O8E Report 07 — Approval package for the first orchestrator-managed production run (G7 / GAP7)

• macro: v0.6-o8e-pre-production-hardening-bundle
• date_utc: 2026-05-21 · host: Contabo vmi3080463
• gate covered: G7 — GAP7 approval package
• result: G7 PASS — approval package DRAFTED. No approval is requested or assumed; the kill-switch stays False.

1. Purpose

A drafted, ready-to-rule approval package for the sovereign. This macro does not request, grant, or assume any approval and does not flip __execution_enabled__.

2. Two-gate model — SG_1 / SG_2

The orchestrator enforces two sovereign gates (tests test_cut_leg_a_live_still_requires_sg1, test_lifecycle_enact_live_still_requires_sg2):

SG_1:  authorises the CUT — phases pre_write_backup → cut_leg_a → leg_b_record
       → write_verify. Outcome: new IUs in lifecycle_status='draft'.
SG_2:  authorises the ENACTMENT — phase lifecycle_enact (fn_iu_enact).
       Outcome: draft IUs become 'enacted' (immutable thereafter).

Recommendation for the first run: SG_1 only — cut to draft, STOP before lifecycle_enact. Enacting (SG_2) is irreversible (immutability triggers) and should be a separate, later sovereign decision once the draft cut is reviewed.

3. Execution-toggle policy (per O8 Report 04)

flag:            __execution_enabled__  in cutter_agent/orchestrator/__init__.py
default:         False (kill-switch armed)
who flips:       the sovereign, as the SG_1 ruling — NOT any macro/agent
scope:           SINGLE-RUN. Flip True immediately before the authorised run;
                 flip back to False immediately after (success OR failure).
                 Never leave True at rest.
re-check:        execution_enabled() is a function evaluated at call time +
                 the adapter re-checks it (_assert_live_allowed) — defence in depth.
mode:            run Mode.LIVE only for the approved run; the adapter refuses
                 any non-LIVE invocation.

4. Required KB approval ids

The first run consumes approval ids recorded in KB (the orchestrator pins consumed_approval_ids on RunContext). The sovereign ruling must publish:

kb:approval-sovereign-prod-write-1     # SG_1 — authorises the cut
kb:approval-u-w4b-grant-1              # grant probe — cutter_exec EXECUTE grant
# (SG_2 / kb:approval-sovereign-enact-1 — only if enactment is in scope)

(The names above are the placeholders the test fixtures already use; the sovereign ruling fixes the real ids.)

5. Pre-run prechecks (ALL must pass before the flip)

P1  deployed tree == O8D cad989a (83/83 sha256)            — O8E Report 01
P2  full suite 412/412 green on the deployed tree          — O8E Report 01
P3  GAP5 runtime dirs present (/var/lib/cutter/*)           — O8E Report 02
P4  F4 backup READY — BACKUP_GPG_FPR provisioned +
    backup_runner injected + rollback-only-proven          — BLOCKER (Report 03)
P5  F3 generalised governance_writer/verify_writer wired
    + real-DB rollback-only-proven                         — BLOCKER (Report 05)
P6  F2 live-text sourcing wired (real body/title)          — BLOCKER (Report 08)
P7  safe target selected + Mode.DRYRUN green               — BLOCKER (Report 06)
P8  GAP6 compensation runbook on-hand + pre.json captured  — Report 04
P9  before-run snapshot taken (158/165/60 + governance)    — Report 04 §2

6. Expected outputs (SG_1 cut, target = N units)

information_unit:   +N rows, lifecycle_status='draft'
unit_version:       +N rows
cutter_governance:  +1 cut_change_set, +1 manifest_envelope, +1 review_decision,
                    +1 verify_result, +signature rows
iu_lifecycle_log:   +0  (no enactment under SG_1-only)
KB:                 per-phase docs under the run's KB folder
sidecar:            /var/lib/cutter/runs/<run_id>/{state.json,kb/}

7. STOP conditions (abort the run, re-arm kill-switch)

- any fn_iu_create returns status != 'created'      → adapter ROLLBACK, STOP
- backup_runner returns an incomplete envelope      → StopInvariantFailed, STOP
- a cutplan row lacks body/title/unit_kind/section_type → fail fast pre-connect
- governance/verify writer returns incomplete ids   → ROLLBACK, STOP
- row counts drift from pre.json unexpectedly       → STOP, snapshot, escalate
- ANY unhandled error                               → flip execution_enabled
                                                       False, HOLD, route to GPT

8. Post-run verification

1. execution_enabled() == False  (flipped back)
2. counts == pre.json + expected delta (§6); nothing else moved
3. all new IUs lifecycle_status='draft' (SG_1-only)
4. governance ledger rows consistent; writer_digest recorded
5. KB phase docs uploaded; run sidecar archived
6. final run report → KB; route to sovereign for the SG_2 (enact) decision

9. Verdict

approval_package:   DRAFTED — SG_1/SG_2 semantics, toggle policy, approval ids,
                    9 prechecks, expected outputs, STOP conditions, post-run verify
approval_requested: NO — not requested, not assumed
execution_enabled:  False — unchanged
blockers_before_SG1: P4 (F4), P5 (F3), P6 (F2), P7 (target) — see Report 10
g7:                 PASS