feat(governance): 新增全產品 Code Review 防木馬 Gate
Some checks failed
Code Review / ai-code-review (push) Successful in 13s
CD Pipeline / tests (push) Successful in 1m49s
Ansible / Reboot Recovery Contract / validate (push) Has been cancelled
CD Pipeline / build-and-deploy (push) Has been cancelled
CD Pipeline / post-deploy-checks (push) Has been cancelled

This commit is contained in:
Your Name
2026-06-19 00:26:04 +08:00
parent 9ebab2db6e
commit 4a14860c60
9 changed files with 1496 additions and 0 deletions

View File

@@ -0,0 +1,370 @@
{
"schema_version": "product_code_review_gate_v1",
"generated_at": "2026-06-19T00:42:00+08:00",
"program_status": {
"overall_completion_percent": 100,
"current_priority": "P2",
"current_task_id": "P2-111",
"next_task_id": "P2-112",
"read_only_mode": true,
"runtime_authority": "repo_only_product_code_review_gate_no_external_scanner_or_write",
"status_note": "P2-111 將全產品資產台帳、Gitea code-review、供應鏈漂移、Aider 事件與 AI reviewer 分工收斂成推版前後防木馬 Gate 讀回;本輪不啟用外部掃描、不改 workflow、不 auto-merge、不部署、不讀 secret。"
},
"source_refs": [
"apps/api/src/services/platform_operator_service.py",
".gitea/workflows/code-review.yaml",
"scripts/ci_code_review.py",
"apps/api/src/services/local_code_review_service.py",
"apps/api/src/services/aider_event_service.py",
"docs/evaluations/package_supply_chain_inventory_2026-06-04.json",
"docs/evaluations/dependency_supply_chain_drift_monitor_2026-06-18.json"
],
"rollups": {
"product_scope_count": 16,
"public_route_count_minimum": 31,
"source_candidate_repo_count": 10,
"pre_deploy_gate_count": 8,
"post_deploy_gate_count": 6,
"ai_reviewer_count": 5,
"mainstream_tool_count": 9,
"owner_review_required_count": 9,
"critical_gap_count": 6,
"blocked_operation_count": 17,
"active_write_gate_count": 0,
"action_button_count": 0
},
"pre_deploy_gates": [
{
"gate_id": "gitea_deterministic_diff_review",
"label": "Gitea deterministic diff review",
"coverage": "active_current_repo",
"status": "wired",
"owner_agent": "hermes",
"evidence_refs": [".gitea/workflows/code-review.yaml", "scripts/ci_code_review.py"],
"current_gap": "目前主要覆蓋 AWOOOI main push尚未擴成所有產品的必經 pre-deploy Gate。",
"next_action": "將所有產品來源範圍映射到同一份 gate packet阻擋未審查 deploy。"
},
{
"gate_id": "secret_pattern_guard",
"label": "Secret / token diff guard",
"coverage": "active_current_repo",
"status": "wired",
"owner_agent": "openclaw",
"evidence_refs": ["scripts/ci_code_review.py", "scripts/ci/check-gitea-step-env-secrets.js"],
"current_gap": "已做 diff pattern 與 workflow secret surface guard缺 full-history gitleaks lane。",
"next_action": "新增 gitleaks approval packet未批准前只呈現工具候選不執行全史掃描。"
},
{
"gate_id": "high_risk_operation_guard",
"label": "Destructive operation guard",
"coverage": "active_current_repo",
"status": "wired",
"owner_agent": "elephant_alpha",
"evidence_refs": ["scripts/ci_code_review.py", "docs/HARD_RULES.md"],
"current_gap": "只抓高風險字串,不足以判斷資料流、權限升級或木馬行為。",
"next_action": "接 Semgrep / CodeQL candidate並由 ElephantAlpha 做高風險人工 review packet。"
},
{
"gate_id": "supply_chain_drift_gate",
"label": "Dependency / supply-chain drift",
"coverage": "repo_only_snapshot",
"status": "wired",
"owner_agent": "openclaw",
"evidence_refs": ["docs/evaluations/dependency_supply_chain_drift_monitor_2026-06-18.json"],
"current_gap": "OSV / Trivy / registry / license lookup 尚未批准,不能宣稱已抓到所有 CVE。",
"next_action": "建立 external scanner activation owner packet 與 no-write schedule gate。"
},
{
"gate_id": "container_iac_gate",
"label": "Container / IaC review",
"coverage": "repo_only_snapshot",
"status": "partial",
"owner_agent": "nemotron",
"evidence_refs": ["docs/evaluations/package_supply_chain_inventory_2026-06-04.json"],
