KB-7953
dot-iu-cutter v0.2 — P0-6 + P0-5 Remainder r2 Dry-Run Execution Report (PASS_WITH_NOTES) (2026-05-16)
8 min read Revision 1
dot-iu-cutterdieu44v0.2p0-6p0-5-remainderr2dry-runexecution-reportpass-with-notes
dot-iu-cutter v0.2 — P0-6 + P0-5 Remainder r2 Dry-Run Execution Report
document_path: knowledge/dev/laws/dieu44-trien-khai/v0.2-dry-run/dot-iu-cutter-v0.2-p0-6-p0-5-remainder-r2-dry-run-execution-report-2026-05-16.md
revision: r1
date: 2026-05-16
author: Agent (Claude Code CLI, Opus 4.7 1M)
sovereign: User / anh Huyên
verifier: GPT (dry-run review — PENDING)
phase: v0.2 — P0-6 + P0-5-remainder r2 DRY-RUN (executed on isolated env)
ddl_revision_used: r2 (r1 NOT used; superseded)
dry_run_status: PASS_WITH_NOTES
production_mutation: false
production_ddl: false
production_migration_allowed: false
✅ Dry-run executed end-to-end on a fresh isolated ephemeral environment. All required proofs PASSED. Two benign notes (see §8). Production was read-only (pg_dump + catalog SELECT); sysid unchanged. Production migration remains forbidden.
§1 — Environment
dry_run_env_name: pg-dry-run-v0.2-p0-6-p0-5-remainder-2026-05-16
image: postgres:16
host_port_published: NONE (docker exec only; isolated)
lifecycle: EPHEMERAL — created + restored + tested + TORN DOWN this run
volume: pg-dry-run-v0.2-p0-6-p0-5-remainder-2026-05-16-vol (removed at cleanup)
vps: 38.242.240.89 (vmi3080463)
production_container: `postgres` (NOT targeted for any write/DDL)
identity_guard:
PROD_SYSID: 7611578671664259111
DR_SYSID: 7640373642989559852
result: PASS (DR_SYSID != PROD_SYSID; asserted BEFORE any DDL)
protected_envs_untouched: pg-dry-run-v0.2-p0-2-2026-05-16,
pg-dry-run-v0.2-phase-alpha-2026-05-16, pg-dry-run-hb05-2026-05-15
(verified running before launch; not accessed/modified)
script_artefact: /root/p0-6-p0-5-dryrun/dryrun_p0_6_p0_5.sh
sha256: 4a731ab526ce23b57e5f8b744a04cc08bc06498724491735550dc739816fc1e6
log: /root/p0-6-p0-5-dryrun/dryrun.log (MARK START 06:31:20Z → MARK END 06:33:28Z)
§2 — Backup Used For Restore
method: docker exec postgres pg_dump -U workflow_admin -d directus (READ-ONLY on prod)
backup_path: /root/p0-6-p0-5-dryrun/prod-directus-20260516T063121Z.sql
backup_sha256: 80f9dc7f72b307f9bcb295d9c3a35fb763c81e506eb35af07a5e97c9f0d3bf81
backup_size_bytes: 650320592 (~620 MB; full directus DB — faithful restore)
restored_into: dry-run env directus DB (superuser workflow_admin; role directus created)
restore_fidelity: PROVEN by preflight (cg=8, A-1=entry_id uuid, manifest PKs,
tac_logical_unit=86, sandbox_tac.logical_unit=76) — not assumed
§3 — Extracted SQL Artefact
artefact_path: /root/p0-6-p0-5-dryrun/p0_6_p0_5_r2.sql
artefact_sha256: 89652d5f1f22dad18b6dfeaf88dc77b3452e78a0f28cc79befa389af3025c4b0
(identical local & VPS — transfer integrity verified)
source: v0.2-ddl-authoring/dot-iu-cutter-v0.2-p0-6-p0-5-remainder-ddl-draft-2026-05-16.sql.md
revision_confirmed: r2
r1_used: NO (r1 superseded — not extracted, not executed)
forbidden_child_column_guard: CLEAN (no standalone decision_id / from_decision_id
/ to_decision_id; whole-identifier regex check)
create_table_count: 4 ; single BEGIN…COMMIT
§4 — Preflight (all gates PASS, before any DDL)
| Check | Result |
|---|---|
| dry-run DB identity confirmed (sysid != prod) | PASS (7640373642989559852 ≠ 7611578671664259111) |
| production untouched | PASS (read-only pg_dump + SELECT only) |
| prod backup restored to dry-run | PASS (fidelity proven by checks below) |
