KB-6ECB
Dieu43 Phase 4a Pre-D Task 2 Report (upload 15 + UPDATE 8)
11 min read Revision 1
dieu43context-packphase4a-pre-d-primetask2report
Đ43 Phase 4a Pre-D' — Report Task 2 (Upload 15 artifact + UPDATE 8 row)
Date: 2026-04-17 UTC+7
Agent: Claude Code CLI (phiên mới sau restart)
Scope: Task 2 only — upload 8 template + 7 SQL lên KB, UPDATE context_pack_section_definitions 8 row. DỪNG trước Stage D'.
Law base: Đ43 v1.2 FINAL rev 5 (KB revision 26) + Codex report Task 1 rev 1.
Status: DONE — 15/15 uploaded rev 1, 8/8 PG rows updated, 0 blocker.
Bước 0 — Checkpoint
Files đọc
knowledge/dev/laws/dieu43-system-context-law.mdrev 26 (v1.2 FINAL rev 5, volatile header wording BAN HÀNH option A)knowledge/dev/laws/dieu43-migrations/report-pre-d-prime.mdrev 1 (Codex Task 1 design 8 template + 7 SQL)- Memory auto-loaded: sync architecture, registry sync, PG migration, VPS-as-SSOT
Tuyên ngôn
- Vĩnh viễn: 15 file trong KB (SSOT), 8 PG row giữ path, thêm section = INSERT row + upload KB, 0 sửa code.
- Nhầm không được: CHECK constraint path whitelist, guard §5.8 verify path + 0 DML token + readonly role + READ ONLY TX + timeout 30s, upload qua Agent Data gateway (HP S176).
- 100% tự động: Stage D' generic renderer đọc section_definitions + template/query KB, KHÔNG case-dispatch, KHÔNG built-in fallback (Đ43 §6.X rev 4).
Phiên cũ mất /tmp/cp-artifacts/
Xác nhận /tmp/d43-artifacts/ trên VPS rỗng sau restart. Regenerate toàn bộ 15 file từ Codex report outline/skeleton + áp wording volatile header rev 5.
Bước A — Regenerate 15 artifact
Volatile header wording rev 5 áp dụng
markdown/mermaid (7 template + 1 mermaid):
<!-- VOLATILE HEADER -->
generated_at: {{generated_at}}
build_id: {{build_id}}
git_commit: {{git_commit}}
trigger_source: {{trigger_source}}
<!-- /VOLATILE HEADER -->
Placeholder mustache {{var}} — renderer fill 4 common runtime fields §6 Bước 5.
json (1 template project_map_json.json.tmpl):
{
"_volatile_header": {
"generated_at": "{{generated_at}}",
"build_id": "{{build_id}}",
"git_commit": "{{git_commit}}",
"trigger_source": "{{trigger_source}}"
},
"summary": {{{summary_json}}},
"laws": {{{laws_json}}},
...
}
Double-mustache {{var}} cho scalar (quoted string). Triple-mustache {{{jsonvar}}} cho JSON fragment (raw insert, không quote, không escape).
15 file
- 8 template:
knowledge__current-state__templates__<code>.<ext>.tmpl - 7 SQL:
knowledge__current-state__queries__<code>.sql(red_zones skip do data_source='static')
Bug project_map.sql — không có bug trong version mới
Viết lại từ skeleton Codex. Cú pháp jsonb_agg(expr ORDER BY ...) FILTER (WHERE ...) là valid PostgreSQL syntax. Bọc thêm COALESCE(..., '[]'::jsonb) để guarantee array ngay khi 0 row. EXPLAIN PASS không cần fix.
Bước B — Validate 7 SQL dưới role context_pack_readonly
Guard §5.8 verification
| Guard | Cách kiểm | Kết quả 7/7 |
|---|---|---|
| 1. Path whitelist | Path mỗi file match knowledge__current-state__queries__% |
PASS |
| 2. No DML/DDL token | grep INSERT|UPDATE|DELETE|ALTER|DROP|TRUNCATE|GRANT|REVOKE|COPY|CALL|VACUUM|ANALYZE|SET (ROLE|SESSION)|CREATE|DO |
0 hit mỗi file |
| 3. Readonly role | SET ROLE context_pack_readonly via workflow_admin wrapper |
PASS |
| 4. READ ONLY TX | BEGIN READ ONLY wrap |
PASS |
| 5. statement_timeout 30s | SET LOCAL statement_timeout = 30000 |
PASS |
Statement count
7/7 file dùng single statement, 0 semicolon trong body.
