One-Roof Nonprod Clone Extended — 08 Clone Lifecycle Decision (Obj G, RETAIN)
08 — Objective G: Clone Lifecycle Decision
Decision: RETAIN the clone directus_gov_test_20260602 as the governance regression harness host. Drop/reset/compact are all one command away and documented below.
Rationale
| factor | assessment |
|---|---|
| Disk cost | 1200 MB on a host with 22 GB free (75/96 GB used). Negligible. |
| Value | Now hosts the reusable regression suite (doc 02) and is the canonical re-run target for the axis prototype (doc 03), event sim (doc 04), and DOT rehearsal (doc 05). Re-cloning to re-test would cost ~1.2 GB of dump/restore each time. |
| Isolation | Proven: invisible to Directus (DB_DATABASE=directus), unreadable by the MCP query_pg allowlist, 0 app connections, 0 worker leases. |
| Drift risk | Low — committed state is small and verified (own=30, gap=0, candidates 5/35, cursor 1); the regression suite detects any drift on each run. |
| Naming | Clearly non-production (directus_gov_test_ prefix) and every mutation script hard-guards on it. |
Retention does not affect production (proven byte-unchanged, doc 10).
Committed clone state (the evidence to preserve)
own=30 (CLONE_TEST_F6_SEED) | gap=0 | ruleset=1 (RS-CLONE-TEST-1) | scan_run=2 | cand_state=5 | cand_object=35 | cursor=1 (clone-test-worker, wm-2, events_seen=20) | gov_emit=0 | gov_active=0 | dot_tools=309 | axis_tables=0
This is the fully-advanced A→G pipeline result. The regression suite (doc 02) asserts exactly this on every run.
Lifecycle levers (exact commands)
Re-run the regression suite (no state change):
cat sql/A_coverage_regression_suite_clone.sql | \
ssh contabo "docker exec -i postgres psql -U workflow_admin -d directus_gov_test_20260602 -P pager=off -f -"
Reset-in-place to clean F-6 baseline (keep the DB, wipe only the governance test data):
-- FK order: object -> state -> scan_run -> cursor -> ruleset, then ownership
DELETE FROM governance_candidate_object WHERE ruleset_version='RS-CLONE-TEST-1';
DELETE FROM governance_candidate_state WHERE ruleset_version='RS-CLONE-TEST-1';
DELETE FROM candidate_scan_run WHERE run_id LIKE 'SCAN-CLONE-TEST-%';
DELETE FROM gov_worker_cursor WHERE worker_name='clone-test-worker';
DELETE FROM governance_ruleset WHERE ruleset_version='RS-CLONE-TEST-1';
DELETE FROM governance_object_ownership WHERE created_by='CLONE_TEST_F6_SEED';
-- result: own=0, gap=210, candidates=0 (clean F-6 baseline)
Compact (if it ever grows): VACUUM (FULL, ANALYZE); per table, or simpler — drop + re-clone (below). Not needed at 1200 MB.
Drop / teardown (already proven idempotent at clone creation):
ssh contabo "docker exec postgres psql -U workflow_admin -d postgres -c \
\"DROP DATABASE IF EXISTS directus_gov_test_20260602;\""
Re-clone from scratch (if dropped):
ssh contabo "docker exec postgres bash -c \
'psql -U workflow_admin -d postgres -c \"DROP DATABASE IF EXISTS directus_gov_test_20260602;\" && \
psql -U workflow_admin -d postgres -c \"CREATE DATABASE directus_gov_test_20260602;\" && \
pg_dump -U workflow_admin directus | psql -U workflow_admin -d directus_gov_test_20260602'"
(CREATE DATABASE … TEMPLATE directus is rejected — the template has live app connections; use dump|restore.)
Recommendation
Keep until production rollout (the human gate) lands and the production seed + verify are run. At that point the clone has served its purpose; drop it with the one-liner unless an axis/emit/DOT follow-up is queued.