One-Roof Nonprod Clone Extended — 01 Production & Clone Safety Gates (Hard Gate 0)
01 — Production & Clone Safety Gates (Hard Gate 0)
Verdict: PASS — production verified read-only; clone verified isolated. Both gates satisfied before any clone mutation.
Channels (strict separation)
| Channel | Reaches | Used for |
|---|---|---|
MCP query_pg (role context_pack_readonly, READ ONLY txn, 5s timeout, allowlist ['directus','incomex_metadata','workflow']) |
Production only — physically cannot read the clone | Production integrity proofs (entry/exit fingerprint) |
ssh contabo → docker exec -i postgres psql -U workflow_admin -d directus_gov_test_20260602 |
Clone only | All clone reads + (rollback-only / residue-free) clone mutations |
The allowlist exclusion of the clone DB is load-bearing: it makes the production read channel structurally incapable of observing clone work, so the production-unchanged proof can only ever reflect production.
Production read-only gate — PASS
current_database()=directus, host 172.19.0.3 (postgres:16). Entry counts:
own=0 | gap=210 | inventory=35 | containment=35 | scopes=6 | ruleset=0 | scan_run=0 | cand_state=0 | cand_object=0 | cursor=0 | gov_emit=0 | ospa=0 | system_issues=200480 | dot_tools=309 | idle_in_txn=0
All match the documented production baseline. os_proposal_approvals=0 ⇒ production persistent seed remains NO-GO (gate closed). No production mutation channel was opened at any point.
Clone isolation gate — PASS
- Name:
current_database()='directus_gov_test_20260602',name LIKE 'directus_gov_test_%' = true. Every clone mutation script carries a hard guard that aborts if this is false. - No app traffic: live connections to the clone DB = 1 (only the verification session). Directus binds
DB_DATABASE=directus; the clone is invisible to the app. - No outbound dispatch: all governance
event_type_registryrowsactive=false;event_outboxBEFORE-INSERT validation (fn_event_type_validate) rejects inactive/unknown types. No worker/daemon connects to the clone. No LISTEN consumer on the clone's NOTIFY channels. - Prior seed present:
governance_object_ownership= 30 rows, allcreated_by='CLONE_TEST_F6_SEED'. - Coverage = 100%:
v_object_owner_gap= 0 of 210 cells. - Candidate state bounded/idempotent (from prior run): ruleset=1, scan_run=2, cand_state=5, cand_object=35, cursor=1 (wm-2, events_seen=20).
- Rollback/drop plan exists: documented in the prior package
09and reconfirmed in doc 08 here. - No daemon/worker running:
dot_iu_runtime_lease=0(nothing executing); no background process.
Disk headroom
Server /: 75G used / 22G free of 96G. Clone size 1200 MB; production directus 1296 MB. Adequate for retention; no compaction required.
Decision
Both gates PASS ⇒ proceed with clone objectives. Mutating clone checks were all run residue-free (single BEGIN..ROLLBACK, or inner-subtransaction undo) so the clone's committed evidence state is preserved. Production was touched only by read-only query_pg queries.