{"case_id":"CASE-DEMO-001","status":"blocked-before-live-provisioning","scope":"Read-only operator provisioning checklist for the first approved live OpenAI smoke run. It does not provision secrets, display secret values, record approvals, or call OpenAI.","environment":[{"label":"OPENAI_API_KEY","status":"missing","owner":"System administrator","route":"/cases/CASE-DEMO-001/readiness","detail":"Missing; live OpenAI route must remain blocked."},{"label":"DIGIBEAT_LLM_MODEL","status":"configured","owner":"Prompt/model owner","route":"/cases/CASE-DEMO-001/prompts","detail":"Configured model is gpt-4.1-mini; confirm this is approved before live validation."},{"label":"DIGIBEAT_DATABASE_PATH","status":"configured","owner":"System administrator","route":"/cases/CASE-DEMO-001/audit","detail":"Runtime SQLite path is /root/code/clmbs-workspace/var/digibeat-demo/pipeline.sqlite; persist or archive it if live evidence must survive restarts."},{"label":"Prompt registry path","status":"configured","owner":"Prompt owner","route":"/cases/CASE-DEMO-001/prompts","detail":"Filesystem prompt registry path: /root/code/clmbs-workspace/src/clmbs_digibeat_demo/prompts."}],"approval_preconditions":[{"label":"Data handling policy","status":"blocked","owner":"PitchAI reviewer / CLMBS decision owner","route":"/cases/CASE-DEMO-001/approvals","detail":"Record and accept this gate before provisioning live credentials for the smoke run: Data handling policy."},{"label":"Access and role model","status":"blocked","owner":"PitchAI reviewer / CLMBS decision owner","route":"/cases/CASE-DEMO-001/approvals","detail":"Record and accept this gate before provisioning live credentials for the smoke run: Access and role model."},{"label":"Live OpenAI validation","status":"blocked","owner":"PitchAI reviewer / CLMBS decision owner","route":"/cases/CASE-DEMO-001/approvals","detail":"Record and accept this gate before provisioning live credentials for the smoke run: Live OpenAI validation."},{"label":"Output and archive boundary","status":"blocked","owner":"PitchAI reviewer / CLMBS decision owner","route":"/cases/CASE-DEMO-001/approvals","detail":"Record and accept this gate before provisioning live credentials for the smoke run: Output and archive boundary."},{"label":"Anonymized learning","status":"blocked","owner":"PitchAI reviewer / CLMBS decision owner","route":"/cases/CASE-DEMO-001/approvals","detail":"Record and accept this gate before provisioning live credentials for the smoke run: Anonymized learning."}],"operator_steps":[{"number":"1","label":"Confirm approvals","route":"/cases/CASE-DEMO-001/approvals","detail":"Accept required gates for the smoke-run scope before touching secrets."},{"number":"2","label":"Provision secret outside git","route":"/cases/CASE-DEMO-001/provisioning","detail":"Set OPENAI_API_KEY in the app process manager or shell; never paste it into tracked files."},{"number":"3","label":"Restart app process","route":"/cases/CASE-DEMO-001/readiness","detail":"Restart `uv run dev` or the target process so the environment is visible to FastAPI."},{"number":"4","label":"Verify readiness","route":"/cases/CASE-DEMO-001/readiness","detail":"Check that the readiness page reports OPENAI_API_KEY present without showing the value."},{"number":"5","label":"Run live smoke","route":"/cases/CASE-DEMO-001/readiness","detail":"Use the readiness page live-run button once, then inspect the created run detail."},{"number":"6","label":"Capture review evidence","route":"/cases/CASE-DEMO-001/live-rehearsal","detail":"Capture decision, action-board, audit, run-detail, and review-pack evidence after the smoke run."}],"secret_handling_rules":["Do not commit OPENAI_API_KEY or paste it into Markdown, JSON, screenshots, approval notes, or prompt overrides.","Provision the key only after data-handling, access/role, live OpenAI, output/archive, and learning gates are accepted for the rehearsal scope.","Restart the app process after provisioning; do not expect an already-running process to see new environment variables.","Use the readiness page only to confirm presence/absence; never add a route that displays the secret value.","Rotate or remove the key after rehearsal if the environment is not a controlled persistent runtime."],"evidence_after_provisioning":[{"label":"Readiness screenshot","status":"required","owner":"System administrator","route":"/cases/CASE-DEMO-001/readiness","detail":"Shows OPENAI_API_KEY present without exposing the key."},{"label":"Live run detail","status":"required","owner":"Demo operator","route":"/cases/CASE-DEMO-001/runs/<run_id>","detail":"Stored run with model, prompt refs, selected sources, outputs, usage metadata, and raw payload."},{"label":"Live evidence log","status":"required","owner":"Demo operator","route":"/cases/CASE-DEMO-001/live-evidence","detail":"Local evidence entries for readiness, run detail, audit, decision, and review pack."},{"label":"Audit snapshot","status":"required","owner":"Demo operator","route":"/cases/CASE-DEMO-001/audit-log.json","detail":"Derived event list that includes the live run and any errors."},{"label":"Decision snapshot","status":"required","owner":"PitchAI reviewer","route":"/cases/CASE-DEMO-001/decision-center.json","detail":"Updated go/no-go state after the live smoke result is reviewed."},{"label":"Review pack","status":"required","owner":"PitchAI reviewer","route":"/cases/CASE-DEMO-001/review-pack.md","detail":"Internal Markdown pack with source ids and stored run evidence."}],"no_go_rules":[{"label":"Missing approvals","status":"abort","owner":"PitchAI reviewer","route":"/cases/CASE-DEMO-001/approvals","detail":"Do not provision or run live generation while required gates are pending."},{"label":"Missing source boundary","status":"abort","owner":"Data owner","route":"/cases/CASE-DEMO-001/sources","detail":"Do not run real customer material until source scope, retention, and access decisions are accepted."},{"label":"Missing QA owner","status":"abort","owner":"QA owner","route":"/cases/CASE-DEMO-001/output-qa","detail":"Do not send or label client-facing output without manual QA ownership."},{"label":"Unsourced live output","status":"abort","owner":"PitchAI reviewer","route":"/cases/CASE-DEMO-001/canvas","detail":"Do not use model output externally if claims lack source ids or assumption labels."},{"label":"Public/client sharing","status":"abort","owner":"Access owner","route":"/cases/CASE-DEMO-001/client-handoff","detail":"No public link or client login exists; use internal review or consultant-led screenshare only."}],"summary":{"openai_key_present":false,"pending_approval_gates":5,"blocking_readiness_checks":1,"action_board_blockers":26,"converted_sources":20,"latest_runs_available":6},"remaining_human_action":["Human action: provision OPENAI_API_KEY for this app process, restart the server, then run live validation.","Record accepted approval for Data handling policy.","Record accepted approval for Access and role model.","Record accepted approval for Live OpenAI validation.","Record accepted approval for Output and archive boundary.","Record accepted approval for Anonymized learning."]}