Incomex AI Portal
KB-6E86

FIX7 P0 — Production-Rehearsal-Only Rollback + CI-Resolution Report (2026-06-12)

13 min read Revision 1
tool-kiem-thufix7p0production-rehearsal-onlyreport2026-06-12
<!-- DOC_STATUS: ACTIVE_NON_AUTHORITY -->

FIX7 P0 — Production-REHEARSAL-ONLY Rollback + CI-Resolution Report (2026-06-12)

Macro: FIX7_P0_PRODUCTION_REHEARSAL_ONLY_ROLLBACK_AND_CI_RESOLUTION_LANE_MACRO_2026_06_12 Delegated decision consumed: AUTHORIZE_PRODUCTION_REHEARSAL_ONLY Final status: FIX7_P0_PRODUCTION_REHEARSAL_ONLY_ROLLBACK_READY Host: T1 OR T2 / CLEAN TERMINAL · Authority: REHEARSAL-ONLY (not production authority)

Production mutation: NO · REAL_RUN/QT001/cutover: NO · production CI/deploy trigger: NO · secrets/credentials change: NO · live production contact: NONE.

A clone rehearsal is not production execution. This lane authorizes nothing in production; production remains HOLD_PRODUCTION.

1. Final status and headline verdicts

dimension verdict
Final status FIX7_P0_PRODUCTION_REHEARSAL_ONLY_ROLLBACK_READY (status A)
Production mutation NO
REAL_RUN / QT001 / cutover NO
Isolated clone PROVEN_ISOLATED_NOT_PRODUCTION (local mktemp sqlite clone under /private/tmp)
Rehearsal execution PASS (RX-0..RX-6 all PASS)
Rollback PROVEN_IN_STAGING on clone (after_apply != before; after_rollback == before)
Hardened validator PASS (selftest PASS; rehearsal PASS; fabricated no-mutation entry fails closed); local copy byte-exact to canonical e6547e69…956c47
Bad-input probes 10/10 fail closed, control allowed, no PRODUCTION_PASS/REAL_RUN_PASS/CUTOVER_PASS/seal-like token leaked
CI UNKNOWN cleanly classified (unresolvable read-only — gate not yet designed → FIX7-P0-PROD-CI-SCOPE-1 stays OPEN; does NOT affect clone-rehearsal safety)
Forbidden surfaces 13/13 untouched / not-requested
Production blocker map 7 OPEN; FIX7-P0-DRYRUN-PROD-ROLLBACK-1 partially discharged (clone leg proven, production leg OPEN)
Decision packet updated; default HOLD_PRODUCTION; no production option selected

Evidence packet tree (packet_tree.sha256): 7a9364c5b64d95350da4023ad101a902fc77eb994c487f995412fe547bd847f9.

2. Preflight (Workstream A) — all verified from governed KB bytes

  • FIX7_P0_PRODUCTION_READINESS_SURFACE_SCOPING_READY — confirmed (registry JSON rev24 aded8857…, MD rev24 0cf39cd4…, 00-index rev116 4cead553…; canonical body max 461; fold 442..461 APPLIED; addendum 462..484 APPLY_NOW=NO; production BLOCKED, 7 OPEN; default HOLD).
  • FIX7_P0_NO_PRODUCTION_IMPLEMENTATION_EXECUTION_AND_REVIEW_APPLIED — confirmed.
  • Hardened rollback validator available and byte-exact (hardened_dryrun_validator.py sha256 e6547e6935cb01aae5feb405899c97107f1990ff3e2f7e6b9157828a90956c47); fake no-mutation rollback fails closed (ROLLBACK_APPLY_DID_NOT_MUTATE).
  • Canonical governance folded through 461.
  • P7 alone does not authorize production; a rehearsal-only decision does not authorize production execution.

No preflight gate failed → the lane proceeded.

3. Isolated rehearsal target lock (Workstream B)

Selected target: local temp clone — a disposable mktemp directory under /private/tmp holding a local sqlite birth_registry (model of the production object-birth surface) and a model of the canonical executor (sql/prod/99_run_all.sql). Isolation proof (rehearsal-target-lock.json): is_production=false; no connection to production PG/Directus/system_issues/registry-row; disposable; cleanup rm -rf; no query_pg/directus_*/ write_file(VPS)/network/MCP call made by the rehearsal. Verdict: PROVEN_ISOLATED_NOT_PRODUCTION.

