dot-iu-cutter v0.5 WS-Q5 — Seed + Privilege Production Execution Log

Phase: v0_5_WS_Q5_seed_privilege_production_execution · Date: 2026-05-18 Authority consumed (NOT reopened): GPT …WS-Q5-seed-privilege-revised-command-review-and-execution-approval-2026-05-18 → seed_privilege_revised_package: PASS_FOR_CONTROLLED_EXECUTION, execution_authorized: true, scope = revised seed subset + revised privileges only.

⚠️ GATING BANNER

phase: production_execution
execution_status: PASS                 # seed 31 rows + 36 grants committed
seed_role_used: workflow_admin         # OD-PV4 (NOT cutter_exec)
grant_role_used: workflow_admin
production_changed: true               # +31 seed rows, +36 table grants
rollback_executed: false               # NOT needed (all verification PASS)
separate_transactions: true            # tx1 seed / tx2 grant (QG7)
ddl: none ; alter: none ; usage_grant: NOT_RUN (already present, OD-PV3)
directus_mutation: none ; cut_verify: none ; deploy: none ; git_commit: false
secrets_recorded: none ; self_advance: PROHIBITED ; decision_authority: GPT/User

1. Access method

access: SSH alias 'contabo' -> docker exec postgres -> psql -U workflow_admin -d directus
container: postgres (Up, healthy)
secrets: NONE recorded (no password / DSN printed; in-container auth)

2. Mandatory pre-execution checks (read-only, AS workflow_admin) — ALL PASS

P1_target:
  system_identifier: 7611578671664259111      # == required -> PASS
  cutter_governance_schema_exists: yes (1)     -> PASS
  schema_owner: workflow_admin                 -> PASS
P2_table_state:
  12_WS_Q5_tables_present: yes (all 12)        -> PASS
  8_seed_target_tables: all 0 rows (empty)     -> PASS (no prior seed attempt)
  4_expected_zero_tables: all 0 rows
    (entity_reference_registry, source_document_registry,
     source_document_version_registry, authority_override) -> PASS
P3_roles:
  workflow_admin, cutter_ro, cutter_exec, cutter_verify all exist -> PASS
P4_schema_usage (read-only has_schema_privilege):
  cutter_ro=t  cutter_exec=t  cutter_verify=t  -> PASS
  action: USAGE already present -> NO GRANT USAGE issued (OD-PV3); conditional
          block remained INERT, NOT executed.
P5_command_integrity:
  seed SQL authored verbatim from seed-data-revised-draft (8 INSERT blocks, 31 rows)
  grant SQL authored verbatim from privilege-grant-revised-draft §3 (36 GRANT)
  no UPDATE(lifecycle) grant ; no deferred source family in seed DML
  no GRANT ALL / PUBLIC / owner change / WITH GRANT OPTION -> PASS
baseline_grant_snapshot_captured: yes
  (directus = SELECT|NO x12 pre-existing ; cutter_* = 0 ; owners = workflow_admin)
pre_execution_overall: ALL PASS

3. Mandatory fresh backup — PASS

command (redacted): docker exec postgres pg_dump -U directus -d directus -Fc > <backup_path>
backup_timestamp_utc: 20260518T072520Z
backup_path (safe): <VPS:redacted-home>/wsq5_seed_priv_backup_20260518T072520Z/prod-directus-preWSQ5seedpriv-20260518T072520Z.dump
backup_format: PostgreSQL custom dump (-Fc); header magic "PGDMP" verified
backup_bytes: 68510211
backup_sha256: 6bfb2063a18d70a7a039f15e484fcbb7e71935b233863212b31765a2e7155a8c
secrets_recorded: none
P_backup_result: PASS

