Incomex AI Portal
KB-1A0E

D2-supp — Endpoint / Dry-Run Ladder + Current Blocker (companion to D2)

4 min read Revision 1
dot-kgsopd2companionendpointdry-run2026-06-04

D2-supp — Endpoint / Dry-Run Ladder + Current Blocker

STATUS: DRAFT / CANDIDATE companion to d2-dot-kg-process-family-sop-runbook-2026-06-04.md. Adds the contract→endpoint→dry-run ladder and the exact current blocker. Do not execute any DOT_KG_*. 0 production mutation.

1. The runtime ladder (where dot:kg sits)

structural_candidate
  → simulated_observed        (SIMULATED_DRY_RUN obs; no real call)   ← dot:kg has this
  → contract_ready            (dot_agent_api_contract row)            ← dot:kg has this
  → dispatcher_ready          (fn_process_agent_api_dispatch exists)  ← dot:kg has this
  → plan_only_tested          (prepared obs via dispatcher)           ← dot:kg IS HERE
  → [BLOCKER] endpoint bound  (dot_agent_api_contract.endpoint_ref)   ← MISSING
  → dry_run_ready
  → dry_run_observed          (real no-mutation DRY_RUN obs)
  → real_run_observed         (correlated REAL_RUN)
  → verified_candidate
  → owner + birth

2. The current blocker (precise)

dot_agent_api_contract.endpoint_ref is NULL for DOT_KG_EXPLAIN and DOT_KG_EXPLAIN_VERIFY. "agent_api" = LLM/agent invocation; there is no executor service, route, or credential on the VPS (10 containers, none a DOT executor). The dispatcher refuses DRY_RUN while endpoint_ref IS NULL. The verifier half is deterministic and was implemented as fn_dryrun_fixture_selfcheck (proven), but it is a harness, not the agent_api DOT, and is not bound.

3. The dry-run shape (when the endpoint exists)

  1. producer endpoint consumes FIXTURE:dot:kg:explain:v1, emits a grounded explanation to DRYRUN-NS:dot:kg:explain (memory only, no DB write);
  2. verifier (deterministic checker or re-classified agent_api verifier) confirms no hallucinated nodes / target referenced / edges valid;
  3. SELECT fn_process_agent_api_dispatch('DOT_KG_EXPLAIN', '<corr>', 'agent', 'DRY_RUN', true, '<root>'); records a real DRY_RUN observation;
  4. status advances plan_only_tested → dry_run_observed.

4. Safe commands (no execution)

  • Self-check a fixture: SELECT fn_dryrun_fixture_selfcheck('<fixture jsonb>'); — pure, no writes.
  • Inspect ladder: SELECT * FROM v_process_discovery_candidate_status_v6 WHERE candidate_code='PROC-CAND:dot:kg';
  • Inspect endpoint: SELECT * FROM v_process_discovery_agent_api_endpoint_status WHERE candidate_code='PROC-CAND:dot:kg';
  • Inspect next action: SELECT policy_state, next_required_action FROM v_process_discovery_auto_workflow_policy_gaps WHERE candidate_code='PROC-CAND:dot:kg';

5. Runbook warnings (carried + new)

  • The dispatcher cannot execute a DOT; it only validates and writes SIMULATED observations.
  • DRY_RUN is refused without a bound endpoint (schema CHECK + dispatcher guard).
  • trg_apr_auto_approve auto-approves approval_requests.action='add' → use action='review'.
  • KB-doc ingestion creates births (expected, background).
  • Deep candidate_status_v6/_v5 views can hit the RO 5s timeout — query via app/RW.
  • No production DOT has ever executed (0 executions, 0 DRY_RUN, 0 REAL_RUN, 0 KG events).

6. Verifier re-classification note

If governance re-classifies DOT_KG_EXPLAIN_VERIFY from agent_api to deterministic, the verify half needs no endpoint and fn_dryrun_fixture_selfcheck (or an app twin) is its real implementation. Owner decision (see report doc 08).