diff --git a/apps/web/messages/en.json b/apps/web/messages/en.json index e75a98d76..cb7f90a01 100644 --- a/apps/web/messages/en.json +++ b/apps/web/messages/en.json @@ -4074,6 +4074,52 @@ "githubTargetOwner": "S4.10 still waits for GitHub target owner decision. Do not create repos or change visibility before the target owner accepts.", "workflowSecretOwner": "S4.12 only waits for workflow / secret name owner response. Secret values must not be collected and GitHub secrets must not be changed." } + }, + "ownerResponseValidationScope": { + "title": "Owner Response Validation Tenant Scope", + "subtitle": "Tenant management mirrors that the AWOOOI first tenant is still waiting for the S4.13 validation rollup and S4.9-S4.12 source response packets. This is not tenant policy, repo, refs, workflow / secret, or runtime authorization.", + "badge": "Read-only validation scope", + "openIwooos": "Open IwoooS", + "scopeRefsTitle": "Tenant Validation Refs", + "boundaryLabel": "Tenant Validation Boundary", + "boundaryTitle": "No tenant policy changes can be applied here", + "boundaryDetail": "This panel only displays four packets, 22 response templates, received / accepted / rejected still at 0, and the validation scope understandable by the AWOOOI first tenant. It does not modify tenant policy, create repos, mutate refs, modify workflows / secrets, collect secret values, switch primary, or open runtime gates.", + "metrics": { + "packets": "Response Packets", + "packetsDetail": "S4.9-S4.12 four packets still wait for owner response.", + "templates": "Response Templates", + "templatesDetail": "22 templates only describe future intake format. They do not mean sent, received, or accepted.", + "received": "Received", + "receivedDetail": "Still 0. Tenant scope visibility must not rewrite intake state.", + "accepted": "Accepted", + "acceptedDetail": "Still 0. It can change only after redacted evidence passes validation.", + "tenantPolicyChanges": "Tenant Policy Changes", + "tenantPolicyChangesDetail": "Still 0. Tenant policy and migration mode must not change before validation.", + "displaySections": "Display Sections", + "displaySectionsDetail": "8 display sections explain how tenants should understand validation flow and boundaries." + }, + "scopeRefs": { + "validationRollup": { + "title": "S4.13 Validation Rollup", + "detail": "Fixes four packets, cross-packet validation, evidence routing, reviewer checklist, and result lanes without creating tenant policy changes." + }, + "giteaAttestation": { + "title": "S4.9 Gitea Inventory Owner Attestation", + "detail": "5 templates still wait for owner response. The tenant can only see the next intake focus." + }, + "githubTarget": { + "title": "S4.10 GitHub Target Owner Decision", + "detail": "7 target owner / visibility / standard responses remain unaccepted. Repos must not be created automatically." + }, + "refsTruth": { + "title": "S4.11 Ref Truth Owner Response", + "detail": "5 truth decision groups still wait for redacted responses. Refs must not be synced, deleted, or force-pushed." + }, + "workflowSecret": { + "title": "S4.12 Workflow / Secret Name Owner Response", + "detail": "5 name and redacted evidence groups still wait for response. Only name inventory is allowed, not secret values." + } + } } }, "runs": { diff --git a/apps/web/messages/zh-TW.json b/apps/web/messages/zh-TW.json index 3c31b7282..603f02e33 100644 --- a/apps/web/messages/zh-TW.json +++ b/apps/web/messages/zh-TW.json @@ -4018,62 +4018,108 @@ "tenants": { "securityTenantScopeCandidate": { "title": "IwoooS 租戶資安範圍只讀候選", - "subtitle": "租戶管理只顯示 AWOOOI 第一租戶與 IwoooS security mirror 的保護範圍;這不是 migration mode change,也不會改 tenant policy。", + "subtitle": "租戶管理只顯示 AWOOOI 第一租戶與 IwoooS 資安鏡像的保護範圍;這不是租戶遷移模式變更,也不會改租戶政策。", "badge": "租戶範圍", - "scopeRefsTitle": "只讀 scope refs", + "scopeRefsTitle": "只讀範圍參照", "boundaryLabel": "租戶邊界", "boundaryTitle": "目前沒有租戶設定可變更", - "boundaryDetail": "這個面板不變更 migration mode、不改 tenant policy、不寫入 platform tenants API、不呼叫 GitHub / Gitea / Kali,也不新增 scan、execute、deploy、primary switch 或 refs action。", + "boundaryDetail": "這個面板不變更租戶遷移模式、不改租戶政策、不寫入平台租戶 API、不呼叫 GitHub / Gitea / Kali,也不新增掃描、執行、部署、主要來源切換或分支 / 標籤參照動作。", "openIwooos": "開啟 IwoooS", "metrics": { "primaryTenant": "第一租戶", - "primaryTenantDetail": "AWOOOI 是 AwoooP 的第一個 runtime tenant;此處只顯示 scope,不改設定。", + "primaryTenantDetail": "AWOOOI 是 AwoooP 的第一個執行期租戶;此處只顯示範圍,不改設定。", "securityEntry": "資安入口", - "securityEntryDetail": "IwoooS 仍是 Information Security 的只讀入口與 posture mirror。", - "hostCoverage": "Host coverage", - "hostCoverageDetail": "Kali 112、Dev 168、Dev 111 已納入 observe-only 視野。", - "policyMutations": "Tenant policy changes", - "policyMutationsDetail": "目前為 0;owner response 與 runtime gate 前不得改 policy。" + "securityEntryDetail": "IwoooS 仍是資訊安全的只讀入口與態勢鏡像。", + "hostCoverage": "主機覆蓋", + "hostCoverageDetail": "Kali 112、開發主機 168、開發主機 111 已納入只觀察視野。", + "policyMutations": "租戶政策變更", + "policyMutationsDetail": "目前為 0;負責人回覆與執行期閘門前不得改政策。" }, "scopeRefs": { - "awoooiTenant": "AwoooP 平台身分下,AWOOOI 仍是第一個 tenant / runtime host,不是全平台的同義詞。", - "iwooosMirror": "IwoooS 顯示 security mirror posture、progress、evidence refs 與 forbidden actions。", - "hostCoverage": "三台指定主機目前只納入資安視野與 evidence readiness;不做 SSH、更新、credentialed scan 或 blocking control。", - "ownerResponse": "S4.9-S4.12 owner response received / accepted 仍為 0,tenant scope 顯示不等於批准。" + "awoooiTenant": "AwoooP 平台身分下,AWOOOI 仍是第一個租戶 / 執行期主機,不是全平台的同義詞。", + "iwooosMirror": "IwoooS 顯示資安鏡像態勢、進度、證據參照與禁止動作。", + "hostCoverage": "三台指定主機目前只納入資安視野與證據就緒度;不做 SSH、更新、憑證式掃描或阻擋型控制。", + "ownerResponse": "S4.9-S4.12 負責人回覆已收到 / 已接受仍為 0,租戶範圍顯示不等於批准。" } }, "githubTenantReadinessScope": { "title": "GitHub 主要來源就緒度租戶範圍", - "subtitle": "租戶管理同步顯示 AWOOOI 第一租戶與 Gitea 轉 GitHub 的原始碼管控負責人範圍缺口;這不是租戶 policy、repo 建立或主要來源切換授權。", + "subtitle": "租戶管理同步顯示 AWOOOI 第一租戶與 Gitea 轉 GitHub 的原始碼管控負責人範圍缺口;這不是租戶政策、專案庫建立或主要來源切換授權。", "badge": "只讀範圍", "openIwooos": "開啟 IwoooS", "scopeRefsTitle": "負責人範圍參照", "boundaryLabel": "租戶 / GitHub 邊界", "boundaryTitle": "租戶範圍仍等待負責人回覆", - "boundaryDetail": "這個面板只呈現租戶與原始碼管控就緒度的對應關係;不變更租戶遷移模式、不改 tenant policy、不建立 GitHub repo、不改 refs、不收 secret value、不切主要來源,也不停用 Gitea。", + "boundaryDetail": "這個面板只呈現租戶與原始碼管控就緒度的對應關係;不變更租戶遷移模式、不改租戶政策、不建立 GitHub 專案庫、不改分支 / 標籤參照、不收機密明文值、不切主要來源,也不停用 Gitea。", "metrics": { "candidateRepos": { - "label": "候選 repo", - "detail": "8 個候選 repo 只作為範圍可見性,不代表可建立 GitHub repo。" + "label": "候選專案庫", + "detail": "8 個候選專案庫只作為範圍可見性,不代表可建立 GitHub 專案庫。" }, "inScopeRepos": { - "label": "範圍內 repo", - "detail": "7 個 repo 