feat: add guarded FakeCo AWS owner#48
Conversation
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 5618111f8e
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
Codex review: needs maintainer review before merge. Reviewed July 11, 2026, 5:10 PM ET / 21:10 UTC. Summary Reproducibility: not applicable. This PR introduces a new guarded deployment-owner capability rather than reporting broken current-main behavior. Review metrics: 3 noteworthy metrics.
Merge readiness Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch. Rank-up moves:
Risk before merge
Maintainer options:
Next step before merge
Security Review detailsBest possible solution: Merge the exact guarded implementation under the recorded scoped waiver, keep the workflow manual and protected, and enable it only after independently verifying the dedicated account foundation, roles, network, buckets, KMS key, and Environment controls. Do we have a high-confidence way to reproduce the issue? Not applicable. This PR introduces a new guarded deployment-owner capability rather than reporting broken current-main behavior. Is this the best way to solve the issue? Yes. A protected manual workflow with exact ownership checks, create-only durable backups, rollback-safe restore, and retained-data teardown is a narrow maintainable owner for this single VM; the exact head also fixes the previously identified upgrade-ordering defect. AGENTS.md: found, but no applicable review policy affected this item. Codex review notes: model internal, reasoning high; reviewed against f441a9c6e05b. Label changesLabel justifications:
Evidence reviewedWhat I checked:
Likely related people:
What the crustacean ranks mean
Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics. How this review workflow works
Review history (8 earlier review cycles)
|
|
@clawsweeper re-review @codex review |
|
🦞🧹 I asked ClawSweeper to review this item again. Re-review progress:
|
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: e36ef7cacb
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
@clawsweeper re-review @codex review |
|
🦞🧹 I asked ClawSweeper to review this item again. Re-review progress:
|
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 1c222e934c
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
@clawsweeper re-review @codex review |
|
🦞🧹 I asked ClawSweeper to review this item again. Re-review progress:
|
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 61f4535f84
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
@clawsweeper re-review Please review exact head The latest repairs make teardown backup the independently verified running release after a failed stack update, preserve failed-update artifacts until retained snapshot proof, and make manual restore fail closed on one evidence document before stopping the app. Local exact-head tests, dual-architecture cache-only builds, source-blind behavior validation, canonical autoreview, and the public identifier audit are clean. Hosted CI is in progress. Authenticated FakeCo member-account lifecycle proof remains unavailable, so this PR must stay unmerged after public/non-cloud proof completes. |
|
🦞🧹 I asked ClawSweeper to review this item again. Re-review progress:
|
|
@codex review |
|
Codex Review: Didn't find any major issues. Keep them coming! Reviewed commit: ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
dccbeb8 to
c303256
Compare
|
@codex review |
|
Feature-owner decision for exact head This waiver applies only to landing this guarded, non-production owner implementation. It does not authorize a workflow dispatch, deployment, AWS or GitHub Environment resource creation, secret change, release, version, tag, or registry publication. The manual workflow remains protected and must not run until the documented account foundation is independently ready. @clawsweeper re-review |
|
🦞🧹 I asked ClawSweeper to review this item again. Re-review progress:
|
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: c30325663d
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
Exact-head follow-up: This head addresses the update-recovery finding by durably backing up and verifying every existing serving runtime before source, configuration, or image startup work. It also removes overwrite races with create-only database/evidence objects and documents the small-instance single-object bound. The focused ordering/failure test and full exact-head suite pass. Evidence: The repository owner's item-specific instruction to land this PR continues to waive only unavailable authenticated FakeCo AWS lifecycle proof for this final candidate. It does not authorize deployment, workflow dispatch, GitHub Environment or secret changes, AWS resource creation, releases, versions, tags, or registry publication; none occurred during this repair. @clawsweeper re-review @codex review |
|
🦞🧹 I asked ClawSweeper to review this item again. Re-review progress:
|
|
Codex Review: Didn't find any major issues. Hooray! Reviewed commit: ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
|
Landing proof for exact head
Residual risk remains the unobserved authenticated member-account lifecycle. The repository owner's recorded item-specific landing instruction accepts that risk for this guarded non-production owner only. It does not authorize workflow dispatch, deployment, AWS or GitHub Environment resource creation, secret changes, release, version, tag, or registry publication; none occurred. |
Summary
Production Cloudflare Worker, Container, Postgres, R2, domains, release, and version paths are unchanged.
Safety boundary
planis the default and never executes its change setapplyrejects resource removals and actual or conditional replacementValidation
Exact candidate:
64bb8c90fb020e1b1d39451cc0ac6890caf9fd6d/ treebe57df2c625e9f43859a93e323513504f99a5559.Diff: 12 files, 5,349 insertions, 24 deletions; SHA-256
287f4e2f54cce70af002ca52b0209b612e8e99e67e5ca407c71a560a0b3fa23b. Source archive SHA-256:8537e6315ceddfb69fde9f6e61c45b1c9f32f8b8e5e2d5bfe959bb4d605c7f7d.pnpm checkpnpm docs:sitepnpm coverage— 86.5%pnpm test:e2e— 46 passedpnpm test:fakeco-aws— 30 passed, including stack/template/resource, rollback, extra-volume, pre-update backup, runtime, cleanup, and restore mutationsactionlint .github/workflows/fakeco-aws.ymlshellcheck deploy/fakeco/aws/bootstrap.shplus Bash syntax and ShellCheck proof for the extracted restore blockuvx --from cfn-lint cfn-lint deploy/fakeco/aws/template.jsonlinux/arm64andlinux/amd64builds, cache-only with no registry outputReview repairs
aws:tags while rejecting every unexpected customer-owned tagUPDATE_ROLLBACK_COMPLETEPublic Model Identifier Gate: PASS. The exact diff, source archive, tests, workflow, generated docs, cache-only build logs, and public PR proof contain zero blocking unknown identifiers. The canary uses the public ClawRouter model-ref syntax and documented example from official OpenClaw ClawRouter documentation.
Live-proof waiver and residual risk
No AWS resource, GitHub Environment, secret, account, workflow dispatch, release, version, tag, or registry artifact was created while preparing or validating this PR. Authenticated member-account apply/verify/backup/restore/teardown proof remains unavailable because the service identity and protected Environment are not active.
After that exact gate was reported, the repository owner explicitly directed “land it” on 2026-07-11. This waives only the pre-merge live AWS lifecycle proof for this PR; it does not authorize a deployment or any account, Environment, secret, or resource creation. The manual workflow remains protected and must not be dispatched until the documented account foundation and permissions are independently available.