GloriousFlywheel

GloriousFlywheel Default Branch Stability Recovery 2026-04-23

Snapshot date: 2026-04-23

Starting red-main commit under investigation: c6d6ebc6b38cd61f81f70c3de6ce5e3b31a00951

Target proof package

Surface	Initial class	Evidence	Corrective action	Final state
`Platform Proof`	`external/transient`	rerun of run `24849468454` succeeded and the captured failed-job tails never showed a repo assertion failure	rerun-only recovery	green after rerun
`Source Bazel Proof`	`external/transient`	`static.crates.io` DNS resolution timed out while building the repo-owned Attic package path	bounded rerun of run `24849468531` succeeded without repo or infra changes	green after rerun

run 24849468454 failed on c6d6ebc6b38cd61f81f70c3de6ce5e3b31a00951
failed jobs: Prove tinyland-docker contract, Prove tinyland-nix-heavy contract
bounded rerun of the failed jobs on the same run id succeeded with no repo or infra changes:
- tinyland-nix-heavy job 72782938961 completed 2026-04-23T21:36:10Z on runner tinyland-nix-heavy-jtq2j-runner-lwn75
- tinyland-docker job 72782939003 completed 2026-04-23T21:36:41Z on runner tinyland-docker-vvx6d-runner-558cj
overall run 24849468454 conclusion is now success
Prove tinyland-nix contract succeeded in the same run, so the instability hypothesis is limited to the two failed jobs
captured job tails ended before an application assertion or test failure
final assessment: external/transient until disproven; rerun-only recovery is not evidence of a repo regression or workflow-patch incident

run 24849468531 failed on c6d6ebc6b38cd61f81f70c3de6ce5e3b31a00951
the failure path was inside the repo’s own Attic package build
fetch attempts for https://static.crates.io/crates/aws-types/1.3.7/download failed with repeated curl: (6) Could not resolve host: static.crates.io
a later mirror check against https://tarballs.nixos.org/... failed with curl: (28) Resolving timed out after 15001 milliseconds
the missing crate was aws-types-1.3.7
current working hypothesis: external crates resolution failure first, with a possible repo-owned resilience gap if it proves repeatable

recorded that Platform Proof recovered via bounded rerun of the failed jobs on run 24849468454, with no repo or infra changes, so the incident stays in the external/transient lane unless it reproduces
reran Source Bazel Proof after confirming the failure was a crates/DNS timeout and not a GloriousFlywheel assertion failure
tightened the active docs and admin surfaces so they now say explicitly that current dogfood still depends on self-hosted cache/env injection, cluster-local reachability, and finite runner pressure
updated the orgwide runner scoreboard and queue to distinguish declared runner intent from counted authority, so blocked or hybrid repos stop reading like clean default-branch authority

monitor for recurrence; if tinyland-docker or tinyland-nix-heavy fail again without a repo assertion, capture runner evidence before changing workflow code
runner pressure is still active reality on shared lanes; the recovery should not be misread as proof that capacity and cache reachability are background solved problems

the originally red main commit c6d6ebc6b38cd61f81f70c3de6ce5e3b31a00951 is green across the target proof package after bounded reruns only
the newer main head bfc8bc73c625f12476d2cda610dd4e03740cadc5 is also green on Validate, Secret Detection, Platform Proof, Source Bazel Proof, and Publish to FlakeHub
current management truth is now narrower and more honest:
- tinyland-inc/lab is the counted shared-authority repo in the recent tinyland window
- Jesssullivan/yt-text is a real shared-runner canary, but still hybrid by policy
- Jesssullivan/acuity-middleware and Jesssullivan/scheduling-kit remain the counted repo-owned canaries in the recent Jess window
- tinyland-inc/rockies, tinyland-inc/betterkvm, tinyland-inc/elders.tinyland.dev, and Jesssullivan/MassageIthaca are currently nominal-only because accessible runner inventory is zero