IU CUT Operational Pipeline — 01 Hard Gate + Baseline + Backup
01 — Hard Gate 0, baseline survey, pg_dump backup
Hard Gate 0 probe (write channel)
| Check | Method | Result |
|---|---|---|
| SSH to host | ssh contabo "echo SSH_OK" |
OK |
| Docker postgres container | docker ps | grep postgres |
container postgres present |
| psql as workflow_admin | psql -U workflow_admin -d directus -c "SELECT current_user, pg_has_role(...,'workflow_admin','MEMBER')" |
current_user=workflow_admin, is_admin=t |
| PG version | SELECT version() |
PostgreSQL 16.13 (Debian) |
| BEGIN/ROLLBACK DDL | TEMP TABLE create + ROLLBACK | BEGIN_ROLLBACK_OK |
| pg_dump | pg_dump -Fc to /tmp/ |
83,432,263 B → file present |
| job_queue exists | pg_tables lookup | yes |
| job_dead_letter exists | pg_tables lookup | yes |
| queue_heartbeat exists | pg_tables lookup | yes |
NVSZ tables (iu_staging_record, iu_staging_payload) |
pg_tables lookup | yes, both in iu_core schema |
| MARK/CUT operator aliases | pg_proc | 5/5: fn_iu_op_mark_file, fn_iu_op_verify_mark, fn_iu_op_cut, fn_iu_op_verify_cut, fn_iu_op_cleanup_dry_run |
| Phase 3B vocab sync | fn_iu_section_type_vocab_sync_check() |
PASS in_sync=17 orphan=[section] |
cut_request table |
pg_tables lookup | absent (safe to create) |
pg_cron extension |
pg_extension lookup | absent (must remain absent) |
production_documents table |
pg_tables lookup | absent (must remain absent) |
Hard Gate 0 verdict: PASS — write channel open, prerequisites met, scope free.
Privileges on workflow_admin
Role memberships verified: context_pack_readonly, cutter_exec, cutter_ro, cutter_verify, directus, incomex, pg_checkpoint, pg_create_subscription, pg_database_owner, pg_execute_server_program, pg_monitor, pg_read_all_data, pg_read_all_settings, pg_read_all_stats, pg_read_server_files, pg_signal_backend, pg_stat_scan_tables, pg_use_reserved_connections, pg_write_all_data, pg_write_server_files, workflow_admin.
Notably pg_read_server_files — required for pg_read_file(absolute_path) server-side reads from inside fn_cut_copy_to_staging. Probe confirmed: pg_read_file('/tmp/probe_path.txt'::text) returns content for workflow_admin.
Baseline counts (pre-mission, 2026-05-26 16:25)
iu_core.iu_staging_record : 5
iu_core.iu_staging_payload : 10
public.information_unit : 192
public.iu_vector_sync_point : 152
public.event_outbox : 135,816
public.job_queue : 6 (Phase 3 pilot legacy jobs)
public.job_dead_letter : 0
public.queue_heartbeat : 2
public.production_documents : absent
pg_cron : not installed
public.tables_total : 373
public.views_total : 58
public.fns_total : 527
Gate states at start:
iu_core.composer_enabled = false
iu_core.operator_runtime_enabled = false
queue.job_substrate.enabled = false
queue.worker.enabled = false
queue.heartbeat.enabled = true
queue.runtime.phase = phase2_governance
queue.dlq.replay_enabled = false
queue.lease.reaper_enabled = false
MARK/CUT alias signatures (pre)
fn_iu_op_mark_file(p_source_text, p_source_ref, p_pieces, p_actor, p_source_kind, p_idempotency_key, p_mark_report_md, p_workflow_ref) — workflow_ref='operational-cut-workflow' enforced.
fn_iu_op_verify_mark(p_staging_record_id, p_approve, p_approval_doc_id, p_approver, p_actor).
fn_iu_op_cut(p_staging_record_id, p_apply, p_actor, p_open_composer).
fn_iu_op_verify_cut(p_run_id, p_actor).
fn_iu_op_cleanup_dry_run(p_older_than_days=15, p_actor).
All bodies left untouched by this mission (md5 of concatenated pg_get_functiondef text = eb7e8ce2a29f0140dba6c3382679e313 at exit).
pg_dump (pre + post)
pre : /tmp/predmp_iu_cut_op_pipeline_20260526_162516.dump
83,432,265 B md5 a5f8a6b362006aaf184403bedf34ed45
post : /tmp/postdmp_iu_cut_op_pipeline_20260526_164434.dump
83,484,873 B md5 f515e704f690ae8822efcbbddedf50ce
delta: +52,608 B
Delta accounts for: mig 052 substrate (2 tables, 9 fns, 4 views, 13 dot_config rows), 8 new Điều 38 IUs, 10 cut_request_transition rows, 7 new job_queue rows, 4 new iu_staging_payload rows, 2 new iu_staging_record rows, background event_outbox delta.
Source of truth — Điều 38 v3.0 DRAFT
Stored in public.knowledge_documents id=1090 (is_current_version=t, slug=dev-laws-dieu38-normative-document-law).
file_path : knowledge/dev/laws/dieu38-normative-document-law.md
length : 6211 unicode chars
bytes : 7736 UTF-8 bytes
md5 : fdacc492e62c40f1364392943a310769 (matched by fn_cut_copy_to_staging post-write)
Server tempfile after COPY:
/tmp/cut_zone/dieu38_1090.md
owner postgres:postgres
7736 bytes
md5 fdacc492e62c40f1364392943a310769
Source bytes never flowed through Agent prompt tokens — the content was written server-side via psql ... \\copy → lo_export(lo_from_bytea(convert_to(content,'UTF8'))) and then read by pg_read_file inside the COPY function.