11 — Step G: Production Rollout Lessons & Packet

The clone run confirms the production coverage rollout is a known, low-variance operation once the sovereign gate opens.

Precondition (the ONE human gate): os_proposal_approvals>=1 — produced by L2 quorum + L4 President e-signature ratifying APR-BOOT-AUTHMODEL-1. Until then every production activation step is NO-GO. Human/process action; nothing technical substitutes.

Phase 1 — Ownership seed (only step needed for 100% coverage): SQL = existing production commit_ready_f6_ownership_seed.sql (self-guarding; aborts unless ospa>=1 AND gap=210 AND own=0 AND conflict=0), run with -v ratified_apr=<APR-CODE>. Channel: ssh contabo → docker exec -i postgres psql -U workflow_admin -d directus -f -. Expected deltas: governance_object_ownership 0→30; v_object_owner_gap 210→0; conflict 0; event_outbox(governance) 0 unchanged (0 triggers). Verification: own=30, gap=0, conflict=0, gov_emit=0; resolution 30 direct + 210 inherited; coverage_pct=100. Rollback: DELETE FROM governance_object_ownership WHERE created_by='F6_OWNERSHIP_SEED_COMMIT' → gap back to 210 (clone-proven).

Phase 2 — Candidate/scan materialization (optional, after Phase 1): seed real governance_ruleset then run scanner write-half. Clone-proven: 5 candidate_state + 35 candidate_object per ruleset version, idempotent (natural-key upsert), bounded (only candidate_scan_run appends one row/run). Requires valid source_snapshot_ref. Rollback: FK-ordered DELETEs.

Phase 3 — Emit activation (separate governed step; do NOT auto-enable): governance event types active=false; fn_event_type_validate rejects emit until flipped. Activation = UPDATE event_type_registry SET active=true per type + a dispatcher consuming event_outbox. Keep off until explicitly decided.

Safe to automate later: the seed once ospa>=1 (self-guarding, aborts on drift); scanner read+write (idempotent/bounded); cursor advance (guarded). Never automate: opening the sovereign gate (ospa>=1); flipping event_type_registry.active; any os_proposal_approvals/approval/law/version/status change.

Risk notes: production v_governance_object_inventory definition differs cosmetically from a dump-reload (array-cast rendering) — irrelevant to results but don't be alarmed by md5 diff after a restore; system_issues (9 triggers) and event_outbox (validation trigger) are NOT inert — never bulk-write as part of a scan; governance_object_ownership has 0 triggers — seed is a clean insert with no cascade.