From 53190e640f03eb80549e5c90cfba532adb77b14a Mon Sep 17 00:00:00 2001 From: Your Name Date: Mon, 18 May 2026 08:52:21 +0800 Subject: [PATCH] docs(security): record mirror dry run local validation --- docs/LOGBOOK.md | 15 +++++ .../security_mirror_dry_run_v1.schema.json | 63 +++++++++++++++++++ ...WOOOP-MIRROR-ONLY-CONSUMPTION-CHECKLIST.md | 4 +- docs/security/SECURITY-MIRROR-DRY-RUN.md | 15 +++++ .../security/SECURITY-MIRROR-STATUS-ROLLUP.md | 2 +- .../SECURITY-SUPPLY-CHAIN-PROGRESS.md | 2 +- .../security-mirror-dry-run.snapshot.json | 17 +++++ .../security-mirror-progress-guard.py | 10 +++ 8 files changed, 124 insertions(+), 4 deletions(-) diff --git a/docs/LOGBOOK.md b/docs/LOGBOOK.md index e17b9a4c8..ea6f2a1cc 100644 --- a/docs/LOGBOOK.md +++ b/docs/LOGBOOK.md @@ -1,3 +1,18 @@ +## 2026-05-18 | 資安供應鏈 S2.6:Dry-run 最新本機只讀驗證 + +**背景**:S2.6 已把 `CHECK_PROGRESS_GUARD` 納入 dry-run steps;本輪補上 `latest_local_validation`,讓 AwoooP 能區分「repo snapshot guard 已通過」與「production ingestion 尚未啟用」。 + +**完成**: +- `security_mirror_dry_run_v1` schema 新增 optional `latest_local_validation` 欄位。 +- `security-mirror-dry-run.snapshot.json` 記錄 2026-05-18 本機只讀驗證:`repo_snapshot_guard_pass`、`SECURITY_MIRROR_PROGRESS_GUARD_OK`、`production_ingestion_enabled=false`。 +- `security-mirror-progress-guard.py` 增加 `latest_local_validation` assertions。 +- 更新 dry-run、AwoooP checklist、status rollup 與 progress 文件,明確指出本機 guard 通過不等於 AwoooP production ingestion。 + +**仍禁止**: +- 不把 `repo_snapshot_guard_pass` 當成 production ingestion。 +- 不啟動 Kali scan、不呼叫 `/execute`、不建立 GitHub repo、不 sync refs、不切 GitHub primary、不修改 workflow / secret / runner。 +- 不新增 action button。 + ## 2026-05-18 | 資安供應鏈 S2.6:Dry-run 納入 Progress Guard **背景**:Progress Guard 已能確認 58% 進度估算不是執行授權;本輪把它納入 AwoooP mirror dry-run 契約,讓另一個 Session 未來演練接入時不會只看 contract count,也會檢查進度估算、runtime gate、payload ingestion 與 GitHub primary 都仍未授權。 diff --git a/docs/schemas/security_mirror_dry_run_v1.schema.json b/docs/schemas/security_mirror_dry_run_v1.schema.json index 8a087953a..87e95cd36 100644 --- a/docs/schemas/security_mirror_dry_run_v1.schema.json +++ b/docs/schemas/security_mirror_dry_run_v1.schema.json @@ -139,6 +139,69 @@ "additionalProperties": false } }, + "latest_local_validation": { + "type": "object", + "description": "本機 snapshot-only guard 的最近一次驗證結果;此欄位不代表 AwoooP production ingestion 已執行。", + "required": [ + "status", + "date", + "scope", + "command", + "result", + "validated_steps", + "runtime_actions_executed", + "payloads_ingested", + "production_ingestion_enabled", + "not_authorization" + ], + "properties": { + "status": { + "type": "string", + "enum": [ + "repo_snapshot_guard_pass", + "repo_snapshot_guard_warn", + "repo_snapshot_guard_blocked" + ] + }, + "date": { + "type": "string" + }, + "scope": { + "type": "string", + "enum": ["repo_snapshot_only"] + }, + "command": { + "type": "string" + }, + "result": { + "type": "string" + }, + "validated_steps": { + "type": "array", + "items": { + "type": "string" + }, + "minItems": 1 + }, + "runtime_actions_executed": { + "type": "boolean", + "const": false + }, + "payloads_ingested": { + "type": "boolean", + "const": false + }, + "production_ingestion_enabled": { + "type": "boolean", + "const": false + }, + "not_authorization": { + "type": "boolean", + "const": true + } + }, + "additionalProperties": false + }, "forbidden_actions": { "type": "array", "items": { diff --git a/docs/security/AWOOOP-MIRROR-ONLY-CONSUMPTION-CHECKLIST.md b/docs/security/AWOOOP-MIRROR-ONLY-CONSUMPTION-CHECKLIST.md index f418533db..ff50aacd8 100644 --- a/docs/security/AWOOOP-MIRROR-ONLY-CONSUMPTION-CHECKLIST.md +++ b/docs/security/AWOOOP-MIRROR-ONLY-CONSUMPTION-CHECKLIST.md @@ -40,7 +40,7 @@ AwoooP 初期不得直接啟動掃描、不得呼叫 Codex patch runner、不得 | `security_mirror_route_v1` | AwoooP 鏡像路由矩陣 | Operator Console、Runtime State、Channel Event、Audit、Approval Queue | mirror-only | 只決定目的地、channel policy 與 review lane,不作 execution router | | `security_mirror_acceptance_v1` | AwoooP 鏡像驗收契約 | Operator Console、Runtime State、Audit | mirror-only | 只驗收 contract count、event envelope、route coverage、redaction、progress estimate guard;不作 runtime blocker | | `security_mirror_quarantine_v1` | AwoooP 鏡像隔離契約 | Operator Console、Audit | mirror-only | 只隔離驗收失敗 payload、顯示 recovery request 與 retry gate;不作 runtime blocker | -| `security_mirror_dry_run_v1` | AwoooP 鏡像 dry-run 報告契約 | Operator Console、Audit | mirror-only | 只回報接入演練結果,且必須包含 progress guard;不得轉成 production ingestion | +| `security_mirror_dry_run_v1` | AwoooP 鏡像 dry-run 報告契約 | Operator Console、Audit | mirror-only | 只回報接入演練結果,且必須包含 progress guard 與 latest local validation;不得轉成 production ingestion | | `security_mirror_status_rollup_v1` | AwoooP 鏡像狀態彙整契約 | Operator Console、Runtime State、Audit | mirror-only | 只顯示階段狀態、58% 進度估算、下一個 gate 與禁止事項;不得視為 runtime authorization | | `source_control_owner_response_validation_rollup_v1` | S4.9 / S4.10 / S4.11 / S4.12 owner response validation rollup | Operator Console、Source-control review、Audit | mirror-only | 只顯示四包 response packets、22 個 templates、10 個 cross-packet checks 與 quarantine rules;不得視為 approval 或 runtime gate | | `coding_task_v1` | Code Review / Codex Security / manual review | Approval candidate、Channel Event、Audit | suggest-only | 不自動開 patch runner、不自動 merge | @@ -110,7 +110,7 @@ AwoooP 初期不得直接啟動掃描、不得呼叫 Codex patch runner、不得 | `security_mirror_route_v1.status=draft` | `observe` | 顯示 5 個 route groups、channel policy 與 review lane;不得轉成 execution router | | `security_mirror_acceptance_v1.status=draft` | `observe` | 顯示 8 個 acceptance checks,其中 progress estimate guard 必須確認 58% 不是執行授權;只可驗收鏡像資料,不得阻擋 runtime | | `security_mirror_quarantine_v1.status=draft` | `observe` | 顯示 5 個 quarantine lanes、recovery request 與 retry gate;不得自動重試失敗 payload | -| `security_mirror_dry_run_v1.dry_run_status=contract_defined_not_executed` | `observe` | 顯示 7 個 dry-run steps,其中 `CHECK_PROGRESS_GUARD` 必須維持 58% 不是執行授權;不得視為 production ingestion 已啟用 | +| `security_mirror_dry_run_v1.dry_run_status=contract_defined_not_executed` | `observe` | 顯示 7 個 dry-run steps 與 `latest_local_validation.status=repo_snapshot_guard_pass`;`CHECK_PROGRESS_GUARD` 必須維持 58% 不是執行授權,不得視為 production ingestion 已啟用 | | `security_mirror_status_rollup_v1.rollup_status=framework_ready_waiting_approval` | `observe` | 顯示 S0-S4 階段、58% 進度估算、approval queue summary 與下一個 gate;不得新增 execution action | | `source_control_owner_response_validation_rollup_v1.status=draft_waiting_owner_responses` | `observe` | 顯示四包 owner response packets、22 個 templates、received / accepted / rejected 皆為 0;不得當成 approval 或 execution authorization | | `coding_task_v1.risk=LOW|MEDIUM` | `warn` | 可排入 Codex patch-only backlog | diff --git a/docs/security/SECURITY-MIRROR-DRY-RUN.md b/docs/security/SECURITY-MIRROR-DRY-RUN.md index cb9dbeffb..cdec42cba 100644 --- a/docs/security/SECURITY-MIRROR-DRY-RUN.md +++ b/docs/security/SECURITY-MIRROR-DRY-RUN.md @@ -35,6 +35,21 @@ python3 scripts/security/security-mirror-progress-guard.py 此指令只讀 committed snapshots,確認 dry-run 仍維持 `runtime_actions_executed=false` 與 `payloads_ingested=false`。 +## 1.1 最新本機只讀驗證 + +| 項目 | 結果 | +|------|------| +| 日期 | 2026-05-18 | +| 範圍 | `repo_snapshot_only` | +| 指令 | `python3 scripts/security/security-mirror-progress-guard.py` | +| 結果 | `SECURITY_MIRROR_PROGRESS_GUARD_OK` | +| dry-run 狀態 | `contract_defined_not_executed` | +| production ingestion | `false` | +| runtime actions | `false` | +| payload ingestion | `false` | + +這表示 repo 內 committed snapshots 的只讀 guard 已通過;不表示 AwoooP production ingestion 已啟用,也不授權任何 scan、execute、repo、refs、workflow、secret、runner 或 primary 動作。 + ## 2. AwoooP 可做 1. 顯示 dry-run 報告。 diff --git a/docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md b/docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md index 5dbe34290..983ad1b5e 100644 --- a/docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md +++ b/docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md @@ -32,7 +32,7 @@ | GitHub primary rollback ADR | S4.4 已建立;7 個 in-scope rollback drafts、0 個 owner approved、0 個 dry-run completed、0 個 active cutover | | Gitea inventory | S4.5 已補認證清冊匯出請求;S4.6 已補匯入驗收契約;S4.7 已補 owner coverage attestation;S4.8 已把既有 Gitea queue/gate/review packet/follow-up gate 對齊 attestation 先行;S4.9 已補 owner response 收件包;目前 status=`partial_waiting_authenticated_inventory`、未認證公開範圍 repos 2 個、本機可見 Gitea unique repos 4 個、匯出來源選項 2 類、匯入驗收 payload 0 筆、owner attestation items 5 個、收到 attestation 0 筆、owner response 0 筆、敏感 payload 必須隔離、允許收集 token value=false | | Workflow / secret name inventory | S4.1 已建立;S4.2 補 4 個 repos、31 個 workflow files、43 個 referenced secret names 的 local evidence;S4.3 補 7 個 repos、5 類 lanes 的 redacted export request;S4.12 補 5 個 owner response templates;0 個 inventory complete、禁止收集 secret value、禁止 write token | -| Dry-run | `contract_defined_not_executed`;已納入 `CHECK_PROGRESS_GUARD`,仍不代表 production ingestion | +| Dry-run | `contract_defined_not_executed`;已納入 `CHECK_PROGRESS_GUARD`,latest local validation 為 `repo_snapshot_guard_pass`,仍不代表 production ingestion | | Runtime actions | `false` | | Payload ingestion | `false` | diff --git a/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md b/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md index 09ba6525e..81fbeae3e 100644 --- a/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md +++ b/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md @@ -46,7 +46,7 @@ python3 scripts/security/security-mirror-progress-guard.py | S2.3 AwoooP 鏡像路由矩陣 | 完成草案 | `security_mirror_route_v1` 已建立 5 個 route groups,定義目的地、channel policy 與 review lane | AwoooP 消費時不猜路由、不新增執行入口 | | S2.4 AwoooP 鏡像驗收契約 | 完成草案 | `security_mirror_acceptance_v1` 已建立 7 個 acceptance checks;blocking 只針對鏡像資料不完整或未脫敏 | AwoooP 接入時可驗收,不升級成 runtime enforcement | | S2.5 AwoooP 鏡像隔離契約 | 完成草案 | `security_mirror_quarantine_v1` 已建立 5 個 quarantine lanes;失敗 payload 必須等新 snapshot commit 後才能 retry | AwoooP 可隔離壞資料,不阻擋 runtime | -| S2.6 AwoooP 鏡像 dry-run 報告契約 | 完成草案 | `security_mirror_dry_run_v1` 已建立 7 個 dry-run steps,已納入 `CHECK_PROGRESS_GUARD`;目前狀態仍為 