Last reviewed: 2026-06-24
This matrix describes current implementation status for engine fact coverage.
It is the source of truth for repository engine support, fixture-only, and
research statuses, but it is not a public support promise. The product brand is
Query Doctor; full production triage support remains Apache Impala. Trino local
production support is limited to the bounded raw-free web lanes named below; any
broader/shared Trino expansion still requires a separate implementation,
fixture, retained-evidence, documentation, and regression gate.
Trino support is limited to sanitized offline evidence package import, bounded
local event-store import, bounded HTTP event archive import, bounded HTTP
query-detail archive import, bounded local query-detail import, bounded local
query-list aggregate import, bounded local statement-stats import, bounded
local pruned QueryInfo import, bounded local metadata summary import, plus
event-source contract checking and dry-run coordinator query-info target
checking, plus metadata source-contract checking, bounded local metadata CLI
summary building, dev-only metadata CLI summary smoke round-trip, plus one-query pruned
coordinator query-info probing, one-query pruned
coordinator fact import with direct
raw-free boundary output for readiness audits, dev-only one-query handoff and
handoff-suite readiness over retained raw-free handoff artifacts with optional
matching retained one-query handoff summaries, optional product-surface summary
auditing for one-query handoff artifacts and retained handoff-suite manifests
with optional matching retained product-surface summaries, dev-only
package-to-boundary readiness audit over sanitized evidence packages, dev-only
product-surface boundary audit over retained raw-free compact artifacts, dev-only
shared deployment boundary audit over local config shape and static surface
registries, dev-only shared deployment preflight over the shared boundary,
product-surface, support-gap, and active-docs gates,
support-gap matrix audit over registered Trino fact-family coverage, source-type
registry coverage, engine fact promotion-policy coverage, and adapter flags,
local
compact diagnosis over raw-free direct boundary JSON excluding local metadata
summary boundaries or selected package sample boundaries, and the isolated local /trino/compact-diagnosis page over the same already raw-free
inputs, plus the local production web Trino retained-list Recent lane over one
bounded retained pruned coordinator query-list read and bounded selected pruned
coordinator QueryInfo reads, plus the local production web Trino One Query ID lane
over one bounded pruned coordinator QueryInfo read and the same raw-free compact
diagnosis boundary, with server-owned raw-free case artifacts for those existing
web lanes only. The Trino local production claim is not Impala parity and not
broader/shared Trino expansion: Running scans, query-history crawling, product
metadata collection, LLM report output, optimizer jobs, Query
Doctor-generated Trino SQL, and user SQL execution remain unsupported. The only
Details surface is the local raw-free view over server-owned materialized web
case artifacts, with deterministic Python Report and optimizer guidance over
the same raw-free facts.
trino_support_mode=production is the local production support mode for those
same bounded raw-free Recent and One Query ID lanes only. It does not close the
broader/shared Trino production support gaps above, and trino_beta_enabled
remains a legacy beta-only switch for existing local configs.
Shared/non-local Trino deployment hardening is documented separately in
trino-shared-deployment-hardening.md;
it requires trusted front-door identity and source isolation without changing
the support status in this matrix. Shared/non-local Trino config checks require
--trusted-front-door-reviewed after the operator verifies trusted front-door
header stripping and exactly-one normalized viewer identity injection.
The web lane artifacts are normalized boundary JSON, compact diagnosis JSON, a
metadata-not-collected summary, typed analysis.json, and analysis_facts.md;
they may back the raw-free Details case view and do not expose raw
QueryInfo/query-list payloads, local paths, LLM reports, Query Optimizer jobs,
generated SQL, or user SQL execution.
Trino package-level retained evidence-handoff suite audits may require selected
safe source-contract, connector-family, diagnostic-lane source-granularity, and
verification-scope labels from already raw-free retained summaries, and the
representative-evidence audit can aggregate those summaries with compact
readiness summaries for the trino_representative_real_cluster_evidence gate;
these are dev-only retained-evidence gates and not Trino product support claims.
Those gates also reject unsafe or duplicate summary references, output/input
overlap, missing artifacts, drifted manifest schema, redaction/no-support
metadata, and raw-like retained summary content while writing only aggregate
raw-free summaries.
implemented: production path exists and is tested for the current product.contracted: typed normalized fact contract exists, but production workflows do not consume it yet.fixture-only: synthetic or sanitized fixture mapping exists for contract shaping only.unknown: facts are unavailable or insufficient; do not infer a diagnosis.not observed: the signal was checked in the bounded facts and was absent.
