{
  "schema_version": "0.1",
  "proof_id": "OCZ-PROOF-CRASHLOOP-DELETE-POD-001",
  "scenario_slug": "crashloopbackoff-delete-pod-recovery",
  "scenario_name": "CrashLoopBackOff delete pod recovery",
  "validation_status": "partial",
  "evidence_grade": "partial_runtime_export",
  "status_reason": "Reconstructed from an existing local proof export. The proof was not rerun in this session. Direct copied artifacts include incident exports, runtime image, proof-flow log, post-restore Kubernetes state, Slack screenshot, git metadata, and audit IDs. Raw request exports, raw kubectl-before output, full audit records, standalone policy export, and standalone Slack approval JSON are missing.",
  "public_claim_boundary": "This packet supports only a scoped claim that an owned proving-cluster CrashLoopBackOff/delete_pod proof export exists. It must not be generalized to customer production, external design-partner clusters, all Kubernetes remediation, or production readiness.",
  "source_export": {
    "source_kind": "local_existing_proof_export",
    "source_export_label": "stable-app-signed-proof-20260519T134915Z",
    "source_note": "Reconstructed from a retained local proof export; original local filesystem paths are intentionally not published.",
    "reconstruction_note": "Artifacts were copied from the existing source export; the proof was not rerun in this session."
  },
  "run": {
    "run_id": "stable-app-signed-proof-20260519T134915Z",
    "incident_id": "2df98692-b04b-440c-a552-5f6cfa89376e",
    "incident_started_at": "2026-05-19T13:48:21.669809Z",
    "incident_resolved_at": "2026-05-19T13:49:15.807145Z",
    "alert_timestamp": "2026-05-19T13:29:37Z",
    "runtime_image": "ghcr.io/runvara-io/oncallzero:sha-f753e7785b6eafaee267eb44caa3a77782cfac90",
    "runtime_digest": "sha256:89e178a2265cfb3ae32153520ab70da5e3d6b8106b14875f204c1a5cc5354bac"
  },
  "environment": {
    "environment_type": "owned proving cluster",
    "namespace": "oncallzero-workloads",
    "workload": "proving-nginx",
    "failing_pod": "proving-nginx-6d8c8d44f-2lkgb",
    "container": "nginx",
    "endpoint": "https://app.oncallzero.com"
  },
  "action_under_review": "delete_pod",
  "evidence_present": [
    {
      "status": "present",
      "kind": "incident_export",
      "description": "Stored incident and incident-response exports from the source proof folder.",
      "links": [
        "./artifacts/incident.json",
        "./artifacts/incident-response.json"
      ],
      "limitations": "These are persisted application exports, not separate raw HTTP request captures."
    },
    {
      "status": "present",
      "kind": "runtime_image",
      "description": "Runtime image and digest captured in the source proof folder.",
      "links": [
        "./artifacts/runtime-image.txt"
      ],
      "limitations": "Runtime image metadata alone does not prove remediation behavior."
    },
    {
      "status": "present",
      "kind": "proof_flow_log",
      "description": "Runtime proof-flow log copied from the source proof folder.",
      "links": [
        "./artifacts/proof-flow.log"
      ],
      "limitations": "The log is not a normalized audit export and may require reviewer inspection."
    },
    {
      "status": "present",
      "kind": "post_restore_kubernetes_state",
      "description": "Post-restore Kubernetes deployment and pod state copied from the source proof folder.",
      "links": [
        "./artifacts/deploy-after-restore.txt",
        "./artifacts/pods-after-restore.txt"
      ],
      "limitations": "These files are post-restore state, not raw kubectl-before output."
    },
    {
      "status": "present",
      "kind": "slack_screenshot",
      "description": "Slack approval and resolved screenshot copied from the source proof folder.",
      "links": [
        "./artifacts/slack-approval-and-resolved.png"
      ],
      "limitations": "The screenshot is visual evidence only; a structured Slack approval JSON export is not present."
    },
    {
      "status": "present",
      "kind": "git_metadata",
      "description": "Git branch and commit metadata copied from the source proof folder.",
      "links": [
        "./artifacts/git-branch.txt",
        "./artifacts/git-commit.txt"
      ],
      "limitations": "Git metadata identifies the checked-out code context but does not prove runtime behavior by itself."
    },
    {
      "status": "present",
      "kind": "audit_ids",
      "description": "Audit entry IDs copied from the source proof folder.",
      "links": [
        "./artifacts/audit-ids.txt"
      ],
      "limitations": "Only audit IDs are present; full audit record payloads are missing."
