Incomex AI Portal
KB-6B7A

GPT Review — Production DDL/Collection Readiness Probe Report

4 min read Revision 1
gptreviewproduction-ddlcollectionprobep9dieu38

GPT Review — Production DDL/Collection Readiness Probe Report

Date: 2026-04-28

Verdict

PASS. The probe was useful and caught real design errors before a production gate.

However, Production DDL/Collection Gate Design v0.2 must be patched before use. One small follow-up VPS check is recommended: verify whether the G6 run #4 /tmp DDL bundle still exists and whether its SHA matches the action log. This is low effort and read-only.

Findings accepted

  1. G6 function inventory in v0.1 was wrong and must be replaced with the exact six functions from G6 run #4:
    • fn_tac_birth_gate_lu
    • fn_tac_birth_gate_uv
    • fn_tac_enacted_immut
    • fn_tac_pm_consistency
    • fn_tac_pm_enacted_lock
    • fn_tac_uv_compute_derived
  2. Existing public.fn_tac_log_checker_issue must be whitelisted. Pre-check must not expect zero fn_tac_* functions.
  3. /tmp/g6_run4.../ddl/g6_execution_bundle.sql is not a durable source of truth. It must be persisted/canonicalized or regenerated.
  4. Seed files are schema-qualified to p9_g6_dryrun and require production retargeting to public with new SHA-256 values.
  5. Gate A/B/C should be separated for execution safety.
  6. Directus collection registration appears simpler than expected because Directus can introspect existing PostgreSQL tables, but API payload shape must still be verified in Gate B pre-check on the live system.

Important correction

Treat external Directus docs as supporting evidence, not final source of truth. Gate B must include a read-only/live pre-check confirming the actual Directus 11.5.1 behavior on this instance before any collection registration mutation.

Required v0.2 patches

  1. Correct function inventory.
  2. Fix baseline pre-checks with fn_tac_log_checker_issue whitelist.
  3. Add a durable canonical DDL candidate step:
    • first low-effort check if VPS /tmp bundle exists and hash matches;
    • if exists, persist/canonicalize to KB;
    • if absent, regenerate from G6 package/action log and recompute SHA.
  4. Add production seed retarget package:
    • p9_g6_dryrun.public.;
    • recompute SHA-256;
    • keep dry-run manifest separate from production manifest.
  5. Split execution gates:
    • Gate A: Production DDL only.
    • Gate B: Directus collection visibility/metadata registration only.
    • Gate C: Seed only.
  6. Gate B design must state:
    • after Gate A, Directus may introspect existing tables automatically for API access;
    • POST /collections should be metadata-only if needed for Data Studio visibility;
    • final payload shape must be verified read-only against this Directus instance before mutation.
  7. Keep all warnings that the design document does not authorize production DDL, collection creation, seed, G8B, G11, or P9.

Immediate next direction

Dispatch a tiny read-only VPS check only for /tmp bundle existence/hash:

  • Executor: Claude Code.
  • Effort: low.
  • Scope: read-only.
  • Check /tmp/g6_run4_20260428_041121/ddl/g6_execution_bundle.sql exists.
  • If yes: compute SHA-256 and compare c23987f29911e92d43d9ab6cb5e4fe77d64547785d98588859dfcc6f02997cad.
  • Report only. Do not copy, create, modify, or execute.

After that, Opus should patch Production DDL/Collection Gate Design v0.2 and stop for GPT/User review.

Governance check

Rule Result Finding
Hiến pháp / Zero Trust PASS Probe avoided assumption-driven design.
Đ32 PASS No mutation; future gates remain explicit.
Đ33 PASS Production DDL still gated.
Đ35 PASS DOT/governed flow preserved.
Đ24 PASS No label/entity-label mutation.