"current_gap": "Docker digest、checksum、K8s/IaC policy 仍是 read-only gap。",
"next_action": "接 Trivy / Checkov candidate 與 digest pin approval packet。"
},
{
"gate_id": "aider_patch_boundary",
"label": "Aider patch boundary",
"coverage": "event_intake_present",
"status": "candidate_only",
"owner_agent": "aider",
"evidence_refs": ["apps/api/src/api/v1/aider_events.py", "apps/api/src/services/aider_event_service.py"],
"current_gap": "Aider 事件可進 Redis stream / Incident但尚未接成 code-review 修補批准包。",
"next_action": "Aider 只作 approved patch executor輸出 diff、test receipt、rollback note不得 auto-merge。"
},
{
"gate_id": "ai_reviewer_consensus",
"label": "AI reviewer consensus",
"coverage": "agent_contract_defined",
"status": "partial",
"owner_agent": "openclaw",
"evidence_refs": ["apps/api/src/services/local_code_review_service.py", "docs/superpowers/specs/2026-04-15-MASTER-ai-autonomous-flywheel-v2.md"],
"current_gap": "現有 LLM review 可用於 PR / push 摘要,但沒有多模型交叉 reviewer scorecard。",
"next_action": "建立 Hermes / OpenClaw / ElephantAlpha / NemoTron / Aider 分工與 scorecard readback。"
},
{
"gate_id": "human_owner_gate",
"label": "Owner review / CODEOWNERS gate",
"coverage": "policy_required",
"status": "gap",
"owner_agent": "elephant_alpha",
"evidence_refs": ["docs/HARD_RULES.md", "docs/security/S4-9-REVIEWER-VALIDATION-CHECKLIST.md"],
"current_gap": "高風險產品與跨產品修改尚未有統一 CODEOWNERS / owner response 阻擋。",
"next_action": "建立 all-products CODEOWNERS / owner lane proposal不直接修改 workflow。"
}
],
"post_deploy_gates": [
{
"gate_id": "deploy_marker_readback",
"label": "Deploy marker readback",
"coverage": "active_current_repo",
"status": "wired",
"owner_agent": "hermes",
"evidence_refs": ["docs/LOGBOOK.md"],
"current_gap": "目前主要靠人工回填與 smoke 紀錄,尚未自動串回每個產品 release gate。",
"next_action": "把 deploy marker、image revision、route smoke 寫入 product release receipt read model。"
},
{
"gate_id": "production_route_smoke",
"label": "Production route smoke",
"coverage": "active_current_repo",
"status": "wired",
"owner_agent": "nemotron",
"evidence_refs": [".gitea/workflows/cd.yaml", "docs/LOGBOOK.md"],
"current_gap": "AWOOOI routes 有 post-deploy smoke其他產品尚未統一納入。",
"next_action": "以 Tenants public routes 產生 smoke matrix成功安靜、失敗進 AwoooI SRE 戰情室。"
},
{
"gate_id": "artifact_provenance",
"label": "Artifact provenance / signing",
"coverage": "candidate",
"status": "gap",
"owner_agent": "openclaw",
"evidence_refs": ["docs/evaluations/dependency_supply_chain_drift_monitor_2026-06-18.json"],
"current_gap": "尚未有 SLSA provenance、Sigstore / cosign image signing 與 verification readback。",
"next_action": "建立 signing / provenance activation approval packet未批准前不推 registry 或改 deploy。"
},
{
"gate_id": "rollback_verifier",
"label": "Rollback / verifier receipt",
"coverage": "policy_required",
"status": "partial",
"owner_agent": "elephant_alpha",
"evidence_refs": ["docs/HARD_RULES.md"],
"current_gap": "部分部署有 smoke但缺統一 rollback owner、verifier plan 與 fail-close 判定。",
"next_action": "把 rollback owner、verifier plan、post-check receipt 做成必填 gate。"
},
{
"gate_id": "runtime_anomaly_watch",
"label": "Runtime anomaly watch",
"coverage": "observability_candidate",
"status": "partial",
"owner_agent": "hermes",
"evidence_refs": ["docs/evaluations/ai_agent_report_no_write_analysis_runtime_2026-06-18.json"],
"current_gap": "告警、報表與 code-review 尚未用同一個 release fingerprint 關聯。",
"next_action": "把 release fingerprint 關聯到 incident、Sentry、SigNoz、K8s 與 SRE digest。"
},
{
"gate_id": "learning_writeback",
"label": "KM / PlayBook writeback",
"coverage": "candidate",
"status": "gap",
"owner_agent": "hermes",
