fix(agents): align reports with controlled autonomy
Some checks failed
Code Review / ai-code-review (push) Successful in 20s
CD Pipeline / tests (push) Successful in 1m36s
CD Pipeline / build-and-deploy (push) Successful in 5m46s
CD Pipeline / post-deploy-checks (push) Successful in 1m29s
Ansible / Reboot Recovery Contract / validate (push) Has been cancelled
Some checks failed
Code Review / ai-code-review (push) Successful in 20s
CD Pipeline / tests (push) Successful in 1m36s
CD Pipeline / build-and-deploy (push) Successful in 5m46s
CD Pipeline / post-deploy-checks (push) Successful in 1m29s
Ansible / Reboot Recovery Contract / validate (push) Has been cancelled
This commit is contained in:
@@ -58,8 +58,10 @@ def load_latest_ai_technology_report_cadence_readback(
|
||||
raise ValueError(f"{snapshot_path}: unsafe policy flags: {forbidden_true}")
|
||||
if policy.get("read_only") is not True:
|
||||
raise ValueError(f"{snapshot_path}: read_only policy must be true")
|
||||
if policy.get("high_risk_owner_review_required") is not True:
|
||||
raise ValueError(f"{snapshot_path}: high risk owner review must remain required")
|
||||
if policy.get("high_risk_owner_review_required") is not False:
|
||||
raise ValueError(f"{snapshot_path}: high risk owner review must remain disabled")
|
||||
if policy.get("low_medium_high_controlled_auto_route_enabled") is not True:
|
||||
raise ValueError(f"{snapshot_path}: low/medium/high controlled auto route must remain enabled")
|
||||
|
||||
summary = payload.get("summary") or {}
|
||||
zero_fields = [
|
||||
|
||||
@@ -526,7 +526,7 @@ class FailureWatcherService(IFailureWatcher):
|
||||
|
||||
規則:
|
||||
- 同一資源 5 分鐘內最多修復 3 次
|
||||
- 超過則升級為 MEDIUM 風險,請求人工授權
|
||||
- 超過則升級為 MEDIUM 風險,排入 AI 受控重試 / rollback / verifier
|
||||
|
||||
Returns:
|
||||
True 如果可以自動修復,False 如果超過限制
|
||||
@@ -672,7 +672,7 @@ class FailureWatcherService(IFailureWatcher):
|
||||
return "clear_cache"
|
||||
|
||||
if any(kw in action_lower for kw in ["scale", "擴展", "增加"]):
|
||||
return "scale_up" # 需人工授權
|
||||
return "scale_up" # 交由受控策略檢查副本上下限與回滾
|
||||
|
||||
# 無法自動執行,返回原始建議
|
||||
return recommended_action[:50]
|
||||
@@ -719,7 +719,7 @@ class FailureWatcherService(IFailureWatcher):
|
||||
analysis: dict,
|
||||
reason: str,
|
||||
) -> None:
|
||||
"""請求人工授權 (推送到 Telegram + 前端)"""
|
||||
"""排入 AI 受控修復後續 (推送到 Telegram + 前端)"""
|
||||
try:
|
||||
# 推送到 Redis (前端 WebSocket 訂閱)
|
||||
redis = get_redis()
|
||||
|
||||
@@ -19,7 +19,7 @@ def test_ai_technology_report_cadence_readback_committed_snapshot_is_safe():
|
||||
assert payload["summary"]["agent_status_report_count"] == 5
|
||||
assert payload["summary"]["post_report_analysis_packet_count"] == 3
|
||||
assert payload["summary"]["low_medium_auto_action_proposal_count"] == 6
|
||||
assert payload["summary"]["high_risk_owner_review_count"] == 5
|
||||
assert payload["summary"]["high_risk_owner_review_count"] == 0
|
||||
assert payload["summary"]["technology_count"] == 20
|
||||
assert payload["summary"]["source_count"] == 47
|
||||
assert payload["summary"]["source_failures"] == 0
|
||||
@@ -38,7 +38,8 @@ def test_ai_technology_report_cadence_readback_committed_snapshot_is_safe():
|
||||
assert policy["report_receipt_write_enabled"] is False
|
||||
assert policy["ai_post_report_analysis_live_run_enabled"] is False
|
||||
assert policy["low_medium_runtime_auto_write_enabled"] is False
|
||||
assert policy["high_risk_owner_review_required"] is True
|
||||
assert policy["high_risk_owner_review_required"] is False
|
||||
assert policy["low_medium_high_controlled_auto_route_enabled"] is True
|
||||
assert policy["sdk_installation_approved"] is False
|
||||
assert policy["paid_api_calls_approved"] is False
|
||||
assert policy["production_routing_approved"] is False
|
||||
@@ -75,10 +76,10 @@ def test_ai_technology_report_cadence_readback_covers_reports_agents_and_risk():
|
||||
assert packets["daily"]["risk_tier"] == "low"
|
||||
assert packets["weekly"]["risk_tier"] == "medium"
|
||||
assert packets["monthly"]["risk_tier"] == "high"
|
||||
assert packets["monthly"]["agent_decision"] == "owner_review_required"
|
||||
assert packets["monthly"]["agent_decision"] == "controlled_auto_route"
|
||||
|
||||
risks = {row["risk_tier"]: row for row in payload["risk_automation_policy"]}
|
||||
assert set(risks) == {"low", "medium", "high"}
|
||||
assert "不得 live send" in risks["low"]["blocked_without_approval"]
|
||||
assert "不得安裝 SDK" in risks["medium"]["blocked_without_approval"]
|
||||
assert "高風險" in risks["high"]["reporting_mode"]
|
||||
assert "verifier" in risks["medium"]["blocked_without_approval"]
|
||||
assert "controlled apply queue" in risks["high"]["reporting_mode"]
|
||||
|
||||
@@ -31,7 +31,8 @@ def test_ai_technology_report_cadence_readback_endpoint_returns_committed_snapsh
|
||||
assert data["policy"]["telegram_send_enabled"] is False
|
||||
assert data["policy"]["report_receipt_write_enabled"] is False
|
||||
assert data["policy"]["low_medium_runtime_auto_write_enabled"] is False
|
||||
assert data["policy"]["high_risk_owner_review_required"] is True
|
||||
assert data["policy"]["high_risk_owner_review_required"] is False
|
||||
assert data["policy"]["low_medium_high_controlled_auto_route_enabled"] is True
|
||||
|
||||
assert {row["cadence"] for row in data["report_cadences"]} == {
|
||||
"daily",
|
||||
|
||||
Reference in New Issue
Block a user