| Fact family | Apache Impala | Trino | Spark |
|---|---|---|---|
| Public support status | implemented | offline evidence package, local event-store, HTTP event archive, HTTP query-detail archive, local query-detail, local query-list aggregate, local statement-stats import, local pruned QueryInfo import, local metadata CLI summary builder, local metadata summary import, event-source contract check, coordinator query-info target check, metadata source-contract check, dev-only metadata CLI summary smoke round-trip, one-query pruned coordinator probe, one-query pruned coordinator fact import with optional direct --boundary-out, dev-only package-to-boundary evidence handoff audit, dev-only product-surface boundary audit over retained raw-free compact artifacts or retained handoff-suite manifests, dev-only support-gap matrix audit over registered fact-family coverage, source-type registry coverage, engine fact promotion-policy coverage, and adapter flags, dev-only one-query handoff with optional --query-id-file input, optional retained one-query handoff summary, optional product-surface summary audit, and handoff-suite readiness over raw-free handoff artifacts, local compact diagnosis over raw-free direct boundary JSON excluding metadata summary boundaries or selected package sample boundaries, isolated local compact-diagnosis page, local production web Trino retained-list Recent over one bounded retained pruned coordinator query list plus selected pruned QueryInfo reads, local production web Trino One Query ID over bounded pruned coordinator QueryInfo only, and local raw-free Details plus deterministic Python Report and optimizer guidance over materialized web cases from those lanes; no broad/shared production support |
bounded compact support surfaces for explicit-application History Server intake, dev-only one-application handoff over that same compact path with optional product-surface summary audit over written compact/diagnosis artifacts, dev-only one-application handoff-suite readiness over retained raw-free compact/diagnosis/boundary triples plus optional matching spark_one_application_handoff_summary_v1 and spark_product_surface_boundary_audit_v1 artifacts, evidence-package validation/export, and compact diagnosis; not production support |
| Live query/profile collection | implemented through Cloudera Manager and direct Impala daemon workflows | no broad Trino production live coordinator collection; explicit operator HTTP event archive and HTTP query-detail archive readers exist for already-sanitized compact records; pruned coordinator query-info probe performs one bounded read and emits no facts; pruned coordinator query-info import maps only allowlisted facts for one explicit query; the local metadata CLI summary builder may execute only Python-owned read-only metadata statements from one accepted allowlist through an operator-installed Trino CLI and emits only aggregate metadata-summary counts; the local production web Trino Recent lane may perform one bounded retained pruned coordinator query-list read and bounded selected pruned QueryInfo reads, and the One Query ID lane may perform one bounded pruned QueryInfo read, but neither path crawls query history, supports Running, collects product metadata, submits user SQL, or creates LLM reports or Query Optimizer jobs; Details is limited to the raw-free materialized web case view, deterministic Python Report, and optimizer guidance | experimental compact Spark History Server summary intake only through CLI, isolated direct web page, or dev-only one-application handoff wrapper for one explicit application; retained one-application compact/diagnosis/boundary artifacts, optional matching handoff summaries, and optional matching product-surface summaries can be grouped and audited locally without reopening Spark; separate local Spark compact evidence-package build/validation/fixture export accepts only already compact samples for readiness work; no Recent workflow, broad crawl, raw event-log download, Details/trusted report surface, optimizer behavior, or Spark support claim |
| Engine adapter registration | implemented | implemented for offline evidence, local event-store, HTTP event archive, HTTP query-detail archive, local query-detail, local query-list aggregate, local statement-stats import, local pruned QueryInfo import, local metadata CLI summary builder, local metadata summary import, coordinator query-info target checking, metadata source-contract checking, pruned coordinator probing, pruned coordinator fact import, compact diagnosis CLI, isolated local compact-diagnosis page, local production web Recent plus One Query ID, raw-free materialized Details, deterministic Python Report, and optimizer guidance only | registered for bounded compact intake only; no Recent scans, live Query ID product diagnosis, metadata collection, Details/trusted report output, optimizer behavior, raw event-log handling, or Spark job execution |
| Engine fact contract bundle | contracted through the test/calibration-only impala_engine_facts.py projection; existing production recommendations still consume current analyzer facts directly |
implemented for sanitized offline evidence package samples through trino_fixture_facts.py and trino_evidence_package.py; not consumed by live workflows |
fixture-only plus experimental compact History Server intake and compact evidence-package readiness validation through spark_fixture_schema.py, spark_fixture_facts.py, spark_evidence_package.py, and query_doctor/spark/history_server.py; no Recent, Details/trusted report, optimizer, metadata, raw event-log, or job-execution product workflow |
| Normalized fact namespace registry | implemented for the current Impala projection; non-shared Impala profile/admission/runtime facts remain Impala-specific | implemented for offline-import fact IDs with explicit Trino-only trino_*, source-boundary, or distributed-SQL-family scope before they can cross the boundary; shared/distributed-SQL-family/source-boundary/support-boundary facts visible to Trino also require checked promotion-policy coverage before support wording or product-surface promotion |
fixture-only Spark facts remain spark_* or Spark support-boundary facts; Spark cannot emit Trino trino_stage_count or unregistered unprefixed facts |
| Source/evidence contract | implemented for current Impala providers | implemented for already-sanitized evidence package imports, bounded local event-store imports, bounded HTTP event archive imports, bounded HTTP query-detail archive imports, bounded local query-detail imports, bounded local query-list aggregate imports, bounded local statement-stats imports, bounded local pruned QueryInfo imports, bounded local metadata CLI summary building, bounded local metadata summary imports, event-source contract checks, dry-run coordinator query-info target checks, metadata source-contract checks, dev-only metadata CLI summary smoke round-trip over the same aggregate summary and importer contract, one-query pruned coordinator probes, one-query pruned coordinator fact imports with direct raw-free boundary output for strict readiness audits including safe Trino version-family facts, dev-only package-to-boundary readiness audit over sanitized evidence packages, dev-only product-surface boundary audit over retained raw-free compact artifacts or retained handoff-suite manifests with optional matching retained trino_product_surface_boundary_audit_v1 summaries, dev-only one-query handoff with optional --query-id-file input, optional retained trino_one_query_handoff_summary_v1 evidence, and optional product-surface summary audit plus manifest-driven suite readiness over retained raw-free handoff boundary/diagnosis/smoke/readiness/handoff/product-surface summary artifacts using safe relative manifest references, unique boundary/diagnosis/readiness-summary/handoff-summary/product-surface-summary refs, and safe version-family breadth gates, and compact diagnosis over accepted raw-free boundaries excluding metadata summary boundaries; broader Trino coordinator collection remains future |