"evidence_refs": ["docs/superpowers/specs/2026-04-15-MASTER-ai-autonomous-flywheel-v2.md"],
"current_gap": "Code Review 結果還沒有完整回寫 KM / PlayBook trust / reviewer scorecard。",
"next_action": "建立 code-review finding -> work item -> fix receipt -> KM / PlayBook trust 的 writeback gate。"
}
],
"ai_reviewer_lanes": [
{
"agent_id": "hermes",
"label": "Hermes",
"role": "證據整理、產品資產與 KM / 報表沉澱",
"allowed_output": "readback packet, KM draft, report digest draft",
"write_allowed": false
},
{
"agent_id": "openclaw",
"label": "OpenClaw",
"role": "風險仲裁、供應鏈 Gate、owner packet 編排",
"allowed_output": "risk verdict, owner gate, policy decision packet",
"write_allowed": false
},
{
"agent_id": "elephant_alpha",
"label": "ElephantAlpha",
"role": "高風險與防木馬 read-only reviewer",
"allowed_output": "security review finding, high-risk hold, rollback requirement",
"write_allowed": false
},
{
"agent_id": "nemotron",
"label": "NemoTron",
"role": "長任務回放、供應鏈版本與 post-deploy verifier",
"allowed_output": "replay scorecard, smoke matrix, drift comparison",
"write_allowed": false
},
{
"agent_id": "aider",
"label": "Aider",
"role": "批准後的 patch pair-programmer不作審批者",
"allowed_output": "draft patch, lint/test receipt, rollback note",
"write_allowed": false
}
],
"mainstream_tool_lanes": [
{
"tool_id": "codeql",
"label": "CodeQL",
"category": "semantic_sast",
"source_url": "https://docs.github.com/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning-with-codeql",
"integration_status": "candidate_owner_approval_required",
"recommended_role": "跨語言語意分析與高風險資料流審查",
"blocked_now": ["enable workflow", "upload alerts"]
},
{
"tool_id": "semgrep",
"label": "Semgrep",
"category": "sast_policy",
"source_url": "https://semgrep.dev/docs/semgrep-code/overview",
"integration_status": "candidate_owner_approval_required",
"recommended_role": "快速規則化 SAST、框架風險與組織 policy guard",
"blocked_now": ["install scanner", "network rule fetch"]
},
{
"tool_id": "gitleaks",
"label": "Gitleaks",
"category": "secret_scanning",
"source_url": "https://gitleaks.io/",
"integration_status": "candidate_owner_approval_required",
"recommended_role": "repo / diff / history secret scanning",
"blocked_now": ["full-history scan", "write report artifact"]
},
{
"tool_id": "osv_scanner",
"label": "OSV-Scanner",
"category": "dependency_vulnerability",
"source_url": "https://google.github.io/osv-scanner/",
"integration_status": "candidate_owner_approval_required",
"recommended_role": "dependency manifest / lockfile vulnerability matching",
"blocked_now": ["external vulnerability lookup"]
},
{
"tool_id": "trivy",
"label": "Trivy",
"category": "container_iac_vulnerability",
"source_url": "https://trivy.dev/",
"integration_status": "candidate_owner_approval_required",
"recommended_role": "container image、filesystem、IaC 與 secret scan",
"blocked_now": ["image pull", "external DB update"]
},
{
"tool_id": "openssf_scorecard",
"label": "OpenSSF Scorecard",
"category": "repo_security_posture",
"source_url": "https://scorecard.dev/",
"integration_status": "candidate_owner_approval_required",
"recommended_role": "repository security posture / branch / token / CI hygiene score",
"blocked_now": ["external repo metadata lookup"]
},
{
"tool_id": "slsa",
"label": "SLSA",
"category": "provenance_framework",
"source_url": "https://slsa.dev/",
"integration_status": "candidate_owner_approval_required",
"recommended_role": "build provenance 與 artifact integrity framework",
"blocked_now": ["provenance emission", "workflow write"]
},
{
"tool_id": "sigstore_cosign",
"label": "Sigstore / cosign",
"category": "artifact_signing",
"source_url": "https://www.sigstore.dev/",
