feat(web): show owner response validation tenants

This commit is contained in:
Your Name
2026-05-21 13:06:03 +08:00
parent edf69aaaa6
commit 7c4b938672
8 changed files with 458 additions and 54 deletions

View File

@@ -309,6 +309,7 @@ def validate(root: Path) -> None:
"s2_73_awooop_work_items_owner_response_validation_candidate",
"s2_74_awooop_contracts_owner_response_validation_candidate",
"s2_75_awooop_approvals_owner_response_validation_boundary",
"s2_76_awooop_tenants_owner_response_validation_scope",
]
assert_equal(
"progress_delta_ledger.delta_ids",
@@ -438,6 +439,11 @@ def validate(root: Path) -> None:
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_awooop_tenants_github_primary_readiness_scope",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
"show_awooop_tenants_owner_response_validation_scope",
)
assert_contains(
"rollup.next_safe_actions.action_ids",
[item["action_id"] for item in rollup["next_safe_actions"] if isinstance(item, dict)],
@@ -494,6 +500,29 @@ def validate(root: Path) -> None:
]:
assert_text_not_contains("web_messages.zh-TW.security_surface_wording", zh_security_surface_text, forbidden)
zh_awooop_tenants_text = json.dumps(web_messages_zh["awooop"]["tenants"], ensure_ascii=False)
for forbidden in [
"security mirror",
"migration mode",
"tenant policy",
"platform tenants API",
"primary switch",
"refs action",
"runtime tenant",
"posture mirror",
"Host coverage",
"observe-only",
"Tenant policy changes",
"owner response",
"runtime gate",
"secret value",
"workflow / secret",
"received / accepted",
"GitHub repo",
"Project ID",
]:
assert_text_not_contains("web_messages.zh-TW.awooop.tenants_wording", zh_awooop_tenants_text, forbidden)
zh_awooop_run_detail_text = json.dumps(
{
"incidentEvidence": web_messages_zh["awooop"]["incidentEvidence"],
@@ -5572,10 +5601,10 @@ def validate(root: Path) -> None:
]:
assert_text_contains("awooop_tenants_page.security_tenant_boundary", awooop_tenants_page, text)
for text in [
"AWOOOI first tenant",
"IwoooS security mirror",
"Kali 112 / Dev 168 / Dev 111",
"S4.9-S4.12 owner response waiting",
"AWOOOI 第一租戶",
"IwoooS 資安鏡像",
"Kali 112 / 開發主機 168 / 開發主機 111",
"S4.9-S4.12 負責人回覆等待中",
]:
assert_text_contains("awooop_tenants_page.security_tenant_scope_refs", awooop_tenants_page, text)
for key in [
@@ -5617,10 +5646,10 @@ def validate(root: Path) -> None:
'href="/iwooos"',
)
for text in [
"AWOOOI first tenant source-control scope",
"S4.9 Gitea inventory owner attestation",
"S4.10 GitHub target owner decision",
"S4.12 workflow / secret name owner response",
"AWOOOI 第一租戶原始碼管控範圍",
"S4.9 Gitea 清冊負責人證明",
"S4.10 GitHub 目標負責人決策",
"S4.12 工作流程 / 機密名稱負責人回覆",
"tenant_source_control_scope_accepted=false",
"repo_owner_response_accepted=false",
"repo_creation_authorized=false",
@@ -5655,6 +5684,81 @@ def validate(root: Path) -> None:
key,
)
assert_text_contains(
"awooop_tenants_page.owner_response_validation_scope_panel",
awooop_tenants_page,
"OwnerResponseValidationTenantScopePanel",
)
assert_text_contains(
"awooop_tenants_page.owner_response_validation_refs",
awooop_tenants_page,
"ownerResponseValidationTenantRefs",
)
assert_text_contains(
"awooop_tenants_page.owner_response_validation_iwooos_link",
awooop_tenants_page,
'href="/iwooos"',
)
for text in [
"source_control_owner_response_validation_rollup_v1",
"gitea_inventory_owner_attestation_response_v1",
"github_target_owner_decision_response_v1",
"source_control_ref_truth_owner_response_v1",
"source_control_workflow_secret_name_owner_response_v1",
"owner_response_validation_received_count=0",
"owner_response_validation_accepted_count=0",
"owner_response_validation_rejected_count=0",
"tenant_source_control_scope_accepted=false",
"tenant_policy_mutation_authorized=false",
"repo_creation_authorized=false",
"refs_sync_authorized=false",
"workflow_modification_authorized=false",
"secret_value_collection_allowed=false",
"github_primary_switch_authorized=false",
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
]:
assert_text_contains("awooop_tenants_page.owner_response_validation_boundary", awooop_tenants_page, text)
for key in [
"title",
"subtitle",
"badge",
"openIwooos",
"scopeRefsTitle",
"boundaryLabel",
"boundaryTitle",
"boundaryDetail",
"metrics",
"scopeRefs",
]:
assert_contains(
"web_messages.zh-TW.awooop.tenants.ownerResponseValidationScope",
list(web_messages_zh["awooop"]["tenants"]["ownerResponseValidationScope"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.tenants.ownerResponseValidationScope",
list(web_messages_en["awooop"]["tenants"]["ownerResponseValidationScope"].keys()),
key,
)
for key in [
"validationRollup",
"giteaAttestation",
"githubTarget",
"refsTruth",
"workflowSecret",
]:
assert_contains(
"web_messages.zh-TW.awooop.tenants.ownerResponseValidationScope.scopeRefs",
list(web_messages_zh["awooop"]["tenants"]["ownerResponseValidationScope"]["scopeRefs"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.tenants.ownerResponseValidationScope.scopeRefs",
list(web_messages_en["awooop"]["tenants"]["ownerResponseValidationScope"]["scopeRefs"].keys()),
key,
)
assert_text_contains(
"awooop_runs_page.security_run_state_panel",
awooop_runs_page,