# EXECUTION_PATH_ALIGNMENT_B — isolated 검증 evidence (task-2729+12)

> 상태: **CODE_DATA_PATH_ALIGNMENT_VERIFIED_ACTIVE_FALSE**
> 작성: dev1-team(헤르메스) 2026-06-07 / CODE 기준: origin/main `70f36d82` (#184/#186/#187 포함)
> 선행 설계: `canonical_execution_path_alignment_design_260607.md` (ANU 권고 B안)
> ★ systemctl enable / ACTIVE=true / activation_epoch 생성 / real spawn / canonical reset·clean·stash·checkout / task-2716 수정 **미실행**.

## 1. 목적
production pickup 의 **CODE path = 별도 clean main worktree(CODE_ROOT)** / **DATA root = canonical /home/jay/workspace** 로 분리하는 B안을, entrypoint + systemd 최소 변경으로 구현하고 isolated 시뮬레이션으로 검증한다. driver/runner 무변경.

## 2. 구현 요약 (최소 변경)
### CODE_ROOT (stable clean main worktree)
- `git worktree add --detach ${HOME}/p0b-pickup-main origin/main` → detached HEAD `70f36d82`.
- canonical 외부 sibling(`${HOME}/p0b-pickup-main`), 영속 경로, 중첩 혼동 0.
- 동기 운영안: `git -C ${HOME}/p0b-pickup-main fetch origin && git -C ${HOME}/p0b-pickup-main checkout --detach origin/main` (PR merge 후 main 최신 반영).

### A. `scripts/anu_pickup_entrypoint.sh`
- `WORKSPACE="${HOME}/workspace"` 유지(=DATA).
- 신규 `CODE_ROOT="${PICKUP_CODE_ROOT:-${HOME}/p0b-pickup-main}"`.
- `FLAG_FILE`/`LOCK_DIR`/`LOCK` = `${WORKSPACE}` 유지(DATA·flag·lock canonical).
- CODE_ROOT fail-closed: `[[ ! -d "${CODE_ROOT}" ]] || ! git -C "${CODE_ROOT}" rev-parse --git-dir` → stderr 1줄 + `exit 0` no-op.
- `cd "${CODE_ROOT}"` / `PYTHONPATH="${CODE_ROOT}" python3 -m dispatch.anu_pickup_driver`.

### B. `deploy/systemd/anu-pickup.service`
- `WorkingDirectory=%h/p0b-pickup-main`, `Environment=PYTHONPATH=%h/p0b-pickup-main`, `ExecStart=/bin/bash %h/p0b-pickup-main/scripts/anu_pickup_entrypoint.sh`.

### C. `deploy/systemd/anu-pickup.path` — **무변경** (canonical events watch `%h/workspace/memory/events/task-*.result.json`).

### driver/runner — **무변경** (read-only). `CANONICAL_ROOT = "/home/jay/workspace"` 하드코딩(`dispatch/anu_owned_callback_enforcement.py:83`)이 DATA=canonical 보장.

## 3. isolated 시뮬레이션 (CODE=clean worktree / DATA=temp canonical형)
방법: origin/main(#184/#186/#187) 코드(CODE_ROOT)를 PYTHONPATH 로 하고, canonical 128 `task-*.result.json` 의 basename + **원본 mtime 보존 복제**(shutil.copy2)를 temp DATA root 에 구성(원본 canonical 0 손상) + `flag=enabled` + `activation_epoch=now` + `scan_once(temp, legacy_cutoff=True, launcher_fn=None)`(production `main()` 과 동일 legacy_cutoff 경로).

### 결과 evidence
```
canonical task-*.result.json (target) = 128
temp events before scan = 128
=== scan_once(max_files=1000, legacy_cutoff=True) verdicts ===
  NOOP_LEGACY_SKIP: 128
quarantined records = 0
temp events after scan  = 128
MOVE/DELETE 0 (before==after)? True
quarantine dir exists? False (files=0)
=== scan_once(default MAX_FILES=50) verdicts ===
  NOOP_LEGACY_SKIP: 50
  NOOP_MAX_FILES_DEFER: 1
CANONICAL untouched? before==after: True (count 140->140)
raw ANU key leak (c11908)? False
```
- 전수(max_files=1000): **128 NOOP_LEGACY_SKIP, 이동·삭제·quarantine 0.**
- production 기본(MAX_FILES=50): 50 LEGACY_SKIP + 1 MAX_FILES_DEFER(나머지 78 다음 cycle) — bounded, 설계 #7 재현.
- temp events before==after → **move/delete 0**, quarantine dir 미생성.
- canonical 140→140 무손상, raw ANU key 누출 0.

## 4. legacy 140 분류 (검증 5)
- events/*.result.json **140**. scan 대상 `task-*.result.json` = **128**(→ `NOOP_LEGACY_SKIP`), 비대상 **12**(task- 미시작 → `NOOP_NOT_TARGET`, scan 제외).
- 비대상 12 예시: `anu_automation_closure_to_100_percent`, `auto_pr_creation_readiness`, `callback_prompt_byte_audit`, `merge_queue_auto_merge_readiness`, `sample.batch-hold-adjudication` 등.

## 5. 회귀 (`tests/regression/test_canonical_execution_path_alignment_b_2729p12.py`, 9 PASS)
- A. CODE/DATA 분리(파일 파싱): entrypoint cd/PYTHONPATH→CODE_ROOT, FLAG/LOCK→WORKSPACE 유지, CODE_ROOT default·fail-closed, service→p0b-pickup-main, path unit→canonical events 무변경.
- B. legacy NOOP(isolated temp): `legacy_cutoff=True`+future epoch → NOOP_LEGACY_SKIP·이동 0·quarantine 비어있음, 비대상→NOOP_NOT_TARGET, `launcher_fn=None`→real spawn 0.

## 6. 안전성 (canonical/task-2716 무손상)
- canonical HEAD = `75fdf540` (task/task-2716) **불변**. reset/clean/stash/checkout 0.
- canonical events 140 불변(시뮬레이션은 temp 복제만).
- flag ABSENT(ACTIVE=false), activation_epoch ABSENT, systemd unit 미설치/미enable.
- rollback: `git worktree remove ${HOME}/p0b-pickup-main` + PR revert. canonical 전 과정 무손상.

## 7. 다음 단계 (회장 승인 게이트)
- 본 단계는 **execution path 정렬 구현·검증까지**. systemctl enable / ACTIVE=true / activation_epoch 생성 / dry_run=False real wake pilot 은 **별도 회장 승인 전까지 금지**.
- PR fresh HIGH/CRITICAL 0 · CI GREEN · diff expected_files 5 유지 → `MERGE_APPROVAL_CANDIDATE_CODE_DATA_ALIGNMENT_ACTIVE_FALSE`. **merge·activation 별도 승인.**