md # 0 warnings cargo fmt --check # clean ``` ## Why one PR Both are doc-correctness fixes unblocked by the same fact: #101/#102/#92 landed. Low-risk, no logic changes, no gates to verify beyond prettier/fmt. Co-Authored-By: Hermes &amp; Sam &lt;hello@clawdie.si&gt;
clawdie added 1 commit 2026-06-21 14:47:04 +02:00
docs: proof runbook → clean CLI + sweep #126 markdown corruption
Some checks failed
CI / rust (pull_request) Has been cancelled
Details
CI / markdown (pull_request) Has been cancelled
Details
CI / port (pull_request) Has been cancelled
Details
CI / agent-jail-pkgs (pull_request) Has been cancelled
Details
94650a6f45 
1. VAULT-PROVISION-FIRST-PROOF.md — refresh to the clean CLI now that the
   three gaps are closed (#101/#102 via PR #107; #92 via PR #119):
   - Step 3: raw SQLite INSERT →
   - Step 4: raw  JSON →
   - Status header: mark all three closed; note the proof validates the
     production deployment pattern (bare-metal Clawdie service runs this model)
   - Chain-resolution section: document the #92/#119 containment guard
     (canonicalize + assert under COLIBRI_JAIL_ROOT_BASE before any write)
   - Follow-ups: record what landed vs. what's still open (no delete-tenant
     verb; CI runner intermittently down)

2. Sweep markdown corruption introduced by #126 (merged while CI runner was
   down, so the prettier gate never ran):
   - AGENTS.md — prettier reflow
   - COLIBRI-SKILLS-PLAN.md — Ownership table had a row split across two
     lines ('consumer.' orphan + a duplicated Agents row); restored to 5
     clean logical rows

Checks: npx prettier@3 --check across all docs + AGENTS.md + README.md →
0 warnings; cargo fmt --check clean.

Co-Authored-By: Hermes & Sam <hello@clawdie.si>
clawdie merged commit 2dc6f12c3c into main 2026-06-21 14:59:51 +02:00
clawdie deleted branch docs/proof-runbook-clean-cli-and-markdown-sweep 2026-06-21 14:59:51 +02:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
first-proof blocker

gates the first proven end-to-end

  
hardening

security/robustness follow-up, not a first-proof gate

No labels
first-proof blocker
hardening
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: clawdie/colibri#127
No description provided.
Delete branch "docs/proof-runbook-clean-cli-and-markdown-sweep"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?