"integration_status": "candidate_owner_approval_required",
"recommended_role": "container / artifact signing and verification",
"blocked_now": ["keyless signing", "registry write"]
},
{
"tool_id": "coderabbit_or_snyk",
"label": "CodeRabbit / Snyk",
"category": "ai_appsec_platform",
"source_url": "https://docs.coderabbit.ai/",
"integration_status": "paid_or_external_candidate_owner_approval_required",
"recommended_role": "PR AI review、SCA、container / IaC 風險與 developer workflow",
"blocked_now": ["paid external service", "repo app install"]
}
],
"decision_matrix": [
{
"risk_lane": "low_ui_or_docs",
"reviewer": "Hermes + deterministic guard",
"aider_role": "可在批准後起草 patch",
"required_gate": "owner_scope_confirmed",
"post_deploy": "route smoke + screenshot"
},
{
"risk_lane": "medium_application_logic",
"reviewer": "OpenClaw + ElephantAlpha",
"aider_role": "只產 patch 與 test receipt",
"required_gate": "manual_approval_and_rollback_note",
"post_deploy": "API / UI smoke + incident watch"
},
{
"risk_lane": "high_security_supply_chain",
"reviewer": "ElephantAlpha + OpenClaw + NemoTron replay",
"aider_role": "預設禁用,除非單項批准",
"required_gate": "owner_response + security_acceptance + verifier_plan",
"post_deploy": "deploy marker + provenance / verifier receipt"
},
{
"risk_lane": "critical_runtime_or_secret",
"reviewer": "ElephantAlpha hold",
"aider_role": "禁止",
"required_gate": "break_glass_or_formal_change_window",
"post_deploy": "rollback owner + audit evidence + SRE digest"
}
],
"gate_boundaries": {
"read_only_api_allowed": true,
"workflow_write_allowed": false,
"external_scanner_activation_allowed": false,
"paid_ai_review_allowed": false,
"repo_app_install_allowed": false,
"auto_merge_allowed": false,
"production_deploy_authorized": false,
"aider_auto_patch_allowed": false,
"elephantalpha_write_allowed": false,
"secret_read_allowed": false,
"post_deploy_write_allowed": false,
"runtime_execution_allowed": false,
"telegram_send_allowed": false,
"gateway_queue_write_allowed": false,
"host_probe_allowed": false,
"registry_push_allowed": false,
"artifact_signing_allowed": false,
"action_buttons_allowed": false
},
"next_actions": [
{
"task_id": "P2-112",
"priority": "P1",
"summary": "把 product_code_review_gate 接到 Gitea workflow pre-deploy policy readback高風險先 fail-close低風險仍需 reviewer receipt。",
"gate": "workflow_change_owner_approval_required"
},
{
"task_id": "P2-113",
"priority": "P1",
"summary": "建立 post-deploy release receiptdeploy marker、image revision、product route smoke、rollback owner、verifier receipt。",
"gate": "read_only_release_receipt_first"
},
{
"task_id": "P2-114",
"priority": "P1",
"summary": "設計外部 scanner 啟用批准包CodeQL、Semgrep、Gitleaks、OSV、Trivy、OpenSSF、SLSA、Sigstore。",
"gate": "cost_and_external_lookup_approval_required"
}
]
}

View File

@@ -0,0 +1,175 @@
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "urn:awoooi:product-code-review-gate-v1",
"title": "AWOOOI product code review gate v1",
"description": "全產品推版前後 Code Review / 防木馬 Gate 只讀讀回。此 schema 不授權外部 scanner 啟用、workflow 寫入、auto merge、production deploy、Aider 自動 patch、secret 讀取、host probe、registry push、artifact signing、Telegram 實發或 Gateway queue write。",
"type": "object",
"required": [
"schema_version",
"generated_at",
"program_status",
"source_refs",
"rollups",
"pre_deploy_gates",
"post_deploy_gates",
"ai_reviewer_lanes",
"mainstream_tool_lanes",
"decision_matrix",
"gate_boundaries",
"next_actions"
],
"properties": {
"schema_version": { "type": "string", "const": "product_code_review_gate_v1" },
"generated_at": { "type": "string", "minLength": 1 },
"program_status": {
"type": "object",
"required": [