contract defined not executed | AwoooP 未來可回報演練結果,但不啟動 production ingestion | +| S2.6 AwoooP 鏡像 dry-run 報告契約 | 完成草案 | `security_mirror_dry_run_v1` 已建立 7 個 dry-run steps,已納入 `CHECK_PROGRESS_GUARD`;latest local validation 為 `repo_snapshot_guard_pass`;目前狀態仍為 contract defined not executed | AwoooP 未來可回報演練結果,但不啟動 production ingestion | | S2.7 AwoooP 鏡像狀態彙整契約 | 完成草案 | `security_mirror_status_rollup_v1` 已建立,彙整 S0-S4、approval queue summary 與下一個安全 gate;S4.13 已補 owner response validation rollup | 兩個 Session 用同一份 rollup 同步,不誤啟執行面 | | S3 approval gate | 進行中 | `security_approval_gate_v1` 已建立 8 個人工 gate items:7 pending、1 block candidate、0 approved | 不得繞過人工批准;批准後仍需 follow-up runtime gate | | S3.0 人工批准 Gate 契約 | 完成草案 | 定義批准範圍、決策選項、required reviewers、still forbidden 與 follow-up runtime gate | AwoooP 可記錄決策,不可執行 gate item | diff --git a/docs/security/security-mirror-dry-run.snapshot.json b/docs/security/security-mirror-dry-run.snapshot.json index b5e9c53ce..6f156b23e 100644 --- a/docs/security/security-mirror-dry-run.snapshot.json +++ b/docs/security/security-mirror-dry-run.snapshot.json @@ -139,6 +139,23 @@ ] } ], + "latest_local_validation": { + "status": "repo_snapshot_guard_pass", + "date": "2026-05-18", + "scope": "repo_snapshot_only", + "command": "python3 scripts/security/security-mirror-progress-guard.py", + "result": "SECURITY_MIRROR_PROGRESS_GUARD_OK", + "validated_steps": [ + "LOAD_CONTRACT_INDEXES", + "CHECK_ACCEPTANCE_AND_QUARANTINE", + "CHECK_PROGRESS_GUARD", + "CONFIRM_NO_RUNTIME_ACTION" + ], + "runtime_actions_executed": false, + "payloads_ingested": false, + "production_ingestion_enabled": false, + "not_authorization": true + }, "forbidden_actions": [ "start_kali_scan", "call_kali_execute_endpoint", diff --git a/scripts/security/security-mirror-progress-guard.py b/scripts/security/security-mirror-progress-guard.py index ef79b646e..ea59e74be 100755 --- a/scripts/security/security-mirror-progress-guard.py +++ b/scripts/security/security-mirror-progress-guard.py @@ -114,6 +114,16 @@ def validate(root: Path) -> None: assert_false("dry_run.payloads_ingested", dry_run_summary["payloads_ingested"]) assert_contains("dry_run_steps", dry_run_step_ids, "CHECK_PROGRESS_GUARD") + local_validation = dry_run["latest_local_validation"] + assert_equal("dry_run.latest_local_validation.status", local_validation["status"], "repo_snapshot_guard_pass") + assert_equal("dry_run.latest_local_validation.scope", local_validation["scope"], "repo_snapshot_only") + assert_equal("dry_run.latest_local_validation.result", local_validation["result"], "SECURITY_MIRROR_PROGRESS_GUARD_OK") + assert_contains("dry_run.latest_local_validation.validated_steps", local_validation["validated_steps"], "CHECK_PROGRESS_GUARD") + assert_false("dry_run.latest_local_validation.runtime_actions_executed", local_validation["runtime_actions_executed"]) + assert_false("dry_run.latest_local_validation.payloads_ingested", local_validation["payloads_ingested"]) + assert_false("dry_run.latest_local_validation.production_ingestion_enabled", local_validation["production_ingestion_enabled"]) + assert_true("dry_run.latest_local_validation.not_authorization", local_validation["not_authorization"]) + forbidden_actions = set(rollup["forbidden_actions"]) | set(acceptance["forbidden_actions"]) for action in [ "start_kali_scan",