Production targets (real Directus PG, real birth surface) were enumerated and explicitly not selected (allowed=false). An operator-provided production-shaped DB dump clone is listed as the not-yet-available target needed to extend the rehearsal to production-shaped data.

The actual mktemp suffix is logged out-of-band (stderr) and is intentionally not embedded in any hashed artifact, so the packet tree is reproducible; hashed files carry the normalized token /private/tmp/fix7-rehearsal-clone.XXXXXX.

4. Rehearsal execution + rollback on the clone (Workstream C)

rehearsal_clone_rollback.sh ran six steps on the clone only:

  1. RX-1 read-only entry==exit invariant — two reads of the registry are byte-identical (capture mutated nothing).
  2. RX-2 transactional rollbackBEGIN; INSERT birth row id=4; SELECT(applied); ROLLBACK. The in-transaction applied state (4 rows) differs from before (3 rows); after ROLLBACK the committed state returns to 3 rows, content hash restored. (Mirrors the proven BIRTH Stage-2.5 BEGIN..ROLLBACK pattern.)
  3. RX-3 committed change + snapshot restore — snapshot the db, COMMIT an insert (id=5), then restore from the before-state snapshot. after_apply (4 rows) differs from before; after restore (3 rows) equals before. (Mirrors the "already-committed → restore from before-state snapshot" path.)
  4. RX-4 canonical-executor integrity — the executor model sha256 is unchanged across the whole rehearsal (reported as an invariant, not a rollback entry).

Both rollback entries (RB-CLONE-TXN, RB-CLONE-SNAP) satisfy: before_hash present, after_apply_hash != before_hash (real mutation), after_rollback_hash == before_hash == expected (exact restore), restored_match=true, production_rollback_status=NOT_APPLICABLE. Row counts before==after (3==3) on both.

5. Hardened validator (Workstream C cont.)

run_hardened_validator.py exercised the canonical hardened validator three ways (hardened-validator-result.json):

  1. --selftestPASS (real frozen T1 evidence passes; fabricated no-mutation rollback fails closed).
  2. check_rollback_proof on this lane's rollback-recovery-proof.jsonno fail codes (PASS).
  3. Negative control — forcing after_apply_hash == before_hash on a real entry → fails closed (ROLLBACK_APPLY_DID_NOT_MUTATE).

Local validator copy sha256 e6547e69…956c47 == canonical → validator_is_canonical_byte_exact=true.

6. CI UNKNOWN resolution (Workstream D)

The one UNKNOWN — FIX7 blueprint CI/deploy seal-vs-bytes enforcement (ci-deploy row 4 / planning surface 10) — was checked read-only against governed KB: the gate is not yet designed, so there is no artifact to read and it is unresolvable read-only. It is therefore cleanly classified as the remaining blocker FIX7-P0-PROD-CI-SCOPE-1 (actor: owner + operator; input: owner decides whether a seal-vs-bytes gate is wanted, then operator designs it in a throwaway non-production branch first). It does not affect clone-rehearsal safety. No CI was triggered. The three known CI surfaces (Nuxt deploy, 99_run_all.sql executor, snapshot cron) were re-classified as KNOWN_GATED / KNOWN_LOW.

7. Bad-input probes (Workstream E)

rehearsal_bad_input_probes.py (purely local/static) fed 10 invalid requests to a fail-closed rehearsal-only gate: B1 production target, B2 REAL_RUN, B3 QT001/apply, B4 cutover, B5 CI deploy, B6 secrets change, B7 missing rollback proof, B8 fake rollback (after_apply==before), B9 PASS without proven isolation, B10 production-PASS from rehearsal lane. All 10 fail closed; a well-formed rehearsal-only control is correctly allowed (detector-correctness); no PRODUCTION_PASS / REAL_RUN_PASS / CUTOVER_PASS / seal-like (*_PASS|*_AUTHORIZED|*_GRANTED) token is emitted. any_fail_open=false, forbidden_token_leaked=false.