EXPLAIN + RUN PASS
project_map PASS (38 plan lines) directus DB
dot_registry PASS (33 plan lines) directus DB
entities_overview PASS (34 plan lines) directus DB
db_map PASS (23 plan lines) directus DB
architecture_mmd PASS (30 plan lines) directus DB
project_map_json PASS (49 plan lines) directus DB
laws_index PASS (36 plan lines) incomex_metadata DB
Cả 7 query actual RUN cũng trả về đúng 1 row với full JSON aggregate columns.
Target DB map
- 6 query (
project_map,dot_registry,entities_overview,db_map,architecture_mmd,project_map_json) → directus DB (đọcnormative_registry,dot_tools,birth_registry,system_issues,dot_config,pg_database) - 1 query (
laws_index) → incomex_metadata DB (đọckb_documents+_cp_patterns_cache) - Cả 2 DB đã cấp
context_pack_readonlytheo §5.8 guard 3 + §6.X P10 rev 2 (GRANT ON ALL TABLES + ALTER DEFAULT PRIVILEGES cross-DB).
Bước C — Upload 15 KB qua Agent Data API
Endpoint: POST /documents?upsert=true với X-API-Key
Body schema: document_id, parent_id, content{mime_type,body}, metadata{title,tags,source}
Separator encoding: POST document_id dùng / (theo contract API), storage kb_documents.key tự encode __ (qua _fs_key(), khớp Đ43 rev 3 __ whitelist CHECK).
Kết quả upload 15/15 rev=1
200 rev=1 knowledge__current-state__templates__project_map.md.tmpl
200 rev=1 knowledge__current-state__templates__laws_index.md.tmpl
200 rev=1 knowledge__current-state__templates__dot_registry.md.tmpl
200 rev=1 knowledge__current-state__templates__entities_overview.md.tmpl
200 rev=1 knowledge__current-state__templates__db_map.md.tmpl
200 rev=1 knowledge__current-state__templates__red_zones.md.tmpl
200 rev=1 knowledge__current-state__templates__architecture_mmd.mmd.tmpl
200 rev=1 knowledge__current-state__templates__project_map_json.json.tmpl
200 rev=1 knowledge__current-state__queries__project_map.sql
200 rev=1 knowledge__current-state__queries__laws_index.sql
200 rev=1 knowledge__current-state__queries__dot_registry.sql
200 rev=1 knowledge__current-state__queries__entities_overview.sql
200 rev=1 knowledge__current-state__queries__db_map.sql
200 rev=1 knowledge__current-state__queries__architecture_mmd.sql
200 rev=1 knowledge__current-state__queries__project_map_json.sql
Verify kb_documents.key
SELECT key FROM kb_documents
WHERE key LIKE 'knowledge__current-state__templates__%'
OR key LIKE 'knowledge__current-state__queries__%'
ORDER BY key;
→ 15 row, tất cả prefix __ khớp CHECK constraint chk_template_kb_path_whitelist + chk_query_kb_path_whitelist.
Mime_type map
.md.tmpl(7 template markdown) →text/markdown.mmd.tmpl,.json.tmpl,.sql(1 mermaid + 1 json-with-mustache + 7 SQL) →text/plain.json.tmplKHÔNG dùngapplication/jsondo chứa mustache{{{...}}}không parse được JSON thuần.