4. Seed execution (tx1) — workflow_admin, single transaction

artifact: wsq5_seed.sql
artifact_sha256: d086735a8653753af8bdefbcfd4064227052c8ae5f2e270eff8ee341524f0970
artifact_bytes: 7627
integrity_across_hops: local == VPS-host == in-container (sha256 identical)
command (redacted): docker exec postgres psql -U workflow_admin -d directus
                    -v ON_ERROR_STOP=1 -f /tmp/wsq5_seed.sql < /dev/null
seed_start_utc: 2026-05-18T07:27:55Z
seed_end_utc:   2026-05-18T07:27:56Z
seed_rc: 0
psql_output: |
  SET
  BEGIN
  INSERT 0 8   (matcher_config_registry)
  INSERT 0 2   (address_template_registry)
  INSERT 0 2   (grammar_profile)
  INSERT 0 8   (grammar_profile_level)
  INSERT 0 2   (grammar_profile_status_marker)
  INSERT 0 5   (entity_kind_registry)
  INSERT 0 3   (source_family_registry)
  INSERT 0 1   (metadata_key_registry)
  COMMIT
seed_inserted_total: 31  (8+2+2+8+2+5+3+1)
client_encoding: UTF8 (set in script; status markers exact UTF-8)
on_conflict_used: none ; update/delete: 0
seed_execution_status: SUCCESS (committed)

Seed verification run immediately after COMMIT — result PASS (see verification-result companion).

5. Grant execution (tx2) — workflow_admin, separate transaction

pre_grant_usage_recheck (read-only): cutter_ro=t cutter_exec=t cutter_verify=t
  -> conditional GRANT USAGE NOT executed (inert, OD-PV3)
artifact: wsq5_grant.sql
artifact_sha256: 4bc36aa6557b65a05bb5df3f95c5adffc49621ace7e56e6c1e09ce03a93955c1
artifact_bytes: 3721
integrity_across_hops: local == in-container (sha256 identical)
command (redacted): docker exec postgres psql -U workflow_admin -d directus
                    -v ON_ERROR_STOP=1 -f /tmp/wsq5_grant.sql < /dev/null
grant_start_utc: 2026-05-18T07:29:41Z
grant_end_utc:   2026-05-18T07:29:42Z
grant_rc: 0
psql_output: BEGIN ; GRANT x36 ; COMMIT
grant_statement_count: 36 (cutter_ro SELECT x12 + cutter_exec SELECT,INSERT x12
                           + cutter_verify SELECT x12)
column_grants: 0 ; grant_all: 0 ; public_grant: 0 ; with_grant_option: 0
usage_grant: 0 (not needed) ; owner/role-membership change: 0
grant_execution_status: SUCCESS (committed)

Privilege verification run immediately after COMMIT — result PASS (see verification-result companion).

6. Authorized execution sequence — followed exactly

1 pre-execution checks  : DONE (ALL PASS)
2 fresh backup          : DONE (sha256 recorded)
3 seed DML (tx1)        : DONE (rc=0, committed, 31 rows)
4 seed verification     : DONE (PASS)
5 privilege grants (tx2): DONE (rc=0, committed, 36 grants)
6 privilege verification: DONE (PASS)
7 report and stop       : THIS PACKAGE (3 docs) -> STOP

7. Rollback evaluation (NOT executed)

seed_verification: PASS    -> seed rollback NOT triggered
privilege_verification: PASS -> privilege rollback NOT triggered
rollback_package_used: none
production_state: committed as designed (+31 seed rows, +36 table grants)

8. Statements

• Pre-execution P1–P5 + backup all PASS before any write. Seed and grant executed in two separate transactions as workflow_admin (QG7), each verbatim from the GPT-approved revised package; ON_ERROR_STOP armed and never triggered.
• No UPDATE(lifecycle) grant, no column-level grant, no GRANT ALL/PUBLIC, no WITH GRANT OPTION, no USAGE grant (already present), no owner/role-membership change, no deferred source family seeded, no generic grammar profile, no schema ALTER.
• No Directus mutation, no evidenced_by vocab amend, no Cap-4 checker change, no index DDL, no vector/NoSQL, no CUT, no VERIFY, no deploy/restart, no git commit.
• Self-advance PROHIBITED — doc 1 of 3; STOP after package complete → route GPT/User.

Companion files: seed-privilege-production-verification-result, seed-privilege-production-report.