仍需負責人範圍決策與原始碼管控回覆。" + "label": "範圍內專案庫", + "detail": "7 個專案庫仍需負責人範圍決策與原始碼管控回覆。" }, "ownerResponses": { "label": "負責人回覆", - "detail": "22 個回覆範本仍為 0 received / 0 accepted。" + "detail": "22 個回覆範本仍為 0 已收到 / 0 已接受。" }, "tenantScopeChanges": { "label": "租戶範圍變更", - "detail": "目前為 0;不得因顯示就緒度而改 tenant policy 或 migration mode。" + "detail": "目前為 0;不得因顯示就緒度而改租戶政策或遷移模式。" } }, "scopeRefs": { "tenantSourceScope": "AWOOOI 第一租戶只對應原始碼管控就緒範圍,不代表全平台或 GitHub 主要來源已接受。", - "giteaInventoryOwner": "S4.9 仍等待 Gitea 清冊負責人證明;覆蓋範圍接受前不得補寫 repo 範圍。", - "githubTargetOwner": "S4.10 仍等待 GitHub 目標負責人決策;目標負責人未接受前不得建立 repo 或改可見性。", - "workflowSecretOwner": "S4.12 只等待工作流程 / secret 名稱負責人回覆;仍不得收 secret value 或修改 GitHub secrets。" + "giteaInventoryOwner": "S4.9 仍等待 Gitea 清冊負責人證明;覆蓋範圍接受前不得補寫專案庫範圍。", + "githubTargetOwner": "S4.10 仍等待 GitHub 目標負責人決策;目標負責人未接受前不得建立專案庫或改可見性。", + "workflowSecretOwner": "S4.12 只等待工作流程 / 機密名稱負責人回覆;仍不得收機密明文值或修改 GitHub 機密設定。" + } + }, + "ownerResponseValidationScope": { + "title": "負責人回覆驗收租戶範圍", + "subtitle": "租戶管理同步顯示 AWOOOI 第一租戶仍等待 S4.13 驗收彙整與 S4.9-S4.12 四包來源回覆;這不是租戶政策、專案庫、分支 / 標籤參照、工作流程 / 機密設定或執行期授權。", + "badge": "只讀驗收範圍", + "openIwooos": "開啟 IwoooS", + "scopeRefsTitle": "租戶驗收參照", + "boundaryLabel": "租戶驗收邊界", + "boundaryTitle": "目前沒有可套用的租戶政策變更", + "boundaryDetail": "這個面板只顯示四包、22 個回覆範本、已收到 / 已接受 / 已拒收仍為 0,以及 AWOOOI 第一租戶可理解的驗收範圍;不改租戶政策、不建立專案庫、不改分支 / 標籤參照、不改工作流程 / 機密設定、不收機密明文值、不切主要來源,也不開執行期閘門。", + "metrics": { + "packets": "回覆包", + "packetsDetail": "S4.9-S4.12 四包仍等待負責人回覆。", + "templates": "回覆範本", + "templatesDetail": "22 個範本只代表未來可收件格式,不代表已送出、已收到或已接受。", + "received": "已收到", + "receivedDetail": "目前仍為 0;租戶範圍可見不得改寫收件狀態。", + "accepted": "已接受", + "acceptedDetail": "目前仍為 0;只有脫敏證據通過驗收後才能改變。", + "tenantPolicyChanges": "租戶政策變更", + "tenantPolicyChangesDetail": "目前仍為 0;驗收前不得改租戶政策或遷移模式。", + "displaySections": "顯示區塊", + "displaySectionsDetail": "8 個顯示區塊只用於說明租戶如何理解驗收流程與邊界。" + }, + "scopeRefs": { + "validationRollup": { + "title": "S4.13 驗收彙整", + "detail": "固定四包、跨包驗收、證據路由、審查清單與結果分流,但不產生租戶政策變更。" + }, + "giteaAttestation": { + "title": "S4.9 Gitea 清冊負責人證明", + "detail": "5 個範本仍等待負責人回覆;租戶只能看到下一個收件焦點。" + }, + "githubTarget": { + "title": "S4.10 GitHub 目標負責人決策", + "detail": "7 個目標負責人 / 可見性 / 標準回覆仍未接受,不得自動建立專案庫。" + }, + "refsTruth": { + "title": "S4.11 分支 / 標籤真相負責人回覆", + "detail": "5 類真相判定仍等待脫敏回覆,不得同步、刪除或強制推送分支 / 標籤參照。" + }, + "workflowSecret": { + "title": "S4.12 工作流程 / 機密名稱負責人回覆", + "detail": "5 類名稱與脫敏證據仍等待回覆;只允許名稱清冊,不允許機密明文值。" + } } } }, diff --git a/apps/web/src/app/[locale]/awooop/tenants/page.tsx b/apps/web/src/app/[locale]/awooop/tenants/page.tsx index 23fe68d47..55a6e0e61 100644 --- a/apps/web/src/app/[locale]/awooop/tenants/page.tsx +++ b/apps/web/src/app/[locale]/awooop/tenants/page.tsx @@ -63,6 +63,12 @@ type GitHubTenantReadinessScope = { status: string; }; +type OwnerResponseValidationTenantRef = { + phase: string; + key: string; + contract: string; +}; + // ============================================================================= // 常數 // ============================================================================= @@ -79,22 +85,22 @@ const githubTenantReadinessMetrics: GitHubTenantReadinessMetric[] = [ const githubTenantReadinessScopes: GitHubTenantReadinessScope[] = [ { key: "tenantSourceScope", - name: "AWOOOI first tenant source-control scope", + name: "AWOOOI 第一租戶原始碼管控範圍", status: "waiting", }, { key: "giteaInventoryOwner", - name: "S4.9 Gitea inventory owner attestation", + name: "S4.9 Gitea 清冊負責人證明", status: "0/5", }, { key: "githubTargetOwner", - name: "S4.10 GitHub target owner decision", + name: "S4.10 GitHub 目標負責人決策", status: "0/7", }, { key: "workflowSecretOwner", - name: "S4.12 workflow / secret name owner response", + name: "S4.12 工作流程 / 機密名稱負責人回覆", status: "0/5", }, ]; @@ -111,42 +117,85 @@ const githubTenantReadinessBoundaries = [ "action_buttons_allowed=false", ]; +const ownerResponseValidationTenantRefs: OwnerResponseValidationTenantRef[] = [ + { + phase: "S4.13", + key: "validationRollup", + contract: "source_control_owner_response_validation_rollup_v1", + }, + { + phase: "S4.9", + key: "giteaAttestation", + contract: "gitea_inventory_owner_attestation_response_v1", + }, + { + phase: "S4.10", + key: "githubTarget", + contract: "github_target_owner_decision_response_v1", + }, + { + phase: "S4.11", + key: "refsTruth", + contract: "source_control_ref_truth_owner_response_v1", + }, + { + phase: "S4.12", + key: "workflowSecret", + contract: "source_control_workflow_secret_name_owner_response_v1", + }, +]; + +const ownerResponseValidationTenantBoundaries = [ + "owner_response_validation_received_count=0", + "owner_response_validation_accepted_count=0", + "owner_response_validation_rejected_count=0", + "tenant_source_control_scope_accepted=false", + "tenant_policy_mutation_authorized=false", + "repo_creation_authorized=false", + "refs_sync_authorized=false", + "workflow_modification_authorized=false", + "secret_value_collection_allowed=false", + "github_primary_switch_authorized=false", + "runtime_execution_authorized=false", + "action_buttons_allowed=false", +]; + const MIGRATION_MODE_CONFIG: Record< MigrationMode, { label: string; bg: string; text: string; border: string } > = { legacy_awoooi_default: { - label: "Legacy", + label: "舊版", bg: "bg-white", text: "text-[#5f5b52]", border: "border-[#d8d3c7]", }, shadow: { - label: "Shadow", + label: "影子", bg: "bg-[#f4f1e8]", text: "text-[#5f5b52]", border: "border-[#d8d3c7]", }, canary: { - label: "Canary", + label: "金絲雀", bg: "bg-[#fff7e8]", text: "text-[#8a5a08]", border: "border-[#d9b36f]", }, read_only: { - label: "Read Only", + label: "只讀", bg: "bg-[#eef5ff]", text: "text-[#1f5b9b]", border: "border-[#9bb6d9]", }, suggest: { - label: "Suggest", + label: "建議", bg: "bg-[#f6f0ff]", text: "text-[#6541a5]", border: "border-[#baa7de]", }, auto_remediate: { - label: "Auto Remediate", + label: "自動修復", bg: "bg-[#f0faf2]", text: "text-[#17602a]", border: "border-[#9bc7a4]", @@ -251,19 +300,19 @@ function SecurityTenantScopeCandidatePanel() { ]; const scopes = [ { - name: "AWOOOI first tenant", + name: "AWOOOI 第一租戶", detail: t("scopeRefs.awoooiTenant"), }, { - name: "IwoooS security mirror", + name: "IwoooS 資安鏡像", detail: t("scopeRefs.iwooosMirror"), }, { - name: "Kali 112 / Dev 168 / Dev 111", + name: "Kali 112 / 開發主機 168 / 開發主機 111", detail: t("scopeRefs.hostCoverage"), }, { - name: "S4.9-S4.12 owner response waiting", + name: "S4.9-S4.12 負責人回覆等待中", detail: t("scopeRefs.ownerResponse"), }, ]; @@ -280,18 +329,18 @@ function SecurityTenantScopeCandidatePanel() {

