fix(iwooos): 新增 public runtime config 驗收與 tenants 防洩漏
All checks were successful
Code Review / ai-code-review (push) Successful in 14s
CD Pipeline / tests (push) Successful in 1m29s
CD Pipeline / build-and-deploy (push) Successful in 4m22s
CD Pipeline / post-deploy-checks (push) Successful in 1m40s

This commit is contained in:
Your Name
2026-06-15 04:29:54 +08:00
parent 77a76d1a10
commit 5f9a11e6b2
16 changed files with 2853 additions and 36 deletions

View File

@@ -101,14 +101,16 @@ CONTROL_STATUS_BY_CATEGORY = {
"next_owner_action": "補 workflow diff ref、runner owner attestation、secret name parity ref、Gitea run readback、guard result、maintenance window、rollback owner 與 post-check evidence。",
},
"public_admin_api_runtime_config": {
"coverage_status": "policy_ready_needs_change_scoped_smoke",
"coverage_percent": 62,
"coverage_status": "change_evidence_acceptance_ready_needs_runtime_config_owner_evidence",
"coverage_percent": 64,
"evidence_refs": [
"docs/HARD_RULES.md",
"docs/security/IWOOOS-CONFIG-CONTROL-INVENTORY.md",
"docs/security/PUBLIC-RUNTIME-CONFIG-CHANGE-EVIDENCE-ACCEPTANCE.md",
"docs/security/public-runtime-config-change-evidence-acceptance.snapshot.json",
],
"current_gap": "每次產品 route / admin / API / frontend config 變更仍需逐次 smoke 與 owner gate",
"next_owner_action": "補 affected route、admin/auth boundary、CORS/public URL 與 desktop/mobile smoke plan",
"current_gap": "已固定 Public / Admin / API runtime config 變更證據驗收只讀帳本affected route、admin/auth boundary、API readback、CORS diff、frontend env diff、i18n redaction、webhook owner、desktop/mobile smoke、sensitive string scan、rollback 與 post-check evidence 仍全部為 0",
"next_owner_action": "補 affected route refs、admin/auth boundary、API contract readback、CORS origin diff、frontend env diff、i18n redaction review、webhook/callback owner、desktop/mobile smoke、sensitive string scan、rollback owner 與 post-check evidence",
},
"backup_restore_credential": {
"coverage_status": "owner_response_acceptance_ledger_ready_needs_restore_drill_owner",
@@ -271,6 +273,27 @@ FALSE_BOUNDARIES = {
"exporter_deploy_authorized": False,
"live_alert_fire_authorized": False,
"alert_chain_smoke_authorized": False,
"runtime_config_change_authorized": False,
"api_route_change_authorized": False,
"cors_change_authorized": False,
"frontend_env_change_authorized": False,
"middleware_auth_change_authorized": False,
"callback_url_change_authorized": False,
"webhook_secret_change_authorized": False,
"security_header_change_authorized": False,
"cookie_policy_change_authorized": False,
"csrf_disable_authorized": False,
"rate_limit_disable_authorized": False,
"api_contract_change_authorized": False,
"i18n_public_text_internal_identity_allowed": False,
"internal_ip_exposure_allowed": False,
"repo_namespace_exposure_allowed": False,
"owner_namespace_exposure_allowed": False,
"internal_status_code_exposure_allowed": False,
"internal_transcript_exposure_allowed": False,
"raw_payload_storage_allowed": False,
"desktop_mobile_smoke_authorized": False,
"database_migration_authorized": False,
"secret_value_collection_allowed": False,
"active_scan_authorized": False,
"agent_bounty_runtime_authorized": False,
@@ -347,6 +370,7 @@ def build_report(root: Path, generated_at: str | None) -> dict[str, Any]:
"change_evidence_acceptance_ready_needs_gitops_owner_evidence",
"secret_injection_change_evidence_acceptance_ready_needs_owner_evidence",
"cd_runner_secret_injection_change_evidence_acceptance_ready_needs_owner_evidence",
"change_evidence_acceptance_ready_needs_runtime_config_owner_evidence",
"owner_response_acceptance_ledger_ready_needs_restore_drill_owner",
"owner_response_acceptance_ledger_ready_needs_network_owner",
"change_evidence_acceptance_ready_needs_network_owner_evidence",
@@ -400,6 +424,7 @@ def build_report(root: Path, generated_at: str | None) -> dict[str, Any]:
"k8s_production_gitops",
"secret_metadata",
"gitea_workflow_runner_source_control",
"public_admin_api_runtime_config",
"agent_bounty_protocol_runtime",
"docker_compose_systemd_host_config",
"monitoring_alerting_observability",