KB-61F4
IU Core 8000x — Carry-forward (O1–O15 operator steps + 8500x–8900x macros)
5 min read Revision 1
iu-corev0.68000xcarry-forwardoperator-followon8500x8600x8700x8800x8900xlessonsmemory-updates
IU Core 8000x — Carry-forward
What the next macro / operator step should pick up.
Immediate operator follow-on (no new macro needed)
These steps unblock everything else. They are all single-operator actions on the VPS, no design work required:
| Step | Owner | Command | Expected outcome |
|---|---|---|---|
| O1 | operator (sovereign PG) | pg_dump -Fc --no-owner directus > directus-pre-iucore-8000x-$(date -u +%Y%m%dT%H%M%SZ).dump |
backup artifact saved off-host |
| O2 | operator | psql -d directus -v ON_ERROR_STOP=on -f sql/iu-core/026_compensation_primitives.sql |
migration 026 applied; fn_iu_supersede + fn_iu_retire now in pg_proc |
| O3 | operator | psql -d directus -v ON_ERROR_STOP=on -f sql/iu-core/sandbox/250_compensation_primitives_probe.sql |
250.1–250.8 PASS; nothing committed |
| O4 | operator | psql -d directus -v ON_ERROR_STOP=on -f sql/iu-core/runtime/110_iu_core_dot_conformance_scan.sql |
D9 verdict reports function=54/54 ok=true; total 146 |
| O5 | operator | psql -d directus -v ON_ERROR_STOP=on -f ops/governance-promotion-package-8000x/00_preflight.sql |
preflight.1–.7 PASS |
| O6 | operator | psql -d directus -v ON_ERROR_STOP=on -f ops/governance-promotion-package-8000x/01_author_manifest.sql |
1 envelope + 86 unit_blocks committed |
| O7 | operator | psql -d directus -v ON_ERROR_STOP=on -f ops/governance-promotion-package-8000x/02_create_review_decision.sql |
1 review_decision committed |
| O8 | operator | psql -d directus -v ON_ERROR_STOP=on -f ops/governance-promotion-package-8000x/03_promote_candidates.sql |
86 IUs enacted; iu_lifecycle_log gains 86 enact rows |
| O9 | operator | psql -d directus -v ON_ERROR_STOP=on -f ops/governance-promotion-package-8000x/05_postflight_verify.sql |
postflight.1–.8 PASS |
| O10 | operator | python3 -m ops.qdrant_onboarding_package_8000x.run_onboarding --dry-run … |
preview chunk count + IU coverage |
| O11 | operator | UPDATE dot_config SET value='true' WHERE key='iu_core.vector_sync_enabled' |
gate=true |
| O12 | operator | python3 -m ops.qdrant_onboarding_package_8000x.run_onboarding … |
DIEU vectors indexed; iu_vector_sync_point grows by chunk count |
| O13 | operator | UPDATE dot_config SET value='false' WHERE key='iu_core.vector_sync_enabled' |
gate=false |
| O14 | operator | ~/.../iu_core_healthcheck.sh |
7/7 GREEN with sync_points_indexed and unique_units bumped |
| O15 | operator | hand-off: 8000x execution complete; ready to draft 8500x | — |
New macros to draft
| Macro | Owner | Purpose |
|---|---|---|
| 8500x | next agent run | Wraps O1–O15 in a single macro IF the harness gains a sovereign PG / Qdrant write channel (e.g. via Directus extension or a dedicated DOT execution lane) |
| 8600x | next agent run | Real-corpus DIEU retrieval smoke (vector + Directus) once O12 is done |
| 8700x | DevOps / agent | Linux-host cron timer to replace Mac cron (carry-forward from 6000x) |
| 8800x | operator + agent | Paired retention enable + monitoring on ≥2026-06-22 |
| 8900x | frontend / agent | PR #669 merge (web-test feat/iu-core-three-axis-envelope → main); requires frontend authority |
| 5500x | S177 macro line | Production governed-tools macro (S177 carry-forward; not IU Core) |
Lessons captured (memory-worthy)
- Read role lacks USAGE on
cutter_governancebut pg_namespace is visible — always checkpg_namespacedirectly wheninformation_schema.schematareturns nothing for an expected schema. - Directus REST is correctly fenced from
cutter_governance.*— responses are 403 not 404, which is the right S177-hardened behaviour. - Deterministic UUIDs from
md5(macro_tag||':role:'||candidate_hash)give automatic idempotency by PK collision without needing a separate "already_run" table. Re-runnable safely. - fn_iu_enact bakes the supersede/retire FSM in its CASE expression with a non-implementation return — the gap was always documented, just unfilled. Closing it required only authoring the two
CREATE OR REPLACE FUNCTIONbodies + DOT scan update. - Macro can do the "everything safe" surface but not the sovereign mutation — that surface boundary is constitutional, not a bug. Each macro should hand off a ready package, never simulate a mutation it cannot actually perform.
Memory updates worth making
- Update
project_dot_iu_cutter_v0_6_iu_core_7000x_governance_promotion_qdrant_executionstatus: 7000x's EXACT_GAP "compensation primitive gap" — CLOSED in 8000x by migration 026. The "governance authorship gap" — package authored and READY_FOR_OPERATOR in 8000x. - Add
feedback_harness_write_boundarymemory: "Anything that requires INSERT/UPDATE/DELETE oncutter_governance.*, orEXECUTEon side-effecting functions in production PG, is BLOCKED_EXTERNAL from this harness. Author the package in AUTHOR_MODE and escalate; do not simulate the mutation."