8. Forbidden-surface proof

forbidden-surface-proof.json: production PG, production Directus, production system_issues, production registry-row, production CI/deploy, secrets/credentials, REAL_RUN, QT001/apply, permit/activation/repoint/cutover, live running system, P7-pinned canonicalizer body, and canonical registry/index fold are all UNTOUCHED / NOT_REQUESTED. The only writes this lane made were (a) local disposable clone files under /private/tmp and (b) additive KB documents via upload_document. No patch_document, delete_document, query_pg, pg_schema, directus_*, write_file(VPS), docker_logs, git push, or CI trigger.

9. Updated production blocker map (Workstream F)

7 OPEN. This lane partially discharges FIX7-P0-DRYRUN-PROD-ROLLBACK-1: the clone-rehearsal leg is proven (snapshot→apply→rollback→restore byte/row-exact under the hardened validator, zero production risk), but the production leg remains OPEN — it requires an operator-provided production-shaped DB dump clone (or production rehearsal) plus production OPT-4 plus a distinct production-rollback authorization. FIX7-P0-PROD-CI-SCOPE-1 is classified (design off-production first). The other five blockers are unchanged. Nothing production was performed.

10. Decision packet (Workstream F)

fix7-p0-owner-gpt-production-decision-packet-after-rehearsal-2026-06-12.md is updated with the allowed options (HOLD_PRODUCTION [default], AUTHORIZE_PRODUCTION_DRYRUN_ONLY, AUTHORIZE_PRODUCTION_REALRUN_PRECHECK_ONLY, AUTHORIZE_PRODUCTION_EXECUTION). Default remains HOLD_PRODUCTION; no production option is selected.

11. Open blockers (owner/operator only)

blocker status this lane actor next action blocks
FIX7-P0-DRYRUN-PROD-ROLLBACK-1 partially discharged (clone leg proven) operator (+sep. auth) provide production-shaped DB dump clone + snapshot/restore tooling; rehearse; then production rehearsal under OPT-4 + distinct prod-rollback grant production
FIX7-P0-PROD-CI-SCOPE-1 classified (not yet designed) owner + operator design seal-vs-bytes gate in throwaway non-prod branch production-ci
FIX7-P0-PROD-BIRTH-SURFACE-1 OPEN owner + operator scope exact production birth-write surface production
FIX7-P0-PROD-OPT4-1 OPEN owner issue production OPT-4 production
FIX7-P0-PLAN-REALRUN-1 OPEN (probe B2 fail-closed) owner separate REAL_RUN grant REAL_RUN
FIX7-P0-PLAN-SEPARATE-AUTH-1 OPEN (probes B3/B4 fail-closed) owner per-action grant apply/permit/activation/repoint/cutover
FIX7-P0-OPERATOR-INPUT-1 narrowed operator production surface map + production-shaped clone/dump + snapshot/restore design production

12. Governance

TKT-OBJ-485..494 reserved via the standalone addendum fix7-p0-production-rehearsal-only-rollback-governance-addendum-2026-06-12.md, above ceiling 484 (462..484 reserved by the prior production-readiness addendum), APPLY_NOW=NO, no canonical fold. Canonical registry JSON rev24 / MD rev24 / 00-index rev116 are not modified by this lane.

13. Self-check (section 7 of the macro)

  1. Avoided production mutation — YES. 2. Avoided REAL_RUN/QT001/cutover — YES.
  2. Avoided production PG/Directus/system_issues mutation — YES. 4. Avoided production CI/deploy trigger — YES. 5. Avoided secrets/credentials changes — YES. 6. Proved clone isolation before rehearsal — YES. 7. after_apply_hash != before_hashYES (both entries). 8. Rollback restored expected state — YES (after_rollback == before, rows 3==3). 9. Used hardened validator — YES (byte-exact canonical). 10. Bad inputs failed closed — YES (10/10). 11. Avoided selecting a production decision — YES (default HOLD). 12. Final status consistent with evidence — YES (…ROLLBACK_READY).

14. Minimal next macro

Owner/operator production decision (default HOLD_PRODUCTION). If not HOLD, the highest-leverage next step is a separately-authorized lane that takes an operator-provided production-shaped DB dump clone and proves snapshot/restore on it (extending the clone leg of FIX7-P0-DRYRUN-PROD-ROLLBACK-1), still with no production contact — before any production OPT-4, REAL_RUN, QT001/apply, or cutover, each of which needs its own explicit grant.

Back to Knowledge Hub knowledge/dev/reports/architecture/fix7-p0-production-rehearsal-only-rollback-report-2026-06-12.md