every.channel/evolution/proposals/ECP-0106-forge-nbc-workers-need-tmp-and-search-driven-mvpd-selection.md

ECP-0106: Forge NBC workers need /tmp and search-driven MVPD selection

Why

The forge NBC worker reached two distinct failure domains:

1. Chrome failed during early startup under the hardened wt-publish unit even though the same browser launch worked outside the systemd sandbox.
2. Once the browser launch succeeded, the MVPD picker automation could reach the provider gate but still mis-clicked broad page containers instead of the intended provider search result.

Decision

1. Allow NBC wt-publish units to write to /tmp in addition to the persistent profile and auth directories.
2. Treat the NBC MVPD picker as a search-first flow:
   • type the configured provider name
   • submit the search explicitly
   • prefer short, actionable provider-result nodes over generic container matches
3. Keep the provider name configurable through EVERY_CHANNEL_NBC_MVPD_PROVIDER, with Verizon Fios remaining the default.

Consequences

• Forge NBC workers align better with Chrome's actual startup needs under systemd hardening.
• MVPD automation becomes less likely to click the whole picker page or other non-provider chrome.
• Future provider integrations should extend the same search-first DOM strategy instead of adding brittle page-wide text matches.

Rejected Alternatives

• Disable most systemd hardening for NBC units entirely: rejected because /tmp write access is the smallest validated change that unblocks Chrome startup.
• Keep broad div and span provider scans: rejected because they can match large container nodes whose text merely happens to include the provider name.