documented as bounded compact research Spark History Server/event-log architecture work; spark_history_server_compact_v1 accepts only explicit-application summary JSON, including bounded application lifecycle/attempt-state summaries, allowlisted safe failure categories, raw-free source coverage warning IDs, explicit checked adaptive markers from SQL summaries, aggregate job-state counts when job summaries are available, stage/task aggregates filtered by SQL-linked job IDs or job-linked stage IDs for accepted SQL execution context when summaries are available, application-level job/stage/task summaries for same_application evidence when no SQL execution linkage is accepted, task-duration context from accepted stage-summary or task-summary quantiles, SQL-execution-specific timing and failure facts only from accepted SQL execution summaries, aggregate input/output bytes, aggregate input/output row counts, scheduler delay when every selected stage summary has an explicit safe value, executor loss/churn aggregates, aggregate executor memory used/capacity when executor summaries provide complete safe values, explicit dynamic-allocation markers from executor summaries, and raw-free Spark version-family facts when available |
| Golden contract harness | covered across clean finished, admission-queued, spill-observed, missing-section, and failed-query cases | covered by shared raw-free contract cases for finished/failed/failure-category/blocked/stage-skew/connector-metric statement stats, completed event, resource-group queue-delay event, unknown source-contract event/query-detail fixtures, missing-field event/query-detail fixtures, blocked, safe-failure-category, spill-observed, stage-skew, queued, and connector-metric query-detail fixtures, query-list aggregate, compact query-detail fixtures, local pruned QueryInfo import, pruned coordinator query-info import, local metadata CLI summary building, dev-only metadata CLI summary smoke round-trip, and local metadata summary import | covered by one compact synthetic Spark event-log summary fixture plus compact History Server intake tests for raw-free output, unknown application/stage/version fallback, endpoint and application-attempt bounds, safe application lifecycle labels, safe version-family labels, CLI boundary export, one-application handoff suite artifact consistency, and compact evidence-package build/validation without path or payload echo |
| Lifecycle facts | projected from safe query context when available | offline import from synthetic and sanitized finished/failed/blocked statement stats, completed event payloads, compact query-detail exports, and pruned QueryInfo lifecycle, including queued lifecycle | fixture-only from compact SQL execution lifecycle plus Spark-specific application lifecycle, attempt-state, and aggregate job-state facts; Spark blocked/admission semantics remain unknown |
| Failure category | projected only as failed lifecycle in the current Impala projection | offline import from exact compact checked/category safe summary; no raw exception classes, messages, stack traces, endpoint details, object names, connector internals, extra summary detail, or live source | compact-only from allowlisted safe failure categories on SQL execution lifecycle facts; unknown categories and raw exception/error text remain rejected or unknown, and the signal is not a root-cause or support claim |
| Query wall-clock / elapsed timing | projected from Query Wall Clock, profile TotalTime, and Query Timeline facts | offline import elapsed timing from statement stats, compact query-detail exports, and pruned QueryInfo; QueryInfo wall time remains unknown | fixture-only from compact SQL execution elapsed timing |
| Planning / admission / backend-start timing | projected when Impala Query Timeline phases are available | offline import planning and queued timing from compact event/statement/query-detail packages and pruned QueryInfo, plus resource-group queue timing from compact events; Impala admission/backend-start semantics remain unknown | compact Spark SQL elapsed timing plus Spark-specific scheduler-delay context when explicitly present; Spark planning, admission, backend-start, and cluster-manager queue semantics remain unknown |
| Input/output bytes and rows | projected from current analyzer totals where available | offline import from statement stats, compact query-detail exports, and allowlisted pruned QueryInfo stats | Spark-specific aggregate input/output byte and row-count facts are modeled from accepted compact stage summaries when complete; they are not promoted to shared input/output facts, and missing or partial row aggregates remain unknown |
| Peak memory | projected from profile resource facts where available | offline import from statement stats, compact query-detail exports, and allowlisted pruned QueryInfo stats; local compact diagnosis can surface high peak memory when one-query trino_peak_memory_bytes is supported and at least 100 GiB |
not modeled as peak memory; Spark compact facts may carry engine-specific aggregate executor memory used/capacity context when executor summaries provide complete safe values |
| Spill / scratch evidence | projected as observed count or not observed from explicit spill/scratch evidence lines | offline import spilled bytes from accepted compact packages, query-detail exports, and allowlisted pruned QueryInfo stats | fixture-only and experimental History Server stage spill bytes from compact Spark summaries |
| Connector metric signal | not applicable to current Impala profile projection | offline import checked/present signal from an exact compact safe summary, including query-detail supported and not-observed exports; no connector names, metric names, endpoints, object names, raw connector payloads, extra summary detail, or live connector source | not modeled; Spark table/source metrics need a separate source contract before any shared signal |
| Fragment / stage counts | projected from Impala profile format and lifecycle facts | offline import from rootStage shape and compact query-detail trino_stage_count facts |
fixture-only Spark stage count stays spark_stage_count; it is not the same fact as Trino trino_stage_count |
| Backend / stage skew candidates | projected from current backend-tail analysis when available | offline import from exact safe aggregate per-task stage-skew summary, including query-detail exports; no raw task or worker details or extra summary detail | fixture-only from compact aggregate task-duration skew ratio; no stage IDs, task IDs, executor IDs, or raw task detail |
| Task summary facts | not applicable to current Impala profile projection | offline import from exact compact query-detail safeTaskSummary and allowlisted pruned QueryInfo total/failed task counts; retry count remains unknown in pruned QueryInfo; no task IDs, worker identifiers, raw task payloads, or extra summary detail |
fixture-only aggregate task counts, failed/retried counts, sampled count, and duration buckets; experimental History Server intake supports aggregate task and failed-task counts from stage summaries plus retried-task counts and duration buckets only from explicit aggregate fields; missing, partial, or inconsistent aggregates stay unknown; no task IDs, executor IDs, raw task payloads, or logs |