AWOOOI

-

tenant

+

租戶

IwoooS

-

mirror

+

鏡像

-

hosts

+

主機

3

-

policy

+

政策

0

@@ -471,6 +520,115 @@ function GitHubTenantReadinessScopePanel() { ); } +function OwnerResponseValidationTenantScopePanel() { + const t = useTranslations("awooop.tenants.ownerResponseValidationScope"); + const metrics = [ + { + label: t("metrics.packets"), + value: "4", + detail: t("metrics.packetsDetail"), + }, + { + label: t("metrics.templates"), + value: "22", + detail: t("metrics.templatesDetail"), + }, + { + label: t("metrics.received"), + value: "0", + detail: t("metrics.receivedDetail"), + }, + { + label: t("metrics.accepted"), + value: "0", + detail: t("metrics.acceptedDetail"), + }, + { + label: t("metrics.tenantPolicyChanges"), + value: "0", + detail: t("metrics.tenantPolicyChangesDetail"), + }, + { + label: t("metrics.displaySections"), + value: "8", + detail: t("metrics.displaySectionsDetail"), + }, + ]; + + return ( +
+
+
+
+
+ + {t("badge")} + + + {t("openIwooos")} +
+
+ +
+ {metrics.map((item) => ( +
+

{item.label}

+

{item.value}

+

{item.detail}

+
+ ))} +
+ +
+
+
+ {t("scopeRefsTitle")} +
+
+ {ownerResponseValidationTenantRefs.map((item) => ( +
+ {item.phase} +
+

