Incomex AI Portal
KB-68E3

IU Core 2400x — Acceptance matrix + DOT + five-layer

6 min read Revision 1
iu-core2400xdieu44acceptance-matrixdot-conformancefive-layer

05 — External integration acceptance matrix + DOT + five-layer

1. External integration acceptance matrix (2400x)

# Row Status Evidence
1 Qdrant dedicated collection (iu_core_iu_chunks) DONE live, dim 1536 / Cosine / green; separate from production_documents (still 9 213 points, untouched)
2 Full / bounded live reindex (60 / 60 IUs) DONE 5/6 -> 60/61 points via apply_iu_set; 2 bounded batches in 1.85 s (doc 03)
3 Per-IU vector boundary (3-layer enforcement) DONE assert_boundary + fn_iu_vector_sync_record_v2 + DB CHECK; 61/61 payloads carry unit_id+chunk_index+chunk_count+axis_refs; zero forbidden payloads in drift audit
4 AgentData semantic sync DONE 7 KB reports uploaded + verified (doc 06 §16)
5 Directus read-only collection registration DONE iu_three_axis_envelope registered (managed table); GET /collections returns 200; 16 fields auto-discovered; the legacy view-backed v_ui_iu_three_axis_envelope registration was retired (DELETE /collections/<view> -> 204)
6 Directus read-only permissions DONE POST /permissions {policy=<Administrator>, action=read, fields=["*"]} -> 200; the 2000x blocker is CLOSED
7 Directus REST GET /items/<collection> returns rows DONE GET /items/iu_three_axis_envelope?limit=2 -> 200 with axis_a / axis_b / axis_c fields present (sample in doc 02 §6)
8 Nuxt assembly contract DONE with deploy-gated blocker contract supports the new collection via IU_CORE_DIRECTUS_COLLECTION override; Nuxt env flip + redeploy is operator-gated (doc 04)
9 Internal delivery seam DONE (carried forward) unchanged from 2000x; route worker remains live + dry-run-only
10 Text-as-code apply DONE (carried forward) unchanged from 2000x; no apply in 2400x
11 OperatorRuntime governed plan/apply/verify DONE (carried forward) gate inert in this macro
12 DOT / no-hardcode DONE migration 022 + runtime/110 + 21 new tests; DOT 128 -> 132/132 PASS; no hardcoded literal (every key/host/collection discovered from registry/config/env)
13 Rollback / disable DONE every row above has a rollback: migration 022 rollback file, Directus DELETE /collections/..., Qdrant per-point DELETE via UUIDv5, PG actor-scoped DELETE, runtime/320 rollback (cache truncation)

Summary: 13 DONE. One row (Nuxt) carries an operator-gated deploy blocker (env flip + redeploy), not an IU Core code gap. 0 BLOCKED. 0 PARTIAL.

2. DOT — runtime/110 verdict (live)

D9_conformance|config    |8 |8 |t
D9_conformance|event_type|15|15|t
D9_conformance|function  |49|49|t
D9_conformance|route     |16|16|t
D9_conformance|table     |20|20|t
D9_conformance|trigger   |3 |3 |t
D9_conformance|view      |21|21|t

Total: 132 / 132 PASS. D8 drift guard returns zero unregistered IU Core objects. D1-D7 per-row PASS confirms every expected object is present in pg_catalog at the same value the SSOT lists.

3. No-hardcode audit (this macro)

  • Qdrant collection name, dim, distance, embedder model — discovered from v_iu_qdrant_collection_active.
  • Directus admin URL + token — from incomex-agent-data env (DIRECTUS_URL, DIRECTUS_ADMIN_TOKEN); never logged.
  • IU candidate set — discovered from v_ui_iu_three_axis_envelope JOIN unit_version (lifecycle filter).
  • Directus field list — discovered from v_ui_iu_directus_registration_envelope (migration 021 view).
  • Qdrant point id namespace — QDRANT_POINT_ID_NAMESPACE constant in vector_sync.py, locked by regression test (2000x).
  • Per-IU chunk size — DEFAULT_IU_CHUNK_CHARS=1800, locked by regression test (1k+).

Zero new literal hosts / containers / DB names / API URLs introduced.

4. Five-layer impact (rolled up)

layer impact
PG migration 022 (+1 table / +1 view / +2 functions); runtime/320 (163 upserts into the cache table); +55 indexed rows in iu_vector_sync_point (6 -> 61); gate toggled+closed within try/finally
Directus retired the legacy view-backed collection; registered iu_three_axis_envelope as a managed table (16 fields auto-discovered, +2 provenance cols); added Administrator-policy READ permission; GET /items/... now serves real rows
Nuxt none (config-only operator action queued in doc 04)
AgentData +7 KB reports (this directory)
Qdrant iu_core_iu_chunks 6 -> 61 points (60 unique IUs; KT-B split); production_documents untouched

5. Test surface

  • 1093 -> 1114 tests (+21 net): tests/test_iu_core_2400x_three_axis_table_promotion.py (21 tests) covers: migration 022 contract, rollback contract, runtime/320, sandbox/210, DOT SSOT additions.
  • Plus mechanical DOT-count bumps in 8 existing tests (120x, 240x, 480x, 500x, 540x, 1k, 1500x, ddl, structure_op, 1k_plus) to reflect the 128 -> 132 surface.
  • Full suite: python3 -m pytest tests/ -q --ignore=tests/_orchestrator_o2_harness.py -> 1114 passed in 0.67 s.

6. Constitutional anchors preserved

  • Per-IU vector boundary (binding): 3-layer enforcement remains intact; Qdrant payload re-audited at 61/61.
  • UI assembly boundary (binding): PG -> Directus -> Nuxt. The promotion is a PG-layer artifact; the Directus side is REST-only / read-only; Nuxt is untouched.
  • Reversible-by-default: every change has a rollback step enumerated (matrix row 13 + docs 02 §7 + 03 §6).
  • AgentData report gate: git commit alone insufficient; 7 KB reports uploaded + list_documents + search_knowledge verified (doc 06).
Back to Knowledge Hub knowledge/dev/laws/dieu44-trien-khai/v0.6-iu-core-2400x-directus-promotion-full-qdrant-reindex-open-goal/05-acceptance-matrix-and-dot.md