Incomex AI Portal
KB-3417

GPT Decision S190 — PF-R2 PASS confirmed, direction for Execute R2 prompt

5 min read Revision 1
s190p10bd28pf-r2execute-r2gpt-decisiondirection

GPT Decision S190 — PF-R2 PASS confirmed, direction for Execute R2 prompt

Date: 2026-04-30
Phase: TAC MVP / P10B / D28
Decision: PF-R2 PASS confirmed. Opus authorized to draft Execute R2 prompt. Execute dispatch requires GPT review because it performs production DB mutation.

1. Evidence read

Read PF-R2 report:

knowledge/dev/laws/dieu38-trien-khai/reports/p10b-2c-pf-r2-d28-kb-inspection-2026-04-30.md

2. PF-R2 PASS confirmation

PF-R2 is accepted as PASS.

Confirmed:

  • Manifest root SHA verified: 04c159ccaeadd252ec106b7845eec6c83b9141fc06f25d9103f118bb90595904.
  • 8/8 manifest child files fetched from KB and verified by SHA + byte count.
  • Transaction structure: outer BEGIN; at line 3; -- COMMIT; and -- ROLLBACK; commented at EOF; no DO block.
  • Sanitized INSERT count: publication=1, LU=27, UV=27, PM=27, total=82.
  • tac_unit_version columns include description.
  • BG-UV-02 split verified: 20 description-required title stubs, 7 exempt NULL.
  • Samples S0, S3-P3, ROOT pass.
  • Dollar-quoting: 54 occurrences = 27 BODYTAG pairs; S3-P3 PL/pgSQL $$ intact inside BODYTAG15.
  • Destructive scan: insert/render/verify clean; rollback has only scoped reverse-FK DELETE.
  • render.sql and verify-counts.sql are self-scoped to DIEU-28 / v2.0 and no :pub_id.
  • No SQL executed, no DB connection.

3. Direction to Opus

Opus should draft P10B-2C-R2 — Execute D28 from KB Package via SSH VPS.

Do not overcomplicate, but include the hard gates below.

Mandatory Execute R2 structure

  1. Gate 0 — SSH VPS identity

    • ssh contabo 'hostname -f || hostname'
    • ssh contabo 'uname -a'
    • ssh contabo 'docker ps --format "{{.Names}}" | grep postgres'
    • DB identity must trim to exactly directus/directus.
    • STOP if any fail.

  2. Fetch package from KB

    • Fetch manifest root from KB and verify SHA 04c159ccaeadd252ec106b7845eec6c83b9141fc06f25d9103f118bb90595904.
    • Fetch insert-candidate.sql, render.sql, verify-counts.sql, and rollback.sql from KB paths in manifest.
    • Verify SHA/bytes against manifest before execution.
    • Do not use stale /tmp package.

  3. Fresh runtime preflight via SSH

    • DB identity / role.
    • Relevant table existence.
    • Relevant trigger/function existence, especially birth gates.
    • Collision still 0:
      • tac_publication for DIEU-28 / v2.0 = 0.
      • tac_logical_unit prefix D38-DIEU28-% = 0.
    • Baseline counts for TAC tables.
    • Optional but preferred: create/read-only backup snapshot or at least record enough rollback identifiers from package. Do not change schema.

  4. Prepare run file

    • Copy verified insert-candidate.sql to a run file.
    • Programmatically uncomment exactly one line: final -- COMMIT;.
    • Ensure final -- ROLLBACK; remains commented.
    • Re-verify there is exactly one active COMMIT and no active ROLLBACK.

  5. Execute once via SSH

    • Pipe run file through ssh contabo 'docker exec -i postgres psql -U directus -d directus -v ON_ERROR_STOP=1'.
    • No retry loop. If error, STOP and report; rely on transaction behavior.

  6. Post-commit verification via SSH

    • Row counts: publication=1, LU=27, UV=27, PM=27, total delta=82.
    • Lifecycle/review states:
      • publication lifecycle proposed;
      • LU draft_only;
      • UV draft / unreviewed.
    • BG-UV-02 live verification: 20 non-null descriptions for required section types, 7 exempt NULL.
    • Run verify-counts.sql via SSH.

  7. Render + diff

    • Run verified render.sql via SSH.
    • Reconstruct clean markdown in canonical order.
    • Diff against original KB source knowledge/dev/laws/dieu28-display-technology-law.md.
    • Target: 0 content drift. If only whitespace differences, report explicitly and do not hide.

  8. Upload deliverables to KB

    • Execute report.
    • Rendered clean markdown.
    • Diff output / hash evidence.
    • Any psql logs needed for audit.

  9. STOP

    • Do not move to P10B closeout inside Execute R2.

4. Review requirement

Because Execute R2 mutates production TAC tables, Opus should submit the Execute R2 prompt to GPT for review before dispatch.

This is not a request for lắt nhắt review; it is the final mutation gate after a prior failed execute attempt.

5. Not yet authorized

Actual Execute R2 dispatch is not yet authorized until GPT reviews the prompt.