+ {t(`scopeRefs.${item.key}.title` as never)} +

+

+ {t(`scopeRefs.${item.key}.detail` as never)} +

+

+ {item.contract} +

+
+
+ ))} +
+
+ +
+

{t("boundaryLabel")}

+

{t("boundaryTitle")}

+

{t("boundaryDetail")}

+
+ {ownerResponseValidationTenantBoundaries.map((boundary) => ( + {boundary} + ))} +
+
+
+
+ ); +} + // ============================================================================= // Main Component // ============================================================================= @@ -527,6 +685,8 @@ export default function TenantsPage() { + + {/* Error State */} {error && (
@@ -545,7 +705,7 @@ export default function TenantsPage() { - Project ID + 專案 ID 名稱 diff --git a/docs/LOGBOOK.md b/docs/LOGBOOK.md index 92b4fe568..1bcbf0367 100644 --- a/docs/LOGBOOK.md +++ b/docs/LOGBOOK.md @@ -1,3 +1,18 @@ +## 2026-05-21 | 資安供應鏈 S2.76:AwoooP 租戶管理負責人回覆驗收租戶範圍 + +**背景**:S2.72-S2.75 已把負責人回覆驗收放進 AwoooP 首頁、工作鏈路、合約儀表板與審批佇列;租戶管理仍需要同一個驗收範圍,避免 AWOOOI 第一租戶把「可見驗收缺口」誤認為租戶政策、專案庫或主要來源切換已批准。 + +**完成**: +- `/awooop/tenants` 新增「負責人回覆驗收租戶範圍」,顯示 S4.13 驗收彙整、S4.9 Gitea 清冊負責人證明、S4.10 GitHub 目標負責人決策、S4.11 分支 / 標籤真相負責人回覆與 S4.12 工作流程 / 機密名稱負責人回覆五個參照。 +- 租戶範圍顯示四包、22 個回覆範本、已收到=0、已接受=0、已拒收=0、租戶政策變更=0 與 8 個顯示區塊,並連回 `/iwooos`。 +- `/awooop/tenants` 近期資安可視區塊已補強繁體中文呈現,將租戶、資安鏡像、主機、租戶政策、專案庫、分支 / 標籤參照與機密明文值等使用者可見文案收斂為繁中。 +- `security_mirror_status_rollup_v1` 新增 `s2_76_awooop_tenants_owner_response_validation_scope` 與 `show_awooop_tenants_owner_response_validation_scope`。 +- `security-mirror-progress-guard.py` 已驗證租戶範圍元件、i18n 鍵、五個來源參照、繁體中文 scoped guard 與 `false` 邊界。 + +**仍禁止**: +- S2.76 是 AwoooP 租戶管理只讀呈現,不代表負責人回覆已收到 / 已接受、租戶政策批准、專案庫建立、分支 / 標籤參照同步、工作流程 / 機密設定修改、機密明文值收集、GitHub 主要來源切換、Gitea 停用、Kali `/execute`、SSH 登入、主機更新、阻擋型控制或執行期閘門。 +- 整體資安網百分比仍是 58%;框架 / 治理 / 文件 / 結構定義 / 只讀證據仍約 80-85%;真正落地執行 / 執行期匯入 / GitHub 主要來源 / AwoooP 正式入口仍約 35-40%。 + ## 2026-05-21 | 資安供應鏈 S2.75:AwoooP 審批佇列負責人回覆驗收只讀審查邊界 **背景**:S2.72 已把負責人回覆驗收放進 AwoooP 首頁,S2.73 已同步到工作鏈路,S2.74 已同步到合約儀表板;審批佇列仍需要同一個驗收邊界,避免使用者把「審批頁可見」誤認成負責人回覆已收到、已接受或可以建立審批紀錄。 diff --git a/docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md b/docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md index f6adfcc02..18b25d1c4 100644 --- a/docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md +++ b/docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md @@ -57,6 +57,7 @@ | AwoooP 工作鏈路負責人回覆驗收只讀工作項 | S2.73 已在 `/awooop/work-items` 顯示四包負責人回覆驗收只讀工作項;22 個回覆範本、已收到=0、已接受=0、已拒收=0、10 個跨包驗收、6 條證據路由、8 個顯示區塊;仍不把工作項當成已收到 / 已接受、審批紀錄、專案庫 / 分支與標籤參照 / 工作流程 / 機密設定 / 主要來源動作或執行期閘門 | | AwoooP 合約儀表板負責人回覆驗收契約只讀候選 | S2.74 已在 `/awooop/contracts` 顯示負責人回覆驗收契約只讀候選;S4.13 rollup 與 S4.9-S4.12 四個來源收件包、22 個回覆範本、已收到=0、已接受=0、8 個顯示區塊;仍不把合約候選當成已收到 / 已接受、審批紀錄、合約發布、專案庫 / 分支與標籤參照 / 工作流程 / 機密設定 / 主要來源動作或執行期閘門 | | AwoooP 審批佇列負責人回覆驗收只讀審查邊界 | S2.75 已在 `/awooop/approvals` 顯示負責人回覆驗收只讀審查邊界;S4.13 驗收彙整與 S4.9-S4.12 四個來源收件包、22 個回覆範本、已收到=0、已接受=0、已拒收=0、8 個顯示區塊;仍不把審批邊界當成已收到 / 已接受、審批紀錄、專案庫 / 分支與標籤參照 / 工作流程 / 機密設定 / 主要來源動作或執行期閘門 | +| AwoooP 租戶管理負責人回覆驗收租戶範圍 | S2.76 已在 `/awooop/tenants` 顯示負責人回覆驗收租戶範圍;S4.13 驗收彙整與 S4.9-S4.12 四個來源收件包、22 個回覆範本、已收到=0、已接受=0、已拒收=0、租戶政策變更=0、8 個顯示區塊;仍不把租戶範圍當成已收到 / 已接受、租戶政策批准、專案庫 / 分支與標籤參照 / 工作流程 / 機密設定 / 主要來源動作或執行期閘門 | | Dry-run | `contract_defined_not_executed`;已納入 `CHECK_PROGRESS_GUARD` 與 `CHECK_OWNER_RESPONSE_GUARD`,latest local validation 為 `repo_snapshot_guard_pass`,仍不代表 production ingestion | | Runtime actions | `false` | | Payload ingestion | `false` | @@ -179,6 +180,7 @@ | S2.73 AwoooP work-items owner response validation candidate | framework detail | 0 | 只在 `/awooop/work-items` 顯示四包負責人回覆驗收只讀工作項,呈現回覆包=4、範本=22、已收到=0、已接受=0、已拒收=0、跨包驗收=10、證據路由=6、顯示區塊=8;owner_response_validation_received_count=0、owner_response_validation_accepted_count=0、runtime_execution_authorized=false、active_runtime_gate_count=0、action_buttons_allowed=false、not_authorization=true,不建立審批紀錄、不建立 GitHub repo、不改 visibility、不 sync / delete / force push refs、不改 workflow / secrets、不收 secret value、不切 primary、不停用 Gitea | | S2.74 AwoooP contracts owner response validation candidate | framework detail | 0 | 只在 `/awooop/contracts` 顯示負責人回覆驗收契約只讀候選,呈現四包、範本=22、已收到=0、已接受=0、顯示區塊=8、S4.13 rollup 與 S4.9-S4.12 四個來源收件包;owner_response_validation_received_count=0、owner_response_validation_accepted_count=0、approval_record_created=false、runtime_execution_authorized=false、active_runtime_gate_count=0、action_buttons_allowed=false、not_authorization=true,不發布合約、不建立審批紀錄、不建立 GitHub repo、不改 visibility、不 sync / delete / force push refs、不改 workflow / secrets、不收 secret value、不切 primary、不停用 Gitea | | S2.75 AwoooP approvals owner response validation boundary | framework detail | 0 | 只在 `/awooop/approvals` 顯示負責人回覆驗收只讀審查邊界,呈現四包、範本=22、已收到=0、已接受=0、已拒收=0、顯示區塊=8、S4.13 與 S4.9-S4.12 五個來源參照;owner_response_validation_received_count=0、owner_response_validation_accepted_count=0、owner_response_validation_rejected_count=0、approval_record_created=false、runtime_execution_authorized=false、active_runtime_gate_count=0、action_buttons_allowed=false、not_authorization=true,不建立審批紀錄、不建立 GitHub repo、不改 visibility、不 sync / delete / force push refs、不改 workflow / secrets、不收 secret value、不切 primary、不停用 Gitea | +| S2.76 AwoooP 租戶管理負責人回覆驗收租戶範圍 | framework detail | 0 | 只在 `/awooop/tenants` 顯示負責人回覆驗收租戶範圍,呈現四包、範本=22、已收到=0、已接受=0、已拒收=0、租戶政策變更=0、顯示區塊=8、S4.13 與 S4.9-S4.12 