    }
  ],
  "evidence_partial": [
    {
      "status": "partial",
      "kind": "diagnosis",
      "description": "Diagnosis context is present inside the incident export and proof-flow log, but no standalone diagnosis artifact was exported.",
      "links": [
        "./artifacts/incident.json",
        "./artifacts/proof-flow.log"
      ],
      "limitations": "Not a separate structured diagnosis export."
    },
    {
      "status": "partial",
      "kind": "policy_decision",
      "description": "The incident export and proof-flow log include delete_pod proposal and approval-gate context.",
      "links": [
        "./artifacts/incident.json",
        "./artifacts/proof-flow.log"
      ],
      "limitations": "A complete standalone structured policy evaluation export is missing."
    },
    {
      "status": "partial",
      "kind": "slack_approval",
      "description": "Slack approval evidence exists in the incident export, proof-flow log, and screenshot.",
      "links": [
        "./artifacts/incident.json",
        "./artifacts/proof-flow.log",
        "./artifacts/slack-approval-and-resolved.png"
      ],
      "limitations": "Structured Slack approval JSON and raw Slack HTTP payload are missing."
    },
    {
      "status": "partial",
      "kind": "execution_output",
      "description": "Execution result context exists in the incident export and proof-flow log.",
      "links": [
        "./artifacts/incident.json",
        "./artifacts/proof-flow.log"
      ],
      "limitations": "Full raw Kubernetes command output is not exported as a standalone artifact."
    },
    {
      "status": "partial",
      "kind": "verification",
      "description": "Verification result context exists in the incident export and proof-flow log.",
      "links": [
        "./artifacts/incident.json",
        "./artifacts/proof-flow.log"
      ],
      "limitations": "No independent external verification artifact is present."
    }
  ],
  "evidence_missing": [
    {
      "status": "missing",
      "kind": "raw_http_request_headers_body",
      "description": "placeholder pending runtime export: raw Prometheus webhook request headers and body were not exported separately.",
      "links": []
    },
    {
      "status": "missing",
      "kind": "raw_kubectl_before",
      "description": "placeholder pending runtime export: raw kubectl-before or injected-state output was not present in the source export.",
      "links": []
    },
    {
      "status": "missing",
      "kind": "full_raw_audit_records",
      "description": "placeholder pending runtime export: full audit record payloads were not present, only audit IDs.",
      "links": [
        "./artifacts/audit-ids.txt"
      ]
    },
    {
      "status": "missing",
      "kind": "complete_structured_policy_evaluation",
      "description": "placeholder pending runtime export: complete standalone policy evaluation output was not present.",
      "links": []
    },
    {
      "status": "missing",
      "kind": "structured_slack_approval_json",
      "description": "placeholder pending runtime export: structured Slack approval JSON was not present.",
      "links": []
    },
    {
      "status": "missing",
      "kind": "independent_external_verification",
      "description": "placeholder pending runtime export: independent external verification was not present.",
      "links": []
    },
    {
      "status": "missing",
      "kind": "git_working_tree_status",
      "description": "omitted from public packet: source git status artifact contained local workspace noise and was not published.",
      "links": []
    }
  ],
  "artifact_links": {
    "manifest": "./manifest.json",
    "incident": "./artifacts/incident.json",
    "incident_response": "./artifacts/incident-response.json",
    "runtime_image": "./artifacts/runtime-image.txt",
    "proof_flow_log": "./artifacts/proof-flow.log",
    "deploy_after_restore": "./artifacts/deploy-after-restore.txt",
    "pods_after_restore": "./artifacts/pods-after-restore.txt",
    "audit_ids": "./artifacts/audit-ids.txt",
    "slack_screenshot": "./artifacts/slack-approval-and-resolved.png",
    "git_branch": "./artifacts/git-branch.txt",
    "git_commit": "./artifacts/git-commit.txt",
    "site_screenshots": [
      "../../assets/proof/incident-crashloop-slack.png",
      "../../assets/proof/incident-crashloop-terminal.png"
    ]
  },
  "unsupported_claims": [
    "customer production remediation",
    "external design-partner deployment",
    "production readiness",
    "enterprise readiness",
    "autonomous production remediation",
    "proof across all Kubernetes remediation",
    "rollback, restart, scale, cordon_node, or multi-tenant isolation coverage from this packet",
    "full buyer-grade audit packet",
    "full raw auditability",
    "exact recovery time claim"
  ],
  "review_notes": [
    "This packet is stronger than screenshot-only evidence because it includes copied incident exports and a proof-flow log from an existing local proof export.",
    "Keep validation_status as partial until raw request captures, raw kubectl-before output, full audit records, standalone policy output, structured Slack approval JSON, and independent external verification are exported.",
    "Do not publish recovery-time claims from this packet; timing fields are single-run evidence only."
  ]
}