# WBS-7.9 Evidence Packet Final ## Scope `WBS-7.9` is the Synology external-service POC for `snapshot_admin_server_v1.py`. The implementation is ready for deployment, but the final external live verification on the NAS is still pending. ## Current artifact set - `src/quant_engine/snapshot_admin_server_v1.py` - `tools/run_snapshot_admin_server_v1.py` - `tools/run_snapshot_admin_synology.sh` - `tests/unit/test_snapshot_admin_web_v1.py` - `docs/SYNOLOGY_SNAPSHOT_ADMIN_POC.md` - `docs/SYNOLOGY_SNAPSHOT_ADMIN_DEPLOYMENT_CHECKLIST.md` - `docs/SYNOLOGY_SNAPSHOT_ADMIN_DEPLOYMENT_CHECKLIST_FILLED.md` - `docs/SYNOLOGY_SNAPSHOT_ADMIN_FIREWALL_PROXY_TABLE.md` - `docs/SYNOLOGY_SNAPSHOT_ADMIN_FIREWALL_PROXY_COPYPASTE.md` - `docs/SYNOLOGY_SNAPSHOT_ADMIN_FINAL_PREFLIGHT_10.md` - `Temp/snapshot_admin_approval_packet_v1.json` - `Temp/snapshot_admin_approval_packet_v1.md` - `Temp/snapshot_admin_export_v1.json` - `Temp/snapshot_admin_web_validation.json` ## Local validation evidence - `python -m pytest tests/unit/test_snapshot_admin_web_v1.py -q` - Result: `10 passed` - `python tools/validate_snapshot_admin_web_v1.py` - Result: `PASS` - `python tools/validate_snapshot_admin_workflow_v1.py` - Result: `PASS` ## Local HTTP verification evidence The following loopback checks were executed against a real server process started from `tools/run_snapshot_admin_server_v1.py` with Basic Auth enabled: - Unauthenticated `GET /api/state` - Result: `401 Unauthorized` - `WWW-Authenticate: Basic realm="Snapshot Admin", charset="UTF-8"` - Authenticated `GET /api/state` - Result: `200 OK` - `version.app = snapshot-admin-web-v7` - Authenticated `GET /tables` - Result: `200 OK` - Tabler grid surface present This confirms the localhost-side service path, auth gate, and `/tables` route work as expected in the workspace. It does not replace the NAS-side reverse proxy verification. ## Workflow deploy success evidence The Synology deploy workflow was executed against the NAS-hosted `act_runner` and the job-level log showed a successful local readiness cycle: - `healthcheck failed: http://127.0.0.1:8787/api/state` - `[deploy] healthcheck retry 1/30` - `[deploy] healthcheck retry 2/30` - `healthcheck ok: http://127.0.0.1:8787/api/state` - `snapshot-admin-web-v6` - `[deploy] snapshot admin deploy verification complete` - `Job succeeded` This is workflow-level success evidence only. It confirms the deploy job can start the service, wait for readiness, and pass verification on the NAS runner. It does not by itself satisfy the full external reverse-proxy/browser evidence required to close `WBS-7.9`. ## Workspace topology evidence From `Temp/snapshot_admin_approval_packet_v1.json`: - `workspace_db = C:\\Temp\\data_feed\\Temp\\snapshot_admin_web_validation.db` - `collector_db = C:\\Temp\\data_feed\\outputs\\kis_data_collection\\kis_data_collection.db` - `settings_rows = 31` - `account_snapshot_rows = 40` - `settings_and_snapshot_share_db = true` - `collector_separate_db = true` ## Live verification still required The NAS-side POC is not complete until these are observed on the real Synology host: 1. `curl -i http://127.0.0.1:8787/api/state` returns `200 OK` 2. `curl -i https:///api/state` returns `401 Unauthorized` without credentials 3. `curl -u ':' https:///api/state` returns `200 OK` 4. Browser access to `https:///` and `https:///tables` works after Basic Auth 5. DSM reverse proxy and firewall values are recorded as evidence ## Final disposition - Implementation status: ready - Deployment guide: ready - External live verification: pending - Promote to `실배포 검증 완료` only after the NAS curl evidence and browser screenshot are archived