五個來源參照;owner_response_validation_received_count=0、owner_response_validation_accepted_count=0、owner_response_validation_rejected_count=0、tenant_policy_mutation_authorized=false、runtime_execution_authorized=false、active_runtime_gate_count=0、action_buttons_allowed=false、not_authorization=true,不改租戶政策、不建立 GitHub 專案庫、不改可見性、不同步 / 刪除 / 強制推送分支或標籤參照、不改工作流程 / 機密設定、不收機密明文值、不切主要來源、不停用 Gitea | headline 進度要再往上,至少需要下列任一高層 gate 有實質 evidence: diff --git a/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md b/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md index d9e17eaba..7b3a5bb39 100644 --- a/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md +++ b/docs/security/SECURITY-SUPPLY-CHAIN-PROGRESS.md @@ -5,7 +5,7 @@ | 日期 | 2026-05-17 | | 狀態 | S0/S1 read-only evidence 建置中 | | 本階段完成 | 資安供應鏈 contract manifest + Source Control Approval Board + Draft Reconcile Plan + Ref Detail Diff + Ref Truth Classification + Source Control Ref Truth Owner Response 收件包 + GitHub Primary Readiness Gate + GitHub Primary Rollback ADR + GitHub Target Owner Decision Response 收件包 + Gitea 認證清冊匯出請求 + Gitea 認證清冊匯入驗收契約 + Gitea 清冊覆蓋 Owner Attestation + Gitea Owner Attestation Approval Lane 對齊 + Gitea Owner Attestation Response 收件包 + Workflow / Secret Name Inventory + Workflow / Secret Name Local Evidence + Workflow / Secret Name Redacted Export Request + Workflow / Secret Name Owner Response 收件包 + Source Control Owner Response Validation Rollup + Kali 112 live integration status + Security Finding contract + Kali scan scope approval package + Security Approval Queue + S3 人工批准 Gate + S3 人工決策紀錄 + S3 人工審查封包 + S3 人工決策狀態轉移 + S3 後續 runtime gate 準備契約 + 鏡像 readiness index + 鏡像接收計畫 + 鏡像事件信封 + 鏡像路由矩陣 + 鏡像驗收契約 + 鏡像隔離契約 + 鏡像 dry-run 報告契約 + 鏡像狀態彙整契約 + IwoooS 前端態勢入口 + IwoooS posture projection contract + IwoooS 既有前端資安頁面整合 + IwoooS 覆蓋與邊界矩陣 + IwoooS 只讀資安處理旅程 + IwoooS owner evidence readiness board + IwoooS host coverage view + IwoooS host action gate matrix + IwoooS host evidence readiness board + IwoooS host evidence collection order + IwoooS host evidence intake preflight + IwoooS host evidence review outcome lanes + IwoooS host evidence review handoff packets + IwoooS host evidence reviewer checklist + IwoooS host evidence reviewer outcome lanes + IwoooS host owner decision candidate packets + IwoooS host owner decision review checklist + IwoooS host owner decision review outcome lanes + IwoooS host owner decision record draft packets + IwoooS host owner decision record draft review checklist + IwoooS host owner decision record draft review outcome lanes + IwoooS host owner decision record write-up packets + IwoooS host owner decision record write-up review checklist + IwoooS host owner decision record write-up review outcome lanes + IwoooS host owner decision record formal candidate packets + IwoooS host owner decision record formal candidate review checklist + IwoooS host owner decision record formal candidate review outcome lanes + IwoooS host owner decision record formal record queue packets + IwoooS host owner decision record formal record queue review checklist + IwoooS host owner decision record formal record queue review outcome lanes + IwoooS host owner decision record human handoff readiness packets + IwoooS host owner decision record human handoff readiness review checklist + IwoooS host owner decision record human handoff readiness review outcome lanes + IwoooS host owner decision record human record owner review candidate packets + IwoooS host owner decision record human record owner review candidate checklist + IwoooS host owner decision record human record owner review candidate outcome lanes + IwoooS host owner decision record human record owner review preparation packets + IwoooS host owner decision record human record owner review preparation checklist + IwoooS progress acceleration lanes + IwoooS owner response next-action focus + IwoooS S4.9 owner response preflight + IwoooS S4.9 owner response request templates + IwoooS progress hold movement gates + IwoooS AwoooP read-only landing readiness + IwoooS AwoooP cross-session handoff packets + AwoooP 首頁 IwoooS 資安鏡像候選 + AwoooP 工作鏈路 IwoooS 資安鏡像候選 + AwoooP 審批佇列 IwoooS owner response 只讀焦點 | -| 本階段追加 | AwoooP 合約儀表板 IwoooS 資安契約只讀候選 + AwoooP 租戶管理 IwoooS 資安租戶範圍只讀候選 + AwoooP 執行監控 IwoooS 執行狀態只讀候選 + 既有安全 / 合規頁面 IwoooS 只讀反向橋接 + 告警 / 錯誤 / 授權 / 治理頁面 IwoooS 只讀反向橋接 + 稽核 / 工程審查頁面 IwoooS 深色只讀反向橋接 + IwoooS 前端資安頁面連接狀態板 + IwoooS GitHub 主要來源就緒度只讀狀態板 + AwoooP 工作鏈路 GitHub 主要來源就緒度只讀工作項 + AwoooP 合約儀表板 GitHub 主要來源就緒度合約只讀候選 + AwoooP 審批佇列 GitHub 主要來源就緒度審批邊界 + AwoooP 首頁 GitHub 主要來源就緒度只讀摘要 + AwoooP 租戶管理 GitHub 主要來源就緒度租戶範圍 + AwoooP 執行監控 GitHub 主要來源就緒度執行邊界 + IwoooS / AwoooP 資安可視區塊繁體中文呈現防護檢查 + AwoooP 執行詳情 / 審批詳情繁體中文呈現防護檢查 + AwoooP 首頁負責人回覆驗收總覽 + AwoooP 工作鏈路負責人回覆驗收只讀工作項 + AwoooP 合約儀表板負責人回覆驗收契約只讀候選 + AwoooP 審批佇列負責人回覆驗收只讀審查邊界 | +| 本階段追加 | AwoooP 合約儀表板 IwoooS 資安契約只讀候選 + AwoooP 租戶管理 IwoooS 資安租戶範圍只讀候選 + AwoooP 執行監控 IwoooS 執行狀態只讀候選 + 既有安全 / 合規頁面 IwoooS 只讀反向橋接 + 告警 / 錯誤 / 授權 / 治理頁面 IwoooS 只讀反向橋接 + 稽核 / 工程審查頁面 IwoooS 深色只讀反向橋接 + IwoooS 前端資安頁面連接狀態板 + IwoooS GitHub 主要來源就緒度只讀狀態板 + AwoooP 工作鏈路 GitHub 主要來源就緒度只讀工作項 + AwoooP 合約儀表板 GitHub 主要來源就緒度合約只讀候選 + AwoooP 審批佇列 GitHub 主要來源就緒度審批邊界 + AwoooP 首頁 GitHub 主要來源就緒度只讀摘要 + AwoooP 租戶管理 GitHub 主要來源就緒度租戶範圍 + AwoooP 執行監控 GitHub 主要來源就緒度執行邊界 + IwoooS / AwoooP 資安可視區塊繁體中文呈現防護檢查 + AwoooP 執行詳情 / 審批詳情繁體中文呈現防護檢查 + AwoooP 首頁負責人回覆驗收總覽 + AwoooP 工作鏈路負責人回覆驗收只讀工作項 + AwoooP 合約儀表板負責人回覆驗收契約只讀候選 + AwoooP 審批佇列負責人回覆驗收只讀審查邊界 + AwoooP 租戶管理負責人回覆驗收租戶範圍 | | 原則 | 低摩擦分階段;文件、schema、read-only evidence 優先;不做 runtime enforcement、不切 primary | ## 0. 