| Admission pool semantics | implemented for Impala profile/context facts | unknown | unknown; Spark scheduler and cluster-manager queue semantics are not modeled by the compact fixture |
| Metadata enrichment | implemented through explicit bounded Impala metadata collection | local aggregate metadata summary import implemented after one accepted metadata allowlist source contract; a local metadata CLI summary builder can produce that aggregate summary through an operator-installed Trino CLI using only Python-owned read-only metadata statements for Hive or Iceberg connector-family gates; a dev-only smoke gate can dry-run, collect, and round-trip that same aggregate summary through the importer while writing only raw-free summaries; normalized facts still map only relation/column coverage and stats-completeness counts, while raw identifiers, metadata values, object crawling, browser/report metadata output, and product metadata collection remain unsupported | not implemented |
| Runtime metrics | implemented through Cloudera Manager and optional Prometheus context | not implemented | not implemented |
| Cluster events | implemented through bounded Cloudera Manager events | not implemented | not implemented; compact Spark fixture exposes only explicit cluster-manager-context limitations |
| Event-listener import | not applicable to implemented Impala workflows | implemented for already-sanitized package samples, one explicit bounded local JSON/NDJSON event-store file, and one explicit operator HTTP(S) event archive URL guarded by an accepted http_event_listener_archive source contract; all paths use compact completed-event and resource-group queue-delay mapping, redaction-review confirmation, unknown source-contract fail-closed behavior, missing-field unknown semantics, and oversized/over-deep/nested unsafe-field rejection tests; no Trino coordinator query-history reader |
not applicable; Spark uses one compact synthetic event-log summary fixture and does not import raw event logs |
| Offline query-list aggregate import | not applicable to implemented Impala workflows | implemented for already-sanitized package samples and one explicit bounded local JSON aggregate summary with record-count, state/failure bucket, timing/size bucket, blocked-reason, redaction-review, and source-shape limitation facts; aggregate-only and not one-query diagnosis, live Recent scan, live query-list crawl, or query-detail fetch | not applicable; compact Spark SQL execution summary is fixture-only and has no query-list collector |
| Offline query-detail import | not applicable to implemented Impala workflows | implemented for already-sanitized compact package samples, one explicit bounded local compact JSON file, and one explicit operator HTTP(S) query-detail archive URL guarded by an accepted http_query_detail_archive source contract, with lifecycle/timing/resource/stage/task facts plus blocked-signal, safe failure-category, spill-evidence, stage-skew, queued lifecycle/timing, and connector-metric checked/present supported/not-observed mapping, unsupported source-contract fail-closed behavior, and missing-field unknown semantics; raw query-detail exports, raw query IDs, and standalone production Query ID support remain unsupported |
not applicable; compact Spark SQL execution summary is fixture-only and has no query-detail collector |
| Offline statement-stats import | not applicable to implemented Impala workflows | implemented for already-sanitized package samples and one explicit bounded local JSON QueryResults.statementStats / rootStage payload with lifecycle/timing/resource/stage/blocked/failure/stage-skew/connector-metric mapping, redaction-review confirmation, oversized/over-deep/nested unsafe-field rejection tests, and raw-free boundary export; no client REST POST, SQL execution, live query-history reader, live Recent scan, query-detail fetch, or one-query diagnosis claim |
not applicable; compact Spark SQL execution summary has no statement-stats collector |
| Offline pruned QueryInfo import | not applicable to implemented Impala workflows | implemented for one explicit bounded compact sanitized local pruned QueryInfo JSON after an accepted coordinator_query_info source contract; maps only allowlisted state and queryStats fields to raw-free normalized facts and boundary JSON; rejects raw QueryInfo fields such as Query ID, query text, session fields, endpoint URLs, object names, stage/task detail, and unsupported queryStats fields; no network read, URL echoing, SQL execution, standalone production Query ID support, browser/report output, or support claim |
not applicable; compact Spark SQL execution summary has no QueryInfo collector |
| Event-source contract check | not applicable to implemented Impala workflows | implemented for one explicit compact local source contract JSON with source type, safe auth-reference label, accepted event schema, bounds, redaction-review, raw-storage prohibition, and browser/report blocking checks; the HTTP archive reader accepts only http_event_listener_archive with operator-managed auth reference; no endpoint/topic/database config ingestion, credentials, raw event records, Trino coordinator query-history collection, SQL execution, or support claim |
not applicable; Spark source contracts are research-only fixtures |
| Coordinator query-info target check | not applicable to implemented Impala workflows | implemented as a dry-run gate for one explicit compact source contract plus one coordinator base URL and one Query ID shape; emits only a URL-free and Query-ID-free safe summary; no network read, query-info fetch, raw QueryInfo JSON, SQL execution, standalone production Query ID support, browser/report output, or support claim | not applicable; Spark source contracts are research-only fixtures |
| Metadata source-contract check | not applicable to implemented Impala workflows | implemented as a dry-run gate for one explicit compact metadata allowlist contract with safe source reference labels, explicit relation/column allowlist shape, bounds, and redaction rules; emits only a path-free and identifier-free safe summary; no metadata read, metadata SQL execution, broad object crawl, raw identifier output, raw metadata storage, browser/report output, or support claim | not applicable; Spark source contracts are research-only fixtures |
| Metadata CLI summary builder | not applicable to implemented Impala workflows | implemented for one accepted metadata_allowlist source contract, one explicit operator-installed Trino CLI, one HTTPS coordinator URL, and one Hive or Iceberg connector-family gate; builds only Python-owned read-only metadata statements from the contract, passes statement text through stdin instead of argv, enforces byte/time bounds, and emits only a sanitized aggregate trino_metadata_summary_v1 payload or path-free safe summary; scripts/trino_metadata_cli_summary_smoke.py is a dev-only round-trip gate over the same builder plus local metadata summary importer and writes only raw-free smoke and aggregate summary artifacts; no statement text output, object identifier output, endpoint URL output, local path output, raw metadata values, CLI stdout/stderr output, browser/report output, Recent/Details/report/optimizer wiring, object crawling, user SQL execution, or broad Trino metadata collection support |
not applicable; Spark source contracts are research-only fixtures |
| Local metadata summary import | not applicable to implemented Impala workflows | implemented for one explicit compact sanitized aggregate metadata summary after an accepted metadata_allowlist source contract; maps only relation/column coverage and stats-completeness counts into raw-free normalized facts; no network read, metadata SQL execution, raw metadata, object identifiers, metadata values, object crawling, browser/report output, or support claim |
