fix(iwooos): 脫敏 tenants public identity
All checks were successful
Code Review / ai-code-review (push) Successful in 15s
CD Pipeline / tests (push) Successful in 1m29s
CD Pipeline / build-and-deploy (push) Successful in 4m14s
CD Pipeline / post-deploy-checks (push) Successful in 1m44s

This commit is contained in:
Your Name
2026-06-14 23:18:54 +08:00
parent 92e451cbdd
commit 8a6be1a1c1
20 changed files with 2509 additions and 95 deletions

View File

@@ -54,6 +54,12 @@
固定數字為 `acceptance_candidate_count=4``c0_acceptance_candidate_count=4``acceptance_field_count=23``required_owner_response_field_count=13``reviewer_check_count=13``outcome_lane_count=7``blocked_action_count=20``owner_response_received_count=0``owner_response_accepted_count=0``certificate_coverage_confirmed_count=0``dns_query_authorized_count=0``live_tls_probe_authorized_count=0``certbot_renew_authorized_count=0``nginx_reload_authorized_count=0``route_smoke_authorized_count=0``runtime_gate_count=0`。此更新讓 `dns_tls_certbot``74%` 推進到 `78%`,代表未來 owner 回覆可被補件、隔離、拒收或送 reviewer review它不代表 DNS query、TLS probe、certbot renew、Nginx reload、route smoke、host write 或 runtime gate 已授權。
## 1.6 2026-06-14 Docker / systemd / host service owner response acceptance 只讀帳本
已新增 `docs/security/HOST-SERVICE-OWNER-RESPONSE-ACCEPTANCE.md``docs/security/host-service-owner-response-acceptance.snapshot.json`,將 9 份 Docker / systemd / host service owner request draft 轉成 metadata-only owner response acceptance 只讀帳本。
固定數字為 `acceptance_candidate_count=9``write_capable_acceptance_candidate_count=3``live_evidence_required_candidate_count=8``acceptance_field_count=28``required_owner_field_count=12``reviewer_check_count=14``outcome_lane_count=7``blocked_action_count=20``owner_response_received_count=0``owner_response_accepted_count=0``live_host_read_authorized_count=0``docker_compose_action_authorized_count=0``systemctl_action_authorized_count=0``repair_bot_execution_authorized_count=0``ansible_apply_authorized_count=0``runtime_gate_count=0`。此更新讓 `docker_compose_systemd_host_config``50%` 推進到 `54%`,也讓高價值配置平均只讀成熟度從 `67%` 推進到 `68%`;它不代表 live host read、restart、repair-bot、Ansible、sudo、host write 或 runtime gate 已授權。
## 2. 覆蓋摘要
| 指標 | 目前值 | 說明 |
@@ -63,8 +69,8 @@
| C1 類別 | `4` | 監控、Docker / systemd、SSH / network、AI provider |
| C2 類別 | `1` | 產品 runtime route 與跨產品邊界 |
| C3 類別 | `1` | security evidence / snapshot / guard tooling |
| 平均只讀控管成熟度 | `67%` | 僅代表框架 / evidence / owner packet / acceptance ledger 準備度,不代表 runtime 可執行 |
| 需要 live evidence 的類別 | `7` | 只能等 owner-provided redacted evidence 或維護窗口,不主動修改主機 |
| 平均只讀控管成熟度 | `68%` | 僅代表框架 / evidence / owner packet / acceptance ledger 準備度,不代表 runtime 可執行 |
| 需要 live evidence 的類別 | `6` | 只能等 owner-provided redacted evidence 或維護窗口,不主動修改主機 |
| owner response required | `14` | 每類都需要 owner response 才能往 accepted 前進 |
| owner response received / accepted | `0 / 0` | 不得假性提高 |
| runtime gate | `0` | 不得產生執行按鈕 |
@@ -73,7 +79,7 @@
| 優先 | 類別 | 目前成熟度 | 下一步 |
|------|------|------------|--------|
| P1-1 | Docker Compose / systemd / host service config | `50%` | repo-only 清冊已納入 9 個 surfaceowner request draft 已轉成 9 份草稿;仍缺 owner response、110 / 188 live hash、restart window、rollback ownerpost-check 指標 |