本階段完成後整體進度 @@ -28,7 +28,7 @@ python3 scripts/security/security-mirror-progress-guard.py ### 0.2 Headline 58% 不代表停滯 -近期 S4.10 request packet、template status ledger、audit event templates、redaction examples、collection checks、intake preflight checks、S4.11 request packet / template status ledger / audit event templates / redaction examples / collection checks / intake preflight checks、S4.12 request packet / template status ledger / audit event templates / redaction examples / collection checks / intake preflight checks、S4.13 evidence routing rules / display sections / state transition rules / reviewer checklist / reviewer outcome lanes / reviewer audit event templates / reviewer audit display sections / reviewer audit collection checks / reviewer audit redaction examples / reviewer audit retention rules / reviewer audit retention checks / reviewer audit handoff packets / reviewer audit handoff checks / parallel session sync checks / parallel session conflict lanes / parallel session recovery checks / recovery outcome lanes、S1.3 non-blocking escalation lanes、S2.8 IwoooS frontend posture entry,以及 S2.9-S2.75 IwoooS / AwoooP security projection contract 都是有效進展,但它們是 framework detail,不是 owner response、runtime gate、production ingestion 或 GitHub primary readiness。因此 headline 仍維持 58%,避免把只讀框架誤算成已落地執行。 +近期 S4.10 請求包、範本狀態台帳、稽核事件範本、脫敏範例、收件檢查、收件預檢,S4.11 請求包 / 範本狀態台帳 / 稽核事件範本 / 脫敏範例 / 收件檢查 / 收件預檢,S4.12 請求包 / 範本狀態台帳 / 稽核事件範本 / 脫敏範例 / 收件檢查 / 收件預檢,S4.13 證據路由規則 / 顯示區塊 / 狀態轉移規則 / 審查清單 / 審查結果分流 / 審查稽核事件範本 / 審查稽核顯示區塊 / 審查稽核收件檢查 / 審查稽核脫敏範例 / 審查稽核保留規則 / 審查稽核保留檢查 / 審查稽核交接包 / 交接檢查 / 平行 Session 同步檢查 / 衝突分流 / 復原檢查 / 復原結果分流,S1.3 低摩擦非阻擋升級分流、S2.8 IwoooS 前端態勢入口,以及 S2.9-S2.76 IwoooS / AwoooP 資安投影契約都是有效進展,但它們是框架細節,不是負責人回覆、執行期閘門、生產匯入或 GitHub 主要來源就緒。因此整體百分比仍維持 58%,避免把只讀框架誤算成已落地執行。 S2.50 也把「為什麼 58% 還不動」拆成五個可見 gate:owner response accepted、redacted payload ingestion、active runtime gate、GitHub primary ready、AwoooP read-only landing。這五個 gate 目前仍全部是 0 / false,所以 headline 不應被灌水提高。 @@ -138,6 +138,7 @@ S2.50 也把「為什麼 58% 還不動」拆成五個可見 gate:owner respons | S2.73 AwoooP 工作鏈路負責人回覆驗收只讀工作項 | 已完成草案,在 `/awooop/work-items` 顯示四包負責人回覆、22 個回覆範本、已收到=0、已接受=0、已拒收=0、10 個跨包驗收、6 條證據路由與 8 個顯示區塊;仍不把工作項當成已收到 / 已接受、審批紀錄、主要來源切換或執行期閘門 | 0 | | S2.74 AwoooP 合約儀表板負責人回覆驗收契約只讀候選 | 已完成草案,在 `/awooop/contracts` 顯示 S4.13 rollup、四個來源收件包、22 個回覆範本、已收到=0、已接受=0 與 8 個顯示區塊;仍不把合約候選當成已收到 / 已接受、審批紀錄、合約發布、主要來源切換或執行期閘門 | 0 | | S2.75 AwoooP 審批佇列負責人回覆驗收只讀審查邊界 | 已完成草案,在 `/awooop/approvals` 顯示 S4.13 驗收彙整、四個來源收件包、22 個回覆範本、已收到=0、已接受=0、已拒收=0 與 8 個顯示區塊;仍不把審批邊界當成已收到 / 已接受、審批紀錄、主要來源切換或執行期閘門 | 0 | +| S2.76 AwoooP 租戶管理負責人回覆驗收租戶範圍 | 已完成草案,在 `/awooop/tenants` 顯示 S4.13 驗收彙整、四個來源收件包、22 個回覆範本、已收到=0、已接受=0、已拒收=0、租戶政策變更=0 與 8 個顯示區塊;仍不把租戶範圍當成已收到 / 已接受、租戶政策批准、主要來源切換或執行期閘門 | 0 | headline 要再往上,需要 S4.9 / S4.10 / S4.11 / S4.12 任一 owner response 收到並通過脫敏驗收,或人工批准後出現 active runtime gate、redacted payload ingestion、GitHub primary readiness 這類落地 evidence。 @@ -232,6 +233,7 @@ headline 要再往上,需要 S4.9 / S4.10 / S4.11 / S4.12 任一 owner respons | S2.73 AwoooP 工作鏈路負責人回覆驗收只讀工作項 | 完成草案 | `/awooop/work-items` 新增四包負責人回覆驗收工作項,顯示 22 個範本、0 已收到、0 已接受、0 已拒收、10 個跨包驗收、6 條證據路由與 8 個顯示區塊,並連回 `/iwooos` | 使用者與另一個 AwoooP Session 能在工作鏈路理解 GitHub 主要來源真正等待負責人回覆驗收;工作項仍不是審批紀錄、已接受回覆、專案庫 / 分支與標籤參照 / 工作流程 / 機密設定動作、主要來源切換或執行期閘門 | | S2.74 AwoooP 合約儀表板負責人回覆驗收契約只讀候選 | 完成草案 | `/awooop/contracts` 新增負責人回覆驗收契約候選,顯示 S4.13 rollup、S4.9-S4.12 四個來源收件包、22 個範本、0 已收到、0 已接受與 8 個顯示區塊 | 使用者與另一個 AwoooP Session 能在合約控制面理解負責人回覆驗收仍只是只讀契約缺口;合約候選仍不是合約發布、審批紀錄、已接受回覆、專案庫 / 分支與標籤參照 / 工作流程 / 機密設定動作、主要來源切換或執行期閘門 | | S2.75 AwoooP 審批佇列負責人回覆驗收只讀審查邊界 | 完成草案 | `/awooop/approvals` 新增負責人回覆驗收只讀審查邊界,顯示 S4.13 驗收彙整、S4.9-S4.12 四個來源收件包、22 個範本、0 已收到、0 已接受、0 已拒收與 8 個顯示區塊 | 使用者與另一個 AwoooP Session 能在審批佇列理解負責人回覆驗收仍只是只讀審查缺口;審批邊界仍不是審批紀錄、已接受回覆、專案庫 / 分支與標籤參照 / 工作流程 / 機密設定動作、主要來源切換或執行期閘門 | +| S2.76 AwoooP 租戶管理負責人回覆驗收租戶範圍 | 完成草案 | `/awooop/tenants` 新增負責人回覆驗收租戶範圍,顯示 S4.13 驗收彙整、S4.9-S4.12 四個來源收件包、22 個範本、0 已收到、0 已接受、0 已拒收、租戶政策變更=0 與 8 個顯示區塊 | 使用者與另一個 AwoooP Session 能在 AWOOOI 第一租戶視野理解負責人回覆驗收仍只是只讀租戶缺口;租戶範圍仍不是租戶政策批准、審批紀錄、已接受回覆、專案庫 / 分支與標籤參照 / 工作流程 / 機密設定動作、主要來源切換或執行期閘門 | | S3 approval gate | 進行中 | `security_approval_gate_v1` 已建立 8 個人工 gate items:7 pending、1 block candidate、0 approved | 不得繞過人工批准;批准後仍需 follow-up runtime gate | | S3.0 人工批准 Gate 契約 | 完成草案 | 定義批准範圍、決策選項、required reviewers、still forbidden 與 follow-up runtime gate | AwoooP 可記錄決策,不可執行 gate item | | S3.1 人工決策紀錄契約 | 完成草案 | `security_approval_decision_record_v1` 已建立;目前 0 筆 decision records、0 個 runtime action 授權 | AwoooP 可稽核決策,不可把決策當執行 | diff --git a/docs/security/security-mirror-status-rollup.snapshot.json b/docs/security/security-mirror-status-rollup.snapshot.json index b13b2b3fe..a2d6499ad 100644 --- a/docs/security/security-mirror-status-rollup.snapshot.json +++ b/docs/security/security-mirror-status-rollup.snapshot.json @@ -1370,6 +1370,18 @@ "runtime_delta": false, "execution_authorized": false, "not_authorization": true + }, + { + "delta_id": "s2_76_awooop_tenants_owner_response_validation_scope", + "display_order": 105, + "completed_stage": "S2.76 AwoooP 租戶管理負責人回覆驗收租戶範圍", + "progress_axis": "framework_detail", + "headline_percent_delta": 