not applicable; compact Spark SQL execution summary has no metadata-summary collector |
| Coordinator pruned query-info probe | not applicable to implemented Impala workflows | implemented for one explicit GET /v1/query/{queryId}?pruned=true after an accepted coordinator_query_info contract with operator-managed auth reference; may use one optional local --auth-header-file containing an Authorization header line; validates a bounded JSON object and emits only a safe probe summary; does not follow HTTP redirects; no raw QueryInfo storage/output, auth header path/value output, fact mapping, broad query-history collection, SQL execution, standalone production Query ID support by itself, browser/report output, or support claim |
not applicable; Spark source contracts are research-only fixtures |
| Coordinator pruned query-info import | not applicable to implemented Impala workflows | implemented for one explicit GET /v1/query/{queryId}?pruned=true after an accepted coordinator_query_info contract with operator-managed auth reference; may use the same optional local --auth-header-file; maps only allowlisted lifecycle and queryStats fields to raw-free normalized facts and boundary JSON; --boundary-out may write the direct engine_fact_boundary_v1 payload for strict local readiness audits without printing the output path; does not follow HTTP redirects; no raw QueryInfo storage/output, URL or Query ID echoing in safe summaries, auth header path/value output, output boundary path echoing, query text/session/object/stage/task detail, broad query-history collection, SQL execution, LLM report output, or Query Optimizer jobs; local production web One Query ID and selected Trino Recent rows may consume this path only through configured local contract, raw-free compact diagnosis, raw-free materialized Details, deterministic Python Report, and optimizer guidance |
not applicable; Spark source contracts are research-only fixtures |
| Live collection design | implemented for current Impala providers | Broader Trino coordinator collection remains future-only in trino-live-collection-design.md; network readers are bounded operator HTTP event archive import, bounded HTTP query-detail archive import, one bounded retained pruned coordinator query-list read for local production web Trino Recent, one-query pruned coordinator probe, and one-query pruned coordinator fact import with direct boundary output for local readiness audits; the local metadata CLI summary builder is contract-gated and aggregate-only and is not a product metadata surface; scripts/trino_metadata_cli_summary_smoke.py is a dev-only metadata CLI dry-run/collect/import round-trip gate that prints or writes only raw-free smoke and aggregate summary artifacts, scripts/audit_trino_evidence_handoff.py is a dev-only package-to-boundary audit over sanitized packages, scripts/audit_trino_product_surface_boundary.py is a dev-only product-surface boundary audit over retained raw-free compact artifacts or retained handoff-suite manifests, scripts/audit_trino_product_metadata_collection.py is a dev-only product metadata collection closure-gate audit over static metadata contracts and blocks without reading metadata, scripts/audit_trino_report_optimizer_safety.py is a dev-only report optimizer safety closure-gate audit over materialized report/guidance contracts and validators without loading case artifacts or generating SQL, scripts/audit_trino_shared_deployment_boundary.py is a dev-only static/config-shape audit for trusted front-door identity and raw-source isolation before any shared/non-local Trino deployment hardening claim and requires --trusted-front-door-reviewed for shared/non-local configs after operator front-door verification, scripts/audit_trino_shared_deployment_preflight.py is a dev-only static preflight over the shared boundary, product-surface, support-gap, and active-docs gates that captures child output and emits only raw-free gate counts/categories while performing no network read, live smoke, UI smoke, metadata collection, or SQL execution, scripts/audit_trino_support_gap_matrix.py is a dev-only static audit over registered fact-family coverage, source-type registry coverage, engine fact promotion-policy coverage, and adapter flags, scripts/audit_trino_beta_release_readiness.py is a dev-only bundle over static audits, focused tests, local-config readiness, optional bounded live/UI smokes, the shared-deployment boundary audit, and an optional dev-only metadata CLI summary smoke with redaction-reviewed operator inputs without printing local config values, Query IDs, coordinator URLs, auth references, local paths, object identifiers, metadata values, CLI stdout/stderr, or raw payloads, scripts/trino_one_query_live_handoff.py is a dev-only wrapper for the same one-query import plus strict readiness audit, optional --query-id-file input, optional one-query handoff summary, and optional product-surface summary audit, scripts/audit_trino_web_beta_live_smoke.py is a dev-only local web backend gate over one bounded retained query-list read plus bounded selected QueryInfo diagnosis with raw-free counts only, scripts/query-doctor-web-trino-beta-smoke is a dev-only local web UI gate over Trino Recent, One Query ID, raw-free materialized Details, Python Report, and optimizer guidance form/job flows with no terminal Query ID, coordinator URL, auth reference, local path, raw payload, optimizer job link, generated SQL, or SQL execution output, and scripts/audit_trino_compact_readiness.py --handoff-suite-manifest is the path-free suite gate for retained raw-free handoff artifacts with optional retained handoff-summary checks; none are installed product CLIs; local production web Recent, One Query ID, raw-free materialized Details, deterministic Python Report, and optimizer guidance are the only Trino product surfaces; no Running, query-history crawl, product metadata collection, LLM report output, Query Optimizer jobs, or user SQL execution |
experimental compact History Server intake implemented for explicit applications through CLI and isolated direct web page; scripts/spark_one_application_handoff.py is a dev-only wrapper for the same one-application compact intake plus raw-free diagnosis, optional boundary export, readiness audit, and optional product-surface summary audit over written compact/diagnosis artifacts, and is not an installed product CLI; scripts/build_spark_one_application_handoff_suite_manifest.py plus scripts/audit_spark_compact_readiness.py --one-application-handoff-suite-manifest is the path-free suite gate for retained raw-free one-application compact/diagnosis/boundary artifacts and optional matching spark_one_application_handoff_summary_v1 artifacts, while scripts/audit_spark_product_surface_boundary.py --one-application-handoff-suite-manifest cross-checks optional retained spark_product_surface_boundary_audit_v1 artifacts; local compact evidence-package build/validation/fixture export is package-only over already accepted samples; default workflows, engine adapter registration, Details/trusted report output, raw event-log access, environment/configuration dumps, SQL text, plan descriptions, and support claims remain blocked |
