The backend can now be inspected through a loopback-only gateway while the database-aware API remains on the internal data network. A governed synthetic demo proves readiness, pgvector retrieval, reranking, and citation output through real HTTP without invoking cloud models.
Constraint: The previously exposed Bailian key is compromised and cannot be used for live validation
Constraint: The API must be locally reachable while retaining no internet egress
Rejected: Attach the API directly to the ingress network | a real socket test proved that configuration still had egress
Rejected: Publish a port from the internal-only network | Docker Desktop did not expose the host port
Confidence: high
Scope-risk: moderate
Reversibility: clean
Directive: Keep model and database credentials out of the gateway; do not relax the fixed demo identity/profile filters
Tested: make verify; 63 pytest tests; strict mypy; Ruff; Secret scan; Compose config; three backend image builds; API/DB/gateway healthy; migration exit 0; Swagger browser check; live/ready/meta/status/search HTTP; 20/20/20 index; API egress ENETUNREACH; empty gateway mounts and business environment
Not-tested: Live Bailian calls require a newly rotated key; full generated-answer flow and React UI are not implemented
The lifecycle tracker now records the pushed offline Stage 1 slices while leaving the live provider node open. This prevents mock and local database success from being mistaken for full Bailian validation.
Constraint: A newly rotated Bailian key is required before live smoke can be accepted
Confidence: high
Scope-risk: narrow
Reversibility: clean
Directive: Do not mark Stage 1 DONE until all three live model probes and real-mode synthetic seed pass
Tested: make verify; Markdown link check; secret scan; 41 pytest tests; strict mypy; Ruff; Compose config
Not-tested: Live Bailian provider calls
The Stage 1 foundation now proves provider contracts with mocks and validates PostgreSQL/pgvector ingestion, approval binding, retrieval, reranking, and idempotency using only synthetic data. Live Bailian validation remains gated on rotating the exposed key.
Constraint: The key shown in chat is compromised and cannot be used or committed
Rejected: Mark Stage 1 complete from mock and offline results | real three-model smoke is still required
Confidence: high
Scope-risk: moderate
Reversibility: clean
Directive: Do not enable real-data ingestion until Stage 3 cloud approval and outbound manifest controls are enforced end to end
Tested: make verify; 41 pytest tests; strict mypy; Ruff; Compose config; pinned image build; empty-volume migration; role denial; two idempotent 20-vector seeds; database restart persistence
Not-tested: Live Bailian calls require a newly rotated key; React product UI is not implemented