0, + "framework_delta_visible": true, + "why_headline_unchanged": "AwoooP 租戶管理只新增負責人回覆驗收租戶範圍,顯示四包、22 個回覆範本、已收到=0、已接受=0、已拒收=0、租戶政策變更=0、8 個顯示區塊與 S4.13 / S4.9-S4.12 來源收件參照;runtime_execution_authorized=false、active_runtime_gate_count=0、action_buttons_allowed=false,不標記負責人回覆已收到 / 已接受、不改租戶政策、不建立專案庫、不改分支 / 標籤參照、不改工作流程 / 機密設定、不收機密明文值、不切主要來源、不停用 Gitea。", + "runtime_delta": false, + "execution_authorized": false, + "not_authorization": true } ], "next_safe_actions": [ @@ -1710,6 +1722,22 @@ "從 AwoooP tenants 切 GitHub primary、停用 Gitea 或把 request-ready 當 owner response accepted" ] }, + { + "action_id": "show_awooop_tenants_owner_response_validation_scope", + "title": "AwoooP 租戶管理顯示負責人回覆驗收租戶範圍", + "mode": "observe", + "source_contract": "security_mirror_status_rollup_v1", + "allowed_processing": [ + "在 /awooop/tenants 顯示 S2.76 負責人回覆驗收租戶範圍", + "顯示四包、22 個回覆範本、已收到=0、已接受=0、已拒收=0、租戶政策變更=0 與 8 個顯示區塊", + "連到 /iwooos 只讀入口,不新增租戶政策、專案庫、可見性、分支 / 標籤參照、工作流程、機密設定、主要來源或 Gitea 停用動作" + ], + "blocked_processing": [ + "把 AwoooP 租戶管理負責人回覆驗收範圍當成負責人回覆已收到、已接受或租戶政策批准", + "從 AwoooP 租戶管理建立專案庫、改可見性、同步 / 刪除 / 強制推送分支或標籤參照,或收機密明文值", + "從 AwoooP 租戶管理修改工作流程 / 機密設定、切 GitHub 主要來源、停用 Gitea 或開執行期閘門" + ] + }, { "action_id": "show_awooop_runs_github_primary_readiness_boundary", "title": "AwoooP Run 監控顯示 GitHub Primary Readiness Run 邊界", @@ -2146,7 +2174,8 @@ "S2.72 新增 AwoooP 首頁負責人回覆驗收總覽;/awooop 顯示 S4.9/S4.10/S4.11/S4.12 四包負責人回覆、22 個回覆範本、已收到=0、已接受=0、已拒收=0、10 個跨包驗收、6 條證據路由、8 個顯示區塊、7 條狀態轉移、9 個審查清單項目與 7 條審查結果分流;owner_response_validation_received_count=0、owner_response_validation_accepted_count=0、repo_creation_authorized=false、refs_sync_authorized=false、workflow_modification_authorized=false、secret_value_collection_allowed=false、github_primary_switch_authorized=false、runtime_execution_authorized=false、action_buttons_allowed=false、not_authorization=true,不把首頁驗收總覽當負責人回覆已收到 / 已接受、審批紀錄、專案庫 / 分支與標籤參照 / 工作流程 / 機密設定 / 主要來源動作或執行期閘門。", "S2.73 新增 AwoooP 工作鏈路負責人回覆驗收只讀工作項;/awooop/work-items 顯示四包、22 個回覆範本、已收到=0、已接受=0、已拒收=0、10 個跨包驗收、6 條證據路由與 8 個顯示區塊;owner_response_validation_received_count=0、owner_response_validation_accepted_count=0、repo_creation_authorized=false、refs_sync_authorized=false、workflow_modification_authorized=false、secret_value_collection_allowed=false、github_primary_switch_authorized=false、runtime_execution_authorized=false、action_buttons_allowed=false、not_authorization=true,不把工作鏈路工作項當負責人回覆已收到 / 已接受、審批紀錄、專案庫 / 分支與標籤參照 / 工作流程 / 機密設定 / 主要來源動作或執行期閘門。", "S2.74 新增 AwoooP 合約儀表板負責人回覆驗收契約只讀候選;/awooop/contracts 顯示四包、22 個回覆範本、已收到=0、已接受=0、8 個顯示區塊、source_control_owner_response_validation_rollup_v1 與四個來源收件包參照;owner_response_validation_received_count=0、owner_response_validation_accepted_count=0、approval_record_created=false、repo_creation_authorized=false、refs_sync_authorized=false、workflow_modification_authorized=false、secret_value_collection_allowed=false、github_primary_switch_authorized=false、runtime_execution_authorized=false、action_buttons_allowed=false、not_authorization=true,不把合約候選當負責人回覆已收到 / 已接受、審批紀錄、合約發布、專案庫 / 分支與標籤參照 / 工作流程 / 機密設定 / 主要來源動作或執行期閘門。", - "S2.75 新增 AwoooP 審批佇列負責人回覆驗收只讀審查邊界;/awooop/approvals 顯示四包、22 個回覆範本、已收到=0、已接受=0、已拒收=0、8 個顯示區塊、source_control_owner_response_validation_rollup_v1 與四個來源收件包參照;owner_response_validation_received_count=0、owner_response_validation_accepted_count=0、owner_response_validation_rejected_count=0、approval_record_created=false、repo_creation_authorized=false、refs_sync_authorized=false、workflow_modification_authorized=false、secret_value_collection_allowed=false、github_primary_switch_authorized=false、runtime_execution_authorized=false、action_buttons_allowed=false、not_authorization=true,不把審批邊界當負責人回覆已收到 / 已接受、審批紀錄、專案庫 / 分支與標籤參照 / 工作流程 / 機密設定 / 主要來源動作或執行期閘門。" + "S2.75 新增 AwoooP 審批佇列負責人回覆驗收只讀審查邊界;/awooop/approvals 顯示四包、22 個回覆範本、已收到=0、已接受=0、已拒收=0、8 個顯示區塊、source_control_owner_response_validation_rollup_v1 與四個來源收件包參照;owner_response_validation_received_count=0、owner_response_validation_accepted_count=0、owner_response_validation_rejected_count=0、approval_record_created=false、repo_creation_authorized=false、refs_sync_authorized=false、workflow_modification_authorized=false、secret_value_collection_allowed=false、github_primary_switch_authorized=false、runtime_execution_authorized=false、action_buttons_allowed=false、not_authorization=true,不把審批邊界當負責人回覆已收到 / 已接受、審批紀錄、專案庫 / 分支與標籤參照 / 工作流程 / 機密設定 / 主要來源動作或執行期閘門。", + "S2.76 新增 AwoooP 租戶管理負責人回覆驗收租戶範圍;/awooop/tenants 顯示四包、22 個回覆範本、已收到=0、已接受=0、已拒收=0、租戶政策變更=0、8 個顯示區塊、source_control_owner_response_validation_rollup_v1 與四個來源收件包參照;owner_response_validation_received_count=0、owner_response_validation_accepted_count=0、owner_response_validation_rejected_count=0、tenant_source_control_scope_accepted=false、tenant_policy_mutation_authorized=false、repo_creation_authorized=false、refs_sync_authorized=false、workflow_modification_authorized=false、secret_value_collection_allowed=false、github_primary_switch_authorized=false、runtime_execution_authorized=false、action_buttons_allowed=false、not_authorization=true,不把租戶範圍當負責人回覆已收到 / 已接受、租戶政策批准、專案庫 / 分支與標籤參照 / 工作流程 / 機密設定 / 主要來源動作或執行期閘門。" ], "forbidden_actions": [ "start_kali_scan", diff --git a/scripts/security/security-mirror-progress-guard.py b/scripts/security/security-mirror-progress-guard.py index eb851e906..b9d4ec688 100755 --- a/scripts/security/security-mirror-progress-guard.py +++ b/scripts/security/security-mirror-progress-guard.py @@ -309,6 +309,7 @@ def validate(root: Path) -> None: "s2_73_awooop_work_items_owner_response_validation_candidate", "s2_74_awooop_contracts_owner_response_validation_candidate", "s2_75_awooop_approvals_owner_response_validation_boundary", + "s2_76_awooop_tenants_owner_response_validation_scope", ] assert_equal( "progress_delta_ledger.delta_ids", @@ -438,6 +439,11 @@ def validate(root: Path) -> None: [item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)], "show_awooop_tenants_github_primary_readiness_scope", ) + assert_contains( + "rollup.next_safe_actions.action_ids", + [item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)], + "show_awooop_tenants_owner_response_validation_scope", + ) assert_contains( "rollup.next_safe_actions.action_ids", [item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)], @@ -494,6 +500,29 @@ def validate(root: Path) -> None: ]: assert_text_not_contains("web_messages.zh-TW.security_surface_wording", zh_security_surface_text, forbidden) + zh_awooop_tenants_text = json.dumps(web_messages_zh["awooop"]["tenants"], ensure_ascii=False) + for forbidden in [ + "security mirror", + "migration mode", + "tenant policy", + "platform tenants API", + "primary switch", + "refs action", + "runtime tenant", + "posture mirror", + "Host coverage", + "observe-only", + "Tenant policy changes", + "owner response", + "runtime gate", + "secret value", + "workflow / secret", + "received / accepted", + "GitHub repo", + "Project ID", + ]: + assert_text_not_contains("web_messages.zh-TW.awooop.tenants_wording", zh_awooop_tenants_text, forbidden) + zh_awooop_run_detail_text = json.dumps( { "incidentEvidence": web_messages_zh["awooop"]["incidentEvidence"], @@ -5572,10 +5601,10 @@ def validate(root: Path) -> None: ]: assert_text_contains("awooop_tenants_page.security_tenant_boundary", awooop_tenants_page, text) for text in [ - "AWOOOI first tenant", - "IwoooS security mirror", - "Kali 112 / Dev 168 / Dev 111", - "S4.9-S4.12 owner response waiting", + "AWOOOI 第一租戶", + "IwoooS 資安鏡像", + "Kali 112 / 開發主機 168 / 開發主機 111", + "S4.9-S4.12 負責人回覆等待中", ]: assert_text_contains("awooop_tenants_page.security_tenant_scope_refs", awooop_tenants_page, text) for key in [ @@ -5617,10 +5646,10 @@ def validate(root: Path) -> None: 'href="/iwooos"', ) for text in [ - "AWOOOI first tenant source-control scope", - "S4.9 Gitea inventory owner attestation", - "S4.10 GitHub target owner decision", - "S4.12 workflow / secret name owner response", + "AWOOOI 第一租戶原始碼管控範圍", + "S4.9 Gitea 清冊負責人證明", + "S4.10 GitHub 目標負責人決策", + "S4.12 工作流程 / 機密名稱負責人回覆", "tenant_source_control_scope_accepted=false", "repo_owner_response_accepted=false", "repo_creation_authorized=false", @@ -5655,6 +5684,81 @@ def validate(root: Path) -> None: key, ) + assert_text_contains( + "awooop_tenants_page.owner_response_validation_scope_panel", + awooop_tenants_page, + "OwnerResponseValidationTenantScopePanel", + ) + assert_text_contains( + "awooop_tenants_page.owner_response_validation_refs", + awooop_tenants_page, + "ownerResponseValidationTenantRefs", + ) + assert_text_contains( + "awooop_tenants_page.owner_response_validation_iwooos_link", + awooop_tenants_page, + 'href="/iwooos"', + ) + for text in [ + "source_control_owner_response_validation_rollup_v1", + "gitea_inventory_owner_attestation_response_v1", + "github_target_owner_decision_response_v1", + "source_control_ref_truth_owner_response_v1", + "source_control_workflow_secret_name_owner_response_v1", + "owner_response_validation_received_count=0", + "owner_response_validation_accepted_count=0", + "owner_response_validation_rejected_count=0", + "tenant_source_control_scope_accepted=false", + "tenant_policy_mutation_authorized=false", + "repo_creation_authorized=false", + "refs_sync_authorized=false", + "workflow_modification_authorized=false", + "secret_value_collection_allowed=false", + "github_primary_switch_authorized=false", + "runtime_execution_authorized=false", + "action_buttons_allowed=false", + ]: + assert_text_contains("awooop_tenants_page.owner_response_validation_boundary", awooop_tenants_page, text) + for key in [ + "title", + "subtitle", + "badge", + "openIwooos", + "scopeRefsTitle", + "boundaryLabel", + "boundaryTitle", + "boundaryDetail", + "metrics", + "scopeRefs", + ]: + assert_contains( + "web_messages.zh-TW.awooop.tenants.ownerResponseValidationScope", + list(web_messages_zh["awooop"]["tenants"]["ownerResponseValidationScope"].keys()), + key, + ) + assert_contains( + "web_messages.en.awooop.tenants.ownerResponseValidationScope", + list(web_messages_en["awooop"]["tenants"]["ownerResponseValidationScope"].keys()), + key, + ) + for key in [ + "validationRollup", + "giteaAttestation", + "githubTarget", + "refsTruth", + "workflowSecret", + ]: + assert_contains( + "web_messages.zh-TW.awooop.tenants.ownerResponseValidationScope.scopeRefs", + list(web_messages_zh["awooop"]["tenants"]["ownerResponseValidationScope"]["scopeRefs"].keys()), + key, + ) + assert_contains( + "web_messages.en.awooop.tenants.ownerResponseValidationScope.scopeRefs", + list(web_messages_en["awooop"]["tenants"]["ownerResponseValidationScope"]["scopeRefs"].keys()), + key, + ) + assert_text_contains( "awooop_runs_page.security_run_state_panel", awooop_runs_page,