| Browser/report boundary payload from normalized engine facts | contracted and raw-free tested; not wired into existing Impala browser/report paths | raw-free package-import, local event-store, HTTP event archive, HTTP query-detail archive, local query-detail, local query-list, local statement-stats, local pruned QueryInfo, local metadata CLI summary, local metadata summary, and pruned coordinator QueryInfo boundary export implemented for CLI output and direct --boundary-out files; isolated local /trino/compact-diagnosis page renders only deterministic compact diagnosis from already raw-free direct boundary JSON excluding metadata summary boundaries or selected package sample boundaries; local web materialized cases may render raw-free Details over typed case facts, deterministic Python Report, and optimizer guidance after Trino-specific validation; LLM reports and Query Optimizer jobs remain blocked until separate support gates exist |
fixture-only boundary payload tested; blocked from Details/trusted report surfaces and product workflows; the isolated compact-diagnosis page is raw-free tested and not a support surface |
| Boundary payload consumer probe | raw-free tested state-count and attention-signal probe; not wired into product ranking or UI | offline-import probe tested, including state-backed task retry/failure, allowlisted failure-category, spill-evidence, stage-skew, and connector-metric attention signals from compact query-detail facts; not a live support claim | fixture-only and experimental History Server intake probe tested for Spark spill, stage-skew, checked adaptive plan change, scheduler delay, allowlisted failure category, job failure, stage failure, retry, executor-loss/churn, source-contract, and product-support limitation signals; not wired into ranking, Details, trusted reports, optimizer behavior, or support claims |
| Deterministic compact diagnosis | implemented through current Impala analyzer/Details/report paths, not the normalized engine-fact seam | local JSON/CLI, isolated direct web paste page, local production web Trino Recent over selected already raw-free engine_fact_boundary_v1 payloads from retained pruned query-list rows, and local production web One Query ID over one already raw-free engine_fact_boundary_v1 payload excluding metadata summary boundaries, or one selected package sample boundary; maps accepted Trino boundary facts, including planning-heavy timing and high peak memory when supported facts pass conservative thresholds, to a raw-free diagnostic_lane summary, attention areas, change directions, verification prompts, limitations, materialized Details facts, deterministic Python Report, and optimizer guidance without root-cause claims, raw input echo, LLM report output, Query Optimizer jobs, Running workflows, product metadata collection, user SQL execution, query-history crawling, or broader/shared production expansion claims |
experimental local JSON/CLI plus isolated direct web collect-or-paste page; maps accepted compact facts, including checked adaptive plan-change, supported scheduler-delay context, allowlisted failure-category context, supported job/stage/task failure, high aggregate executor memory utilization, long SQL elapsed-time context, and executor loss/churn context, to a raw-free diagnostic_lane summary, attention areas, change directions, verification prompts, and limitations without root-cause claims, request selector echo, compact JSON echo, Details/trusted report output, optimizer behavior, Recent workflows, or production support claims; Spark evidence-package validation, package handoff audits, and compact-readiness audits reject diagnostic-lane drift and report safe lane readiness/source-granularity/verification-scope counters before retained handoff use |
| Minimum raw-free intake contract | implicit in current Impala safety/report/browser tests; Impala does not use the package-style redaction_note_v1 wrapper for production triage |
package-style Trino evidence-package intake uses the shared engine redaction note v1 safety gate, with Trino-specific required redaction classes, rejection reasons, sentinel tests, and boundary assertions, plus documented and tested raw-free gates for local event-store, HTTP event archive, HTTP query-detail archive, local query-detail, local query-list aggregate, local statement-stats import facts, local pruned QueryInfo import facts, local metadata CLI summary payloads and smoke round-trip summaries, local metadata summary facts, event-source contract checks, coordinator query-info target checks, metadata source-contract checks, pruned coordinator probes, pruned coordinator fact imports, compact diagnosis outputs, product-surface boundary auditing, handoff-suite product-surface auditing, and isolated compact-diagnosis page rendering; blocks broader Trino coordinator intake and product surfaces until gates close | package-style Spark compact evidence-package intake uses the shared engine redaction note v1 safety gate, with Spark-specific required redaction classes, rejection reasons, sentinel tests, and boundary assertions; compact Spark fixture, History Server, and evidence-package schemas reject raw SQL, plan/log/runtime IDs, unsafe text, non-finite numbers, invalid state/count combinations, raw event logs, environment dumps, and plan descriptions before boundary payloads or readiness summaries |
| Browser/report output from normalized engine facts | not wired; existing Impala browser/report paths remain unchanged | isolated local compact-diagnosis page is raw-free tested for already accepted direct boundary JSON and selected package sample boundaries; local production web Recent and One Query ID render the same deterministic compact diagnosis from bounded pruned coordinator QueryInfo boundaries; raw-free Details renders only typed materialized case facts; Python Report and optimizer guidance render only those raw-free facts after Trino-specific claim and leak validation; LLM reports and Query Optimizer jobs remain blocked and tracked by scripts/audit_trino_report_optimizer_safety.py until separate promotion work closes support gates |
blocked for Details/trusted reports until compact fixtures, parser/redaction tests, source bounds, browser/report safety tests, and support gates exist; isolated compact diagnosis remains experimental and below Spark support |
scripts/audit_trino_support_gap_matrix.py now records
broader_production_closure_status=bounded_production_claim_ready for the
bounded local production claim: retained-list Recent, one explicit Query ID,
raw-free materialized Details, deterministic Python Report, and optimizer
guidance. This is not Impala parity and not shared/broader Trino expansion.
Running scans, query-history crawling, product metadata collection, LLM reports,
Query Optimizer jobs, generated Trino SQL, and SQL execution remain unsupported
unless a later slice promotes one of those surfaces through its own gates.
scripts/audit_trino_production_closure_gates.py is the raw-free dev-only
consolidated gate for checking this gate list, the current Trino dev-gate
capability manifest, and retained tracking summaries from the existing
collector, representative-evidence, query-linked coverage, product-metadata,
report-optimizer, browser-report, shared-deployment, and support-gap audits,
including the collector-to-representative-evidence retained handoff linkage
when both summaries are present, with raw-free current-tracking and linkage
status in the closure summary and path-free CLI output, and with
present-but-invalid retained summaries plus invalid or missing linkage
participant summaries counted separately from missing tracking summaries. The
closure summary also records raw-free per-gate gate_tracking entries and
gate_tracking_counts for accepted, missing, invalid, and not-required tracking
inputs, while the CLI prints the matching path-free gate_tracking counts. With
all current tracking summaries accepted, it reports
bounded_production_claim_ready; without that retained summary bundle it
remains not_closed. It does not collect from Trino, execute SQL, or promote
broader/shared expansion.