Bước D — UPDATE context_pack_section_definitions 8 row
Transaction + verify
BEGIN;
UPDATE ... WHERE code='project_map'; -- UPDATE 1
UPDATE ... WHERE code='laws_index'; -- UPDATE 1
UPDATE ... WHERE code='dot_registry'; -- UPDATE 1
UPDATE ... WHERE code='entities_overview'; -- UPDATE 1
UPDATE ... WHERE code='db_map'; -- UPDATE 1
UPDATE ... SET query_kb_path=NULL WHERE code='red_zones'; -- UPDATE 1
UPDATE ... WHERE code='architecture_mmd'; -- UPDATE 1
UPDATE ... WHERE code='project_map_json'; -- UPDATE 1
COMMIT;
8 UPDATE 1 line → 8/8 match. 0 CHECK constraint violation.
Evidence SELECT sau COMMIT
code | template_kb_path | query_kb_path
-------------------+-----------------------------------------------------------------+----------------------------------------------------------
project_map | knowledge__current-state__templates__project_map.md.tmpl | knowledge__current-state__queries__project_map.sql
laws_index | knowledge__current-state__templates__laws_index.md.tmpl | knowledge__current-state__queries__laws_index.sql
dot_registry | knowledge__current-state__templates__dot_registry.md.tmpl | knowledge__current-state__queries__dot_registry.sql
entities_overview | knowledge__current-state__templates__entities_overview.md.tmpl | knowledge__current-state__queries__entities_overview.sql
db_map | knowledge__current-state__templates__db_map.md.tmpl | knowledge__current-state__queries__db_map.sql
red_zones | knowledge__current-state__templates__red_zones.md.tmpl |
architecture_mmd | knowledge__current-state__templates__architecture_mmd.mmd.tmpl | knowledge__current-state__queries__architecture_mmd.sql
project_map_json | knowledge__current-state__templates__project_map_json.json.tmpl | knowledge__current-state__queries__project_map_json.sql
- 8/8
template_kb_pathNOT NULL ✓ - 7/8
query_kb_pathNOT NULL;red_zonesNULL (data_source='static') ✓ - Path prefix khớp 2 CHECK constraint ✓
Evidence tổng
| Item | Số lượng | Trạng thái |
|---|---|---|
| Templates uploaded | 8 | rev=1 |
| SQL queries uploaded | 7 | rev=1 |
kb_documents rows visible |
15 | key prefix knowledge__current-state__{templates|queries}__ |
context_pack_section_definitions rows updated |
8 | template_kb_path 8/8, query_kb_path 7/8 (red_zones NULL by design) |
| Guard §5.8 | 5/5 | PASS cho 7/7 query |
| EXPLAIN tests | 7 | PASS |
| Actual RUN tests | 7 | PASS (1 row mỗi query) |
| Banned DML/DDL tokens | 0 | 7/7 file |
| Statements per file | 1 | 7/7 file |
TD phát sinh
| ID | Mô tả | Priority |
|---|---|---|
| TD-S178-20 | Template renderer engine chưa chốt: chevron missing trên VPS, jinja2 installed nhưng syntax khác mustache. render_config.placeholder_style seed "mustache" cần renderer tương thích. Phiên Stage D' phải quyết 1 trong 2: (a) pip install chevron vào container, (b) chuyển seed sang "jinja" + sửa template. Ghi xong trong phiên này để Stage D' không lặp discover. |
Medium — Stage D' |
| TD-S178-21 | Git commit 5-tier fallback chưa ghi: §6 Bước 5 nói git_commit có 5-tier fallback, có thể = 'unknown', nhưng chưa liệt kê 5 tier. Stage D' khi implement build.sh fill common runtime fields phải tham chiếu phụ lục §15.3 hoặc amend thêm wording. |
Low — Stage D' |
| TD-S178-22 | laws_index.sql runs on incomex_metadata DB, 6 query còn lại runs on directus DB: build.sh cần pass đúng DB name theo section. Hoặc dispatch rule từ SQL content (first comment line -- DB: incomex_metadata). Hoặc thêm cột target_db vào context_pack_section_definitions. |
Medium — Stage D' |
DỪNG + Bàn giao
- Đã DONE: Bước 4 Task 2 full — 15 file KB + 8 PG row.
- KHÔNG code: Stage D' generic renderer,
build.sh§6 Bước 5 invocation, common runtime header injection. - Chờ Desktop: duyệt report + quyết TD-S178-20/21/22 + gate mở Stage D'.
Pre-D' Task 2 Report | Claude Code CLI | 2026-04-17 S178 Fix 12 post-restart | Đ43 v1.2 rev 5 artifact stocking complete