dot-iu-cutter v0.3 — Read-Observability Dry-Run RE-RUN Execution Report

document_path: knowledge/dev/laws/dieu44-trien-khai/v0.3-dry-run/dot-iu-cutter-v0.3-read-observability-dry-run-rerun-execution-report-2026-05-16.md
revision: r1
date: 2026-05-16
author: Agent (Claude Code CLI, Opus 4.7 1M)
sovereign: User / anh Huyền
verifier: GPT (PENDING)
phase: v0.3 — read-observability DRY-RUN RE-RUN (corrected harness)
authorization: GPT verdict — Agent PASS; DDL/rollback substantively proven;
  harness revision required; dry-run re-run required; DDL UNCHANGED
dry_run_status: PASS_WITH_NOTES
all_4_FN_resolved: true
ddl_changed: false   rollback_changed: false
production_touched: read-only only (sysid 7611578671664259111 unchanged)
self_advance: PROHIBITED — awaiting GPT review (command-review NOT allowed yet)

✅ Re-run with the corrected harness = clean PASS. DDL/rollback artefacts unchanged and SHA-gated to the GPT-pinned values. All substantive checks green, all 4 prior false-negatives resolved, rollback clean, env torn down, production never mutated. dry_run_status = PASS_WITH_NOTES. No self-advance.

---

§1 — Environment & Artefacts

dry_run_env: pg-dryrun-v0.3-readobs-rerun-2026-05-16
  image: postgres:16 | published_port: NONE | ephemeral: true
  sysid: 7640629181421084711  (≠ prod 7611578671664259111 — asserted pre-DDL)
  status: torn down (docker rm -f; volume prune; confirmed absent)
work_dir: /opt/incomex/backups/dieu44_v0_3_readobs_dryrun_rerun_20260516T230306Z/
restore_source (fresh READ-ONLY prod pg_dump):
  path: …/prod-directus-20260516T230306Z.sql
  size_bytes: 667341377
  sha256: b7840f2d81573f8e4cc91bd362d9c90e54158858891f28ea019c4f993dfaea4d
DDL_sql (UNCHANGED; SHA-gated to GPT-pinned):
  path: …/v0_3_read_observability.sql
  sha256: 065ee6d3f1aac760715cb6cc1bc8aa243d680fa20128a3c05e2b679f318e3b04  (GATE PASS)
rollback_sql (UNCHANGED; SHA-gated to GPT-pinned):
  path: …/v0_3_read_observability_rollback.sql
  sha256: 059f1dcf0154eac260a0b47c08c161ee45ecb7a8b60d634349da894d7e611a5c  (GATE PASS)
corrected_harness:
  path: /root/v0_3_readobs_dryrun_rerun.sh
  sha256: 5f9a30ab787f5f206d0391714cc0105eadf3600badaeba4cb61596bddef48dc4
  (authored locally; scp'd byte-identical; not edited on host)
restore_noise: benign "role context_pack_readonly / incomex does not exist"
  (ownership lines; zero structural impact — same as all prior restore tests)
provisioning_note: first attempt aborted SAFELY (env not ready — postgres
  image first-boot initdb/restart race vs the readiness poll); no env left
  running (removed), production read-only and untouched. Readiness wait
  hardened (real `SELECT 1` poll, 2 consecutive successes, ~185s window);
  this report covers the successful run TS=20260516T230306Z.

§2 — The 4 Harness Fixes (only behavioural change; DDL/rollback verbatim)

FN-1 role flags: replaced the `f,f,f,f,f,f` literal compare with a structural
  CASE returning a PASS/FAIL scalar
  (NOT rolcanlogin AND NOT rolsuper AND NOT rolbypassrls AND NOT rolcreaterole
   AND NOT rolcreatedb AND NOT rolreplication → 'PASS'); raw flags also echoed
  as INFO. RESULT: V02_role_flags=PASS (raw: all false).
FN-2 public.USAGE: removed from fail gates entirely; emitted as NOTE N-1 only
  (PostgreSQL default PUBLIC grant; not v0.3-introduced; NOT revoked; no
  mutation of cluster defaults). RESULT: logged as NOTE, not asserted.
FN-3 multi-statement parse: dropped the `SET ROLE …; SELECT …` single-string;
  now connects with PGOPTIONS '-c role=cutter_ro' so a single clean SELECT
  returns ONLY the scalar. RESULT: V12_functional_read_all_views_0rows=1;
  base SELECT denied=yes; base write denied=yes.
FN-4 ownership guard: pg_shdepend now filtered to deptype='o' (true
  ownership); ACL grant deps (deptype 'a') no longer counted. RESULT:
  RB_guard_owns_deptype_o=0 (role owns nothing); members=0.