| Gate | Required closure before Trino can be promoted beyond the current local lanes |
|---|---|
trino_production_collector_contracts |
Implement production coordinator/event/archive source contracts and readers for bounded read-only Trino evidence, including auth references, explicit bounds, version/source-schema gates, retry/fail-closed behavior, and no SQL execution. scripts/audit_trino_production_collector_contracts.py is the current raw-free dev-only gate for tracking existing local lanes, preview readers, contract-only sources, open blockers, per-source-requirement accepted/missing/invalid tracking, auth-reference policy, source-schema gate, retry-policy, and fail-closed policy counters aligned with the source registry, plus reader-status, reader-scope, CLI-role, capability, and forbidden-reader counts aligned with the command and capability manifests; the support-gap audit also rejects network-capable source registry entries without a safe auth reference or bounded retry policy. Optional retained representative-evidence summary handoff checks use --representative-evidence-summary-json plus --require-representative-evidence-summary; promotion-review handoff requires production_review_breadth_v1 with breadth_profile_status=ready, without reopening retained artifacts, collecting from Trino, executing SQL, or closing this gate. |
trino_representative_real_cluster_evidence |
Retain raw-free handoff suites across representative Trino version families, source schemas, connector-family categories, lifecycle states, and workload signals, with compact-readiness, product-surface, and support-gap audit summaries. scripts/audit_trino_representative_evidence.py is the current raw-free dev-only gate for aggregating already retained summary payloads, and --require-breadth-profile production_review_breadth_v1 checks required retained summary-kind mix, accepted input statuses, retained summary/evidence-unit, source-contract, source-schema, lifecycle, connector-family, source-granularity, verification-scope, and support-status counter breadth. Its summary records raw-free breadth_requirement_tracking entries and breadth_requirement_tracking_counts for accepted, insufficient, and not-required breadth requirements, while the CLI prints matching path-free summary-kind and breadth counts, without reopening raw packages, collecting from Trino, executing SQL, or closing this gate. |
trino_query_linked_fact_coverage |
Add query-linked resource-group, stage, task, split, operator, connector, OpenTelemetry/OpenMetrics/JMX, or equivalent facts only after source contracts prove linkage, bounds, redaction, and deterministic interpretation. scripts/audit_trino_query_linked_fact_coverage.py is the current raw-free dev-only gate for tracking bounded compact query-linked facts, required source contracts, operator/split/telemetry blockers, per fact/source query_linked_requirement_tracking entries and query_linked_requirement_tracking_counts for accepted, missing, and invalid requirements, plus a production_review_query_linked_v1 profile that requires resource-group/stage/task/split core families, core linkage scopes, bounded source granularities, and retained operator/split-detail/telemetry blockers. It also records operator_connector_telemetry_decision_v1, where connector metric signal is the only current bounded-supported decision and operator-level, split-detail, and JMX/OpenMetrics/OpenTelemetry linkage stay deliberate unsupported gaps until raw-free source contracts exist. The CLI prints matching path-free profile, decision, and requirement counts without collecting from Trino, executing SQL, or promoting support. |
trino_product_metadata_collection |
Build product metadata collection from explicit allowlists and Python-owned read-only statements, with identifier/value redaction, browser/report safety tests, and no broad object crawl. scripts/audit_trino_product_metadata_collection.py is the current raw-free dev-only gate for tracking the metadata allowlist contract, dev-only aggregate metadata CLI summary, local aggregate metadata summary import, adapter/product-surface blocks, identifier/raw metadata redaction, per fact/source/product-surface product_metadata_requirement_tracking entries and product_metadata_requirement_tracking_counts for accepted, missing, and invalid requirements, plus a production_review_metadata_v1 profile that requires the allowlist/source lanes, aggregate-only metadata boundary, required metadata fact namespace, bounded sources, redaction blocks, explicit metadata SQL policy, product-surface blocks, and the retained product-metadata open blocker. The CLI prints matching path-free profile and requirement counts without reading metadata, running Trino CLI, executing user SQL, adding product metadata collection, or promoting support. |
trino_report_optimizer_safety |
Promote Trino report and optimizer behavior only after deterministic Trino claim validation, leak tests, recipe/validator coverage, and explicit blocking of unsafe generated SQL or SQL execution. scripts/audit_trino_report_optimizer_safety.py is the current raw-free dev-only gate for tracking the materialized Python Report and optimizer guidance capability contracts, raw-source policy, validator sentinel rejection, blocked adapter validated reports, no LLM reports, no Query Optimizer jobs, no generated SQL, per capability/policy/validator/product-surface report_optimizer_requirement_tracking entries and report_optimizer_requirement_tracking_counts for accepted, missing, and invalid requirements, plus a production_review_report_optimizer_v1 profile that requires the report/guidance families, materialized capabilities, raw-source policy fields, validator sentinel matrix, and blocked product-surface requirements. The CLI prints matching path-free profile and requirement counts without loading cases, generating SQL, executing SQL, enabling LLM reports or Query Optimizer jobs, or promoting support. |
trino_shared_deployment_readiness |
Complete shared/non-local deployment hardening with trusted front-door identity, raw-source isolation, raw-free audit summaries, and operator-reviewed deployment evidence. scripts/audit_trino_shared_deployment_boundary.py is the current raw-free dev-only gate for tracking ignored local config shape, trusted front-door review confirmation, viewer_identity_header presence for shared Trino sources, blocked owner-raw source reveal, materialized Details/Python Report/optimizer guidance limits, unsupported shared surfaces, capability manifest shape, release-bundle wiring, and public hardening docs. Its summary records raw-free shared_deployment_requirement_tracking entries and shared_deployment_requirement_tracking_counts for accepted, missing, invalid, and not-required deployment-config/product-boundary/capability/release-gate/doc requirements, plus a production_review_shared_deployment_v1 profile that requires review families, deployment-config requirements, product-boundary requirements, capability requirements, release requirements, doc requirements, and unsupported-surface blocks. The CLI prints matching path-free profile and requirement counts without collecting from Trino, reading metadata, executing SQL, exposing raw source, or promoting broader/shared Trino production support. |
trino_browser_report_regression |
Cover every promoted Trino browser, Details, report, optimizer, error, and audit surface with raw-free regression tests for raw SQL, Query IDs, paths, URLs, object identifiers, metadata values, secrets, and runtime internals. scripts/audit_trino_browser_report_regression.py is the current raw-free dev-only gate for tracking the required Details, Python Report, optimizer guidance, error, unsupported-workflow, product-surface static-boundary, and public-claim regression tests, current materialized route capabilities, per test/route/product-surface browser_report_requirement_tracking entries and browser_report_requirement_tracking_counts for accepted, missing, and invalid requirements, plus a production_review_browser_report_v1 profile that requires regression families, test files, materialized route capabilities, raw-output blocks, unsupported-surface blocks, download regressions, and public-claim regressions. The CLI prints matching path-free profile and requirement counts without rendering pages, loading case artifacts, collecting from Trino, generating SQL, executing SQL, or closing this gate. |
trino_support_claim_update |
Update this matrix, README support wording, docs index entries, changelog, capability manifest expectations, and support-gap/product-surface audit expectations in the same slice that closes the promotion. |
Broad Trino production support is a release claim, not a synonym for automatic Impala parity. It must stay bounded, raw-free, read-only, and explicit unless a later slice deliberately promotes a surface through its own implementation, fixtures, retained raw-free evidence, documentation, and regression tests. In particular, Running scans, query-history crawling, LLM reports, Query Optimizer jobs, generated Trino SQL, and SQL execution remain unsupported unless an explicit promotion slice closes a specific gate for that surface.
