5000x · macro · scope · gates · constitutional pivot
01 — 5000x macro · scope · gates · constitutional pivot
1. Status
IU_CORE_5000X_NUXT_FACTORY_PILOT_MONITORING_RETENTION_PASS.
24 of 26 product-readiness rows DONE. 2 rows DONE_WITH_EXTERNAL_BLOCKER covering the frontend / DevOps deploy + the future durable retention enablement (both deferred-by-design, see doc 07). Zero unsafe state at exit — all write gates inert, retention gate inert, three-axis auto-refresh gate back to false.
2. Constitutional pivot mid-macro
The 4000x ui-package shipped a one-off Vue page + composable. Mid-5000x the user issued an explicit override:
Do NOT code directly into the Nuxt repo. Do NOT hand-copy Vue pages/composables into the live Nuxt source as a one-off feature. Do NOT implement IU business logic in Nuxt. Do NOT deploy/restart Nuxt unless the UI artifact is generated through an approved template/factory/assembly pipeline and all gates pass.
This rewrote the macro mid-flight: the original task C ("copy/merge into Nuxt source repo, build, redeploy") was forbidden; the new task C ("build reusable UI factory/template package outside live Nuxt, prove repeatability, produce deploy runbook") replaced it. Tasks D and E adapted accordingly.
Verification of compliance at the moment of the override: the override arrived after task A (production read-only survey) and during task D (read-only Directus REST smoke). At that instant zero Nuxt source files had been touched. Reading the user message back: "If you already copied or modified any Nuxt source directly: STOP that branch; report exact files touched; revert or isolate the change; continue with template/factory/package work only" — there were no files to revert.
3. Host + tools
- MacBook:
/Users/nmhuyen/iu-cutter-build/repo/iu-cutter, branchmain, parent HEAD3ae4c62(4000x commit). - Tools: git, psql (homebrew), pg_dump (homebrew), python3, ssh.
- SSH alias
contabo→ VPS hostvmi3080463. - VPS containers (all healthy):
postgres,incomex-directus,incomex-nuxt,incomex-qdrant.
4. Gates passed before the production mutations
The macro performed two durable production mutations:
| mutation | gate |
|---|---|
runtime/350 — auto-refresh trigger 5000x pilot (gate-cycle, 2 audit rows under actor='iu_5000x_pilot') |
(G1) fresh pg_dump -Fc backup taken first — directus-pre-iucore-5000x-20260523T093747Z.dump sha256 8a0df45e…90452e2; (G2) gate cycle scoped to the same transaction; (G3) rollback file runtime/rollback/350_…rollback.sql exists |
migration 025 — retention substrate (table / view / function / config, all idempotent) |
(G1) same pre-mutation backup; (G2) gate iu_core.retention_enabled stays false at COMMIT; (G3) rollback file rollback/025_…rollback.sql exists; (G4) sandbox/240 7-probe BEGIN/ROLLBACK PASS against the live schema before COMMIT |
A third durable mutation — runtime/110 SSOT inventory bump — is a
read-only scan; the file was edited but is itself a BEGIN/ROLLBACK
scan with no persisted side effect.
5. Forbidden actions confirmed NOT taken
| forbidden action | status |
|---|---|
| broad service restart | none — no docker compose restart, no docker compose up -d |
restart of any container besides incomex-nuxt |
none — and incomex-nuxt was NOT restarted either |
| destructive vector reindex | none — iu_core_iu_chunks still 61 points, production_documents still 9226 (untouched) |
| cross-IU vector / chunk | none — every Qdrant payload still carries unit_id + axis_refs |
| hardcoded secret / connector / embedder | none — every token / api-key discovered at runtime via docker inspect, never logged |
| external downstream workflow delivery | none — iu_core.delivery_enabled='false' throughout |
| uncontrolled production CUT execution | none — no IU mint, no lifecycle promotion |
| destructive text-as-code import/apply | none — no text-as-code call in this macro |
| broad lifecycle mutation | none — only set updated_at = now() on 6 already-enacted rows under app.canonical_writer marker |
| ungoverned IU creation | none — no fn_iu_create, no birth-gate write |
| destructive cleanup | none — retention function ran only dry_run=true durably; the dry_run=false branch was exercised only under sandbox/240 ROLLBACK |
| direct PG access from Nuxt | none — ui_factory.py writes only under ui-package/nuxt-three-axis-factory/generated/; never reads or writes /opt/incomex/docker/nuxt-repo/ |
| Nuxt business logic outside approved assembly pattern | none — factory templates contain no IU-specific field name; all field names are descriptor-injected at render time |
| secret logging | none — cutter_agent/iu_core/healthcheck.py SQL strings carry no token; TestNoHardcodedSecretOrConnector covers it |
| push / merge / tag | none — local commit only |
| GPT handoff as task input | none — macro read SSOT directly under knowledge/dev/laws/dieu44-trien-khai/v0.6-iu-core-4000x-…/ |
6. Scope realised in this macro
- A. baseline + backup ......................... DONE
- B. read-only Nuxt convention discovery ....... DONE
- C. UI factory / template package authored . DONE (≠ "deploy")
- D. Directus REST + Qdrant E2E smoke .......... DONE
- E. auto-refresh production pilot (runtime/350) DONE
- F. monitoring / 7-surface healthcheck ........ DONE
- G. retention substrate (migration 025) ....... DONE (gate inert)
- H. real user flow pilot ...................... DONE
- I. final rollout matrix + ruling ............. DONE (see doc 06)
- J. roadmap + lesson update ................... DONE (see doc 07)
- K. tests + commit + KB upload ................ DONE
Open external residuals captured in docs 03 and 06.