§3 — DDL Execution (SUCCESS)

SHA gate: GATE_DDL_SHA=PASS (== 065ee6d3…) ; GATE_RB_SHA=PASS (== 059f1dcf…)
command: psql -v ON_ERROR_STOP=1 -f v0_3_read_observability.sql  (env only)
output: BEGIN / CREATE ROLE / COMMENT / CREATE VIEW ×12 / GRANT ×13 / COMMIT
DDL_RC: 0

§4 — Verification (ALL PASS; VERIFY_FAIL_COUNT=0)

V01 role exists: 1
V02 role flags (structural scalar): PASS  (raw: canlogin/super/bypassrls/
    createrole/createdb/replication all false)   [FN-1 resolved]
V03 no role membership: 0
V04 twelve views exist: 12
V05 cutter_ro SELECT on each of 12 views: t ×12
V06 cutter_ro NO SELECT on each of 12 base tables: f ×12
V07 no write (INSERT/UPDATE/DELETE/TRUNCATE) on 24 rels (96 checks): 0
V08 USAGE cutter_governance=t; CREATE cutter_governance=f; USAGE sandbox_tac=f
    NOTE N-1 public.USAGE=t (PG default; not a gate)                [FN-2 resolved]
V09 30 redacted columns absent across the 12 views: 0 present
V10 per-view visible counts (7,19,6,6,4,7,9,11,11,9,22,23) exact; total=134
V11 no pg_views definition leaks any redacted name: 0
V12 functional read as cutter_ro (PGOPTIONS role) each view = 0 rows;
    base SELECT denied=yes; base write denied=yes                   [FN-3 resolved]
V13 all 12 views 0 rows ; V14 all 12 base tables 0 rows
V15 base count 12; PK 12; FK 19; per-base colcount unchanged
V16 directus_collections unchanged (164); directus_permissions unchanged (1173)
V17 no RLS (0) ; V18 env sysid unchanged (7640629181421084711)
VERIFY_FAIL_COUNT: 0

§5 — Rollback Test (SUCCESS)

guard (corrected): members=0 ; owns(deptype='o')=0  [FN-4 resolved]
executed: rollback SQL (sha 059f1dcf…) single txn, rc=0
result: REVOKE ×13 / DROP VIEW ×12 / DROP ROLE → cutter_ro absent; 0 v0.3
  views; base 12 tables intact (PK12/FK19); Directus collections 164
  unchanged; no RLS. Baseline fully restored. NO CASCADE.

§6 — Notes

N-1 cutter_ro inherits PostgreSQL's default PUBLIC USAGE on schema `public`.
  True for ALL roles cluster-wide; NOT introduced by v0.3; grants no
  table/data access; NOT revoked (cluster-wide + out of scope). The production
  command-review should explicitly acknowledge this PG default.
N-2 restore noise (context_pack_readonly / incomex role-absence) benign;
  zero structural impact; identical to all prior phase restore tests.
N-3 first provisioning attempt aborted safely on an env-readiness race; no
  collateral (env removed, prod read-only). Harness readiness wait hardened.
N-4 DDL/rollback artefacts are byte-stable and SHA-gated to the GPT-pinned
  values (065ee6d3… / 059f1dcf…) — UNCHANGED, as mandated.

§7 — Disposition

dry_run_status: PASS_WITH_NOTES
all_4_FN_resolved: TRUE (FN-1 structural scalar; FN-2 NOTE-only; FN-3 PGOPTIONS
  role scalar; FN-4 deptype='o' guard) — no false-negative remains
ddl_artefact_verdict: SOUND (clean rc=0; every substantive assertion passed;
  rollback clean; production untouched)
production_state: SAFE & UNCHANGED (read-only; sysid 7611578671664259111;
  cg=12; no cutter_ro; no v0.3 views; no RLS; directus_permissions=1173)
env: torn down; protected envs untouched
next_recommended_step: GPT review of THIS re-run report. command-review remains
  NOT allowed until GPT explicitly authorizes. No self-advance. No production
  action. (Open item for the eventual command-review: NOTE N-1 acknowledgement;
  B-4 member binding still deferred; B-5 app-role tightening still separate.)
self_advance_to_command_review: PROHIBITED

§8 — Hard Boundaries (honored)

dry_run_only: TRUE                 ddl_changed: FALSE   rollback_changed: FALSE
production_DDL/mutation/GRANT/REVOKE: NONE
directus_change: NONE   RLS_change: NONE   deploy: NONE   CUT_or_VERIFY: NONE
prod_touched: read-only inspection + read-only pg_dump only
env_isolated_no_published_port: TRUE   env_sysid≠prod: TRUE   env_torn_down: TRUE
ddl_rollback_sha_gated_to_GPT_pinned: TRUE
self_advance_to_command_review: PROHIBITED
output_form: v0_3_read_observability_dry_run_rerun_execution_report

End of v0.3 read-observability dry-run RE-RUN execution report (PASS_WITH_NOTES; 4 FN resolved).