Use this order for wide implementation slices. A slice may split when the diff or validation surface becomes too large, but it must not merge by weakening the gates above.
- Freeze the broad Trino production support definition and release acceptance gates in this matrix, the live-collection design, release docs, capability manifests, and closure audits without expanding current support.
- Implement production collector/source contracts for coordinator, event, and archive evidence with machine-checkable auth-reference policy, source-schema gate, retry policy, fail-closed policy, explicit bounds, and no SQL execution.
- Implement and machine-check bounded production readers for the accepted
contracts through explicit reader modules, CLI roles, capability surfaces,
and forbidden broad-reader guards, keeping query-history crawling, Running
scans, broad QueryInfo collection, raw Web UI scraping,
POST /v1/statement, andEXPLAIN ANALYZEblocked. - Retain representative raw-free real-cluster evidence suites across Trino
version families, source schemas, connector-family categories, lifecycle
states, workload signals, required summary-kind mix, and accepted retained
input statuses, with
production_review_breadth_v1ready. - Add query-linked resource-group, stage, task, and split coverage only after
source contracts prove linkage, bounds, redaction, deterministic
interpretation, and
production_review_query_linked_v1profile coverage. - Add operator, connector, OpenTelemetry, OpenMetrics, JMX, or equivalent
query-linked coverage, or record deliberate unsupported gaps when a source
cannot satisfy the raw-free linkage contract, with
operator_connector_telemetry_decision_v1tracking the current decision. - Promote product metadata collection from explicit allowlists and Python-owned
read-only statements with identifier/value redaction, no broad object crawl,
and
production_review_metadata_v1profile coverage. - Wire accepted product metadata facts into diagnosis, Details, Python Report, and optimizer guidance only after browser/report safety tests prove raw-free output.
- Decide the Trino report/optimizer support boundary: either keep LLM reports,
Query Optimizer jobs, generated SQL, and SQL execution explicitly
out-of-scope, or add separate deterministic safety gates before promoting
any of them, with
production_review_report_optimizer_v1profile coverage. - Close shared/non-local deployment readiness with trusted front-door viewer
identity, raw-source isolation, retained raw-free operator deployment
evidence, and
production_review_shared_deployment_v1profile coverage. - Run a browser/report regression sweep for every promoted Trino surface,
including errors, unsupported-workflow messaging, downloads, public support
claims, route capability registries, and
production_review_browser_report_v1profile coverage. - Perform the final support-claim update in one release slice: matrix, README, docs index, changelog, capability manifests, support-gap and product-surface audits, release checklist, and closure-gate summaries must agree for the bounded Trino production claim to stay published.
- Keep current Impala analyzer output, scoring, browser, and report behavior stable while the projection is tested.
- Keep the golden contract harness focused on shared public shape,
supported/not_observed/unknownsemantics, explicit namespace registration, and raw-free output, not on pretending the engines expose the same counters. Expand Impala projection cases before moving product consumers to normalized facts. - Use the raw-free boundary payload and consumer probe as the future consumer seam, then move one internal consumer at a time toward normalized facts only after the projection proves stable on existing Impala fixtures.
- Keep Trino limited to offline evidence package, bounded local event-store, bounded HTTP event archive, bounded HTTP query-detail archive, bounded local query-detail, bounded local query-list aggregate, bounded local statement-stats import, bounded local pruned QueryInfo import, and bounded local metadata CLI summary building, dev-only metadata CLI summary smoke round-trip, and bounded local metadata summary import plus event-source contract checks, dry-run coordinator query-info target checks, metadata source-contract checks, plus one-query pruned coordinator probes, one-query pruned coordinator fact imports, dev-only package-to-boundary handoff audit over sanitized packages, dev-only product-surface boundary audit over retained raw-free compact artifacts, dev-only support-gap matrix audit over registered fact-family coverage, source-type registry coverage, engine fact promotion-policy coverage, and adapter flags, optional product-surface summary auditing and optional retained handoff-summary checks for one-query handoff artifacts, dev-only representative-evidence audit over retained raw-free summary payloads, local compact diagnosis over raw-free boundary JSON excluding metadata summary boundaries, the isolated local compact-diagnosis page, local production web retained-list Recent over one bounded retained pruned coordinator query list plus selected pruned QueryInfo reads, the local production web One Query ID lane, the raw-free materialized Details view, deterministic Python Report, and optimizer guidance until broader Trino coordinator collection, authentication, redaction, metadata, raw-free intake, and LLM report safety contracts are designed and tested.
- Before promoting Trino beyond the Recent, One Query ID, raw-free
materialized Details, Python Report, and optimizer guidance local production surfaces, keep the closed naming
contract intact: neutral
no_*limitation facts stay the unsupported coverage idiom, Trino-only metrics stay behindtrino_*unless a separate contract change promotes a specific fact to family/shared scope, andquery_list_*bucket growth stays behind explicit contract/test review or a structured aggregate migration. - Keep Spark bounded compact support below production product support. Any next Spark slice that wants a shared or distributed-SQL-family fact ID must first update the namespace registry with an explicit scope and allowed engine set. The registered Spark adapter must stay limited to bounded compact intake, evidence-package validation/export, and compact diagnosis until broader live intake, Details/trusted report surfaces, Recent workflows, optimizer behavior, and production support claims pass the Spark promotion gates.