| cutter_governance = 8 before DDL | PASS (canonical_address_alias, cut_change_set, cut_change_set_affected_row, decision_backlog_entry, dot_pair_signature, manifest_envelope, manifest_unit_block, verify_result) |
| review_decision absent | PASS (t) |
| decision_backlog_history absent | PASS (t) |
| decision_backlog_dependency absent | PASS (t) |
| decision_backlog_sweep_log absent | PASS (t) |
| A-1: decision_backlog_entry PK = entry_id uuid | ✅ PASS (entry_id uuid) |
| manifest_envelope PK = (envelope_id) | PASS |
| manifest_unit_block PK = (envelope_id, unit_local_id) | PASS |
| public.tac_logical_unit Phase α intact | PASS (86 rows) |
| sandbox_tac.logical_unit Phase α intact | PASS (76 rows) |
| P0-2 manifest tables intact and empty | PASS (manifest_envelope=0, manifest_unit_block=0) |
§5 — DDL Execution Result
target: dry-run env ONLY (docker exec; never the `postgres` prod container)
mode: single transaction, psql -v ON_ERROR_STOP=1 -f - < p0_6_p0_5_r2.sql
output: BEGIN / CREATE TABLE ×4 / COMMIT
DDL_RC: 0
DDL_RESULT: SUCCESS
§6 — A-1 Gate Result
✅ A-1 PASS. cutter_governance.decision_backlog_entry PK = entry_id uuid
in the restored dry-run (identical to production). The r2 FKs target
decision_backlog_entry(entry_id) and were created without error. Post-DDL
V_dbe_pk_after = entry_id uuid (parent PK unchanged; no collateral).
§7 — Verification & Rollback (summary; detail in verification-results doc)
verification: ALL PASS (4 tables exist, all 0 rows, cg=12, FK=7 exact shapes,
0 cross-schema FK, 0 CHECK/trigger/DEFAULT/PG-enum/lookup, 0 forbidden child
cols, entry-family cols 1/2, 0 seed rows, no collateral to v0.1/Phase α/P0-2/
tac_logical_unit/sandbox)
rollback_test: PASS — DROP of the 4 empty tables (child-safe order); RB_RC=0;
cutter_governance back to exactly the original 8 tables
§8 — Notes (→ PASS_WITH_NOTES)
N-1: restore emitted 3× "ERROR: role \"context_pack_readonly\" does not exist".
Cause: GRANT/RLS statements in the prod dump reference a prod-only role not
created in the superuser-only ephemeral env (restore run with ON_ERROR_STOP=0
by design). Impact on tested objects: NONE — every restore-fidelity preflight
gate PASSED (cg=8, A-1=entry_id uuid, manifest PKs, tac=86, sandbox=76). The
cutter_governance schema + tac_logical_unit + sandbox_tac were restored intact.
This is a known ephemeral-env artefact (same class as prior Phase α / P0-2
dry-runs) — not a defect in the r2 DDL.
N-2: env is ephemeral (torn down post-run). Backup, SQL artefact, orchestrator,
and full log retained at /root/p0-6-p0-5-dryrun/ for audit/re-run.
§9 — Production-Untouched Confirmation
prod_access_mode: READ-ONLY (pg_dump + catalog SELECT via workflow_admin)
prod_DDL: NONE ; prod_DML: NONE ; prod_migration: NONE ; deploy: NONE ; CUT/VERIFY: NONE
PROD_SYSID start: 7611578671664259111
PROD_SYSID reconfirm: 7611578671664259111 (unchanged)
protected_dry_run_envs: untouched
§10 — Status & Next Step
dry_run_status: PASS_WITH_NOTES
production_migration_allowed: FALSE (remains forbidden)
next_recommended_step: GPT review of this dry-run package (3 docs). If PASS →
proceed to the production COMMAND-REVIEW package authoring lane (separate,
explicitly prompted). Agent does NOT self-advance to command review.
agent_self_advance: PROHIBITED
§11 — Hard Boundaries (honored)
dry_run_executed_on_isolated_env_only: TRUE
production_mutation: FALSE
production_ddl: FALSE
production_migration: FALSE
deploy: FALSE
CUT_or_VERIFY: FALSE
self_advance_to_command_review: FALSE
protected_dry_run_envs_untouched: TRUE
output_form: p0_6_p0_5_remainder_r2_dry_run_execution_report
End of r2 dry-run execution report (PASS_WITH_NOTES).