03 - O4 Implementation Summary

Local commit

6625f76 feat(orchestrator): add O4 live dry-run orchestration

Committed on branch:

feature/constitution-snapshot-mark-dryrun

No fast-forward of main; no push/tag/deploy.

Files changed

• cutter_agent/orchestrator/__init__.py
• cutter_agent/orchestrator/discover.py
• cutter_agent/orchestrator/phases/source_pin.py
• tests/test_orchestrator_o2_e2e.py
• tests/test_orchestrator_o4_live_dryrun.py

Additions

• LiveReadOnlyDiscoverer.deployment_grant_matrix()
  • read-only catalog query for grant gate facts.
  • no table mutation; no secret/DSN/host ownership.
• LiveDryRunDiscoverer
  • requires ReadOnlyRoleStatus.is_read_only.
  • seeds source document/version, mark rows, vocab, grant matrix, function fingerprints from live survey facts.
  • uses InMemoryDiscoverer simulator methods for all runner phase bodies.
• source_pin optional hook:
  • if a discoverer has pin_live_context(ctx), live facts are pinned into RunContext.context_pins.
  • existing discoverers are unchanged.
• O4 tests:
  • live-readonly seed builds full dry-run discoverer.
  • runner reaches SG1 pause, SG2 pause, closeout, idempotent closeout resume.
  • Mode.LIVE remains refused.
  • kill-switch remains false.

Version marker

milestone=O4
version=0.6.0-O4-live-dryrun-orchestration
execution_enabled=False

Static safety

git diff --check: <empty>
hardcoded secret/runtime scan: <empty>

Scan covered orchestrator code and O4 test for SSH/host/IP/docker strings, DB password/env names, known prior IDs, and accidental __execution_enabled__ = True.

Result

G2 PASS.