04 — Operator surface · delivery gate · text-as-code hardening

1. Operator / API surface readiness

The IU Core operator surface is a set of read-only SQL views + CLIs — no deploy/restart. This macro adds the vector-sync surface to it: command launcher (dot_commands CLI; OperatorRuntime.plan/apply/verify under RuntimeLease); command registry/health (v_dot_iu_command_registry, v_dot_iu_command_run_health); collection list/detail/render (v_iu_collection_envelope, v_iu_collection_manifest, fn_iu_collection_render); collection/route/delivery health (v_iu_collection_health, v_iu_route_attempt_summary, v_iu_route_dead_letter_open, iu_tree_change_log); NEW vector-sync status/drift (v_iu_vector_sync_status; the vector_sync CLI); NEW runtime lease status (dot_iu_runtime_lease).

Exact blocker for a Directus/Nuxt UI: the incomex-directus / incomex-nuxt containers are outside this repo's scope; exposing the v_* views as a Directus read-only collection or a Nuxt page is a deploy-gated integration task. No unsafe deploy/restart was performed.

2. Delivery gate readiness

The delivery seam (migration 013 + runtime/300) is already built: target registry, allowlist, dry_run=false guard, fail-closed delivery, retry / dead-letter, idempotency, disable, audit.

sandbox/150 re-verified — 8/9: T1/T2/T3 fail-closed gates PASS; T5/T6/T7 idempotency PASS; T8 projection carries op_id/op_type PASS; T9 dead-letter open = 0 PASS. T4 "internal delivery -> +1 row" could not demonstrate: 960x's runtime/300 delivered the entire 55-event structure backlog (iu_tree_change_log 1->56), so there is no undelivered event left. This is correct post-960x production state, not a defect — see finding F-1k-1 (doc 06): sandbox/150 is not self-seeding.

External delivery remains blocked: delivery_enabled=false, no live route in the allowlist. No external delivery was performed.

3. Text-as-code apply gate — re-verified operator-ready

sandbox/160 re-verified — 8/8: composer-gate-closed refusal; the reorder/remove/add reconciliation flow; validate-clean after each; manifest_digest deterministic roundtrip. Two bounded flows are covered: a bounded reversible flow (sandbox/160 T2-T7 reorder->remove->add on the live iu_core.autocut.file-001, every step inside BEGIN...ROLLBACK) and a no-op / idempotent flow (build_collection_apply_plan with desired == current -> is_noop; manifest_digest byte-identical). APPLY_IS_DESTRUCTIVE=False holds; destructive delete/apply remains forbidden. The 960x durable apply proof (roundtrip digest 3d51e759...) stands.

4. Piece-platform acceptance flows — evidence

Six end-to-end flows evidenced and DOT-traceable: create file/workflow from pieces (v_iu_collection_manifest 3 collections; sandbox/160); auto-cut -> composer (iu_core.autocut.file-001, runtime/290); text-as-code edit/apply (sandbox/160 8/8 + 960x proof); render/export (iu-tree/ manifests; fn_iu_collection_render); semantic sync plan (vector_sync dryrun -> 3 registry points); healthcheck (runtime/110 121/121; v_* _health views). At least one durable per flow; riskier ones in sandbox/rollback.