One-Roof Release Management Finalization & Gate Monitoring — 00 README-First Final Release Status (2026-06-03)
00 — README FIRST: Final Release Status
ONE_ROOF_RELEASE_MANAGEMENT_FINALIZATION_AND_GATE_MONITORING — 2026-06-03
Status: PASS (12/12). Release readiness GO; production execution NO-GO until os_proposal_approvals ≥ 1 (human L2/L4 ratification — the single blocker, unchanged).
One-paragraph status
The One-Roof governance Phase-1 production rollout is engineering-complete and execution-proven. This macro independently hash-audited the canonical release package (25/25 OK), ran the canonical executor end-to-end from a true greenfield clone of current production to the exact finalized invariants (gap 210→0, containment 35/0, divergent 0, critical 0, emit fail-closed) — exit 0, all 8 tiers — then rolled it back idempotently to baseline and proved the executor refuses re-application. It produced operator runbooks, a live-validated read-only gate monitor, and the exact post-ratification execution prompt, and it rejected Option 3 (inert shadow) on the finding that a shadow deploy would make the canonical preflight abort. Zero production mutations: production entry baseline == exit baseline.
Read in this order
| Doc | Purpose |
|---|---|
| 00 (this) | status + map |
| 01 | state recovery + live prod/clone baselines |
| 02 | artifact verification + SHA-256 audit (25/25 OK) |
| 03 | clone executor rehearsal — greenfield→finalized→rollback (headline) |
| 04 | operator runbook — non-technical (the owner) |
| 05 | operator runbook — technical (the engineer) |
| 06 | gate monitor + ready checklist (live-validated BLOCKED) |
| 07 | exact post-gate execution prompt (paste when gate opens) |
| 08 | Option 3 inert shadow — rejected, with evidence |
| 09 | final GO/NO-GO matrix |
| 10 | self-review |
SQL / artifacts in this package
sql/gate_monitor/{gate_check.sql, gate_check.sh}— read-only gate monitor (validated live).sql/final_executor_copy/— verified copy of the 9 canonical executor files.sql/final_rollback_copy/— verified copy of the 2 rollback files.sql/final_verify_copy/— verified copies ofbaseline_probe,ui_read_contract,clone_revalidate.sql/clone_rehearsal/{_rehearsal_executor.sql, _rehearsal_rollback.sql}— the clone-only variant actually run in doc 03 (guards target the rehearsal DB; never run againstdirectus).manifest-sha256.txt— this package's hashes (29/29 OK).
The single blocker — and what opens it
os_proposal_approvals = 0. The Tier-3 ownership seed asserts sovereign accountability (GOV-COUNCIL / GOV-KG-SYS / GOV-DOT / GOV-MOIT for 35 collections); on a system where directus is production, that must be human-ratified. Only Option 1 (human ratification) opens the gate. Override (Opt 2) and shadow (Opt 3) are declined.
What to do
- Owner: read doc 04. If you intend the accountability assertion, complete ratification for the authorization-model APR. Nothing else is needed from engineering.
- Engineer, after ratification: run
sql/gate_monitor/gate_check.sql; ifREADY, paste doc 07's prompt into a fresh Agent session. It hard-stops if still blocked.
Canonical release package (the thing under management)
knowledge/dev/reports/architecture/one-roof-production-release-engineering-ultra-macro-2026-06-03/ — executor sql/prod/99_run_all.sql, rollback sql/prod_rollback/, verify sql/prod_verify/. Hash-verified 25/25 this run.
Live baseline at publication (production, read-only)
db=directus, ospa=0, ownership=0, gap=210, conflict=0, gov_emit=0, inventory=35, scopes=6, axis=absent, idle=0, system_issues=204,556. Gate monitor verdict: BLOCKED — ospa<1.