"overall_completion_percent",
"current_priority",
"current_task_id",
"next_task_id",
"read_only_mode",
"runtime_authority",
"status_note"
],
"properties": {
"overall_completion_percent": { "type": "integer", "minimum": 0, "maximum": 100 },
"current_priority": { "type": "string", "enum": ["P0", "P1", "P2", "P3"] },
"current_task_id": { "type": "string", "const": "P2-111" },
"next_task_id": { "type": "string", "minLength": 1 },
"read_only_mode": { "type": "boolean", "const": true },
"runtime_authority": { "type": "string", "minLength": 1 },
"status_note": { "type": "string", "minLength": 1 }
},
"additionalProperties": false
},
"source_refs": {
"type": "array",
"minItems": 1,
"items": { "type": "string", "minLength": 1 }
},
"rollups": {
"type": "object",
"required": [
"product_scope_count",
"public_route_count_minimum",
"source_candidate_repo_count",
"pre_deploy_gate_count",
"post_deploy_gate_count",
"ai_reviewer_count",
"mainstream_tool_count",
"owner_review_required_count",
"critical_gap_count",
"blocked_operation_count",
"active_write_gate_count",
"action_button_count"
],
"additionalProperties": { "type": "integer" }
},
"pre_deploy_gates": { "$ref": "#/$defs/gateArray" },
"post_deploy_gates": { "$ref": "#/$defs/gateArray" },
"ai_reviewer_lanes": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"required": ["agent_id", "label", "role", "allowed_output", "write_allowed"],
"properties": {
"agent_id": { "type": "string", "minLength": 1 },
"label": { "type": "string", "minLength": 1 },
"role": { "type": "string", "minLength": 1 },
"allowed_output": { "type": "string", "minLength": 1 },
"write_allowed": { "type": "boolean", "const": false }
},
"additionalProperties": false
}
},
"mainstream_tool_lanes": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"required": [
"tool_id",
"label",
"category",
"source_url",
"integration_status",
"recommended_role",
"blocked_now"
],
"properties": {
"tool_id": { "type": "string", "minLength": 1 },
"label": { "type": "string", "minLength": 1 },
"category": { "type": "string", "minLength": 1 },
"source_url": { "type": "string", "minLength": 1 },
"integration_status": { "type": "string", "minLength": 1 },
"recommended_role": { "type": "string", "minLength": 1 },
"blocked_now": {
"type": "array",
"items": { "type": "string", "minLength": 1 }
}
},
"additionalProperties": false
}
},
"decision_matrix": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"required": ["risk_lane", "reviewer", "aider_role", "required_gate", "post_deploy"],
"additionalProperties": { "type": "string" }
}
},
"gate_boundaries": {
"type": "object",
"required": ["read_only_api_allowed"],
"additionalProperties": { "type": "boolean" }
},
"next_actions": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"required": ["task_id", "priority", "summary", "gate"],
"additionalProperties": { "type": "string" }
}
}
},
"$defs": {
"gateArray": {
"type": "array",
"minItems": 1,
"items": {
"type": "object",
"required": [
"gate_id",
"label",
"coverage",
"status",
"owner_agent",
"evidence_refs",
"current_gap",
"next_action"
],
"properties": {
"gate_id": { "type": "string", "minLength": 1 },
"label": { "type": "string", "minLength": 1 },
"coverage": { "type": "string", "minLength": 1 },
"status": { "type": "string", "minLength": 1 },
"owner_agent": { "type": "string", "minLength": 1 },
"evidence_refs": {
"type": "array",
"minItems": 1,
"items": { "type": "string", "minLength": 1 }
},
"current_gap": { "type": "string", "minLength": 1 },
"next_action": { "type": "string", "minLength": 1 }
},
"additionalProperties": false
}
}
},
"additionalProperties": true
}