| P1-1 | Docker Compose / systemd / host service config | `54%` | repo-only 清冊已納入 9 個 surfaceowner request draft 與 owner response acceptance ledger 已完成;仍缺 owner response、110 / 188 live hash、maintenance / restart window、rollback ownerpost-check plan、disable switch 與 no-secret-value evidence |
| P1-2 | SSH / sudoers / known_hosts / firewall / WireGuard / NodePort | `58%` | repo-only 清冊已納入 16 個 SSH / network access surfaceowner request draft 與 owner response acceptance ledger 已完成;仍缺 owner response、live access state、allowed source CIDR、host key pinning、port impact、firewall owner、maintenance window、rollback owner 與 validation plan |
| P1-3 | Backup / restore / escrow / retention | `62%` | repo-only 清冊已納入 38 個 surfaceowner request draft 與 owner response acceptance ledger 已完成;仍缺 owner response、restore drill approval package、offsite / escrow owner、retention owner、rollback owner、validation plan 與 no-secret-value evidence |
| P1-4 | Prometheus / Alertmanager / Grafana / SigNoz / Sentry / Langfuse | `62%` | repo-only 清冊已納入 60 個 monitoring / alerting / observability surfaceowner request draft 已轉成 60 份草稿;仍缺 owner response、live drift evidence、reload owner、receiver owner、route smoke 與 receipt proof |
@@ -168,6 +174,7 @@ python3 scripts/security/high-value-config-control-coverage.py \
| 全高價值配置類別註冊 | `100%` | 14 類全部來自既有 Gate 定義 |
| 覆蓋 snapshot / schema | `100%` | 已新增可重跑 snapshot 與 JSON schema |
| DNS / TLS / certbot owner response acceptance | `100%` | 已新增 `domain_tls_certbot_owner_response_acceptance_v1`4 個 C0 candidate、13 個 owner 必填欄位、13 個 reviewer checks、7 條 outcome lanes、20 類 blocked action成熟度 `74% -> 78%` |
| Docker / systemd / host service owner response acceptance | `100%` | 已新增 `host_service_owner_response_acceptance_v1`9 個 candidate、3 個 write-capable、14 個 reviewer checks、7 條 outcome lanes、20 類 blocked action成熟度 `50% -> 54%` |
| owner response 收件 | `0%` | 尚未收到或接受任何 owner response |
| live evidence collection | `0%` | 未 SSH、未 live probe、未 active scan |
| runtime gate | `0%` | 未開啟任何執行期閘門 |
@@ -178,6 +185,8 @@ python3 scripts/security/high-value-config-control-coverage.py \
2026-06-14 再新增 `host_service_owner_request_draft_v1`,把 9 個 surface 轉成 `request_draft_count=9``write_capable_request_draft_count=3``live_evidence_required_request_count=8``required_owner_field_count=12``blocked_action_count=14` 的人工送件前草稿。此更新仍不調高類別成熟度,因為 request sent、owner response received / accepted、live evidence、restart window、rollback owner、runtime gate 與 action button 仍全部為 `0`
2026-06-14 再新增 `host_service_owner_response_acceptance_v1`,把 9 份 request draft 轉成 `acceptance_candidate_count=9``write_capable_acceptance_candidate_count=3``live_evidence_required_candidate_count=8``required_owner_field_count=12``reviewer_check_count=14``outcome_lane_count=7``blocked_action_count=20` 的 owner response acceptance 只讀帳本。此更新讓 `docker_compose_systemd_host_config``50%` 推進到 `54%`,但 owner response received / accepted、live hash、maintenance / restart window、rollback owner、post-check plan、disable switch、live host read、SSH、Docker Compose、systemctl、repair-bot、Ansible、sudo、host write、runtime gate 與 action button 仍全部為 `0`
## 9. P1-2 SSH / network access 清冊更新
`ssh_network_access_inventory_v1` 已把 SSH target、known_hosts workflow、CI deploy SSH、monitoring SSH、backup SSH capture、sudoers wrapper、NetworkPolicy、NodePort、WireGuard runbook 與 alert SSH action catalog 納入 repo-only 清冊,共 `16` 個 surface、`6` 個 write-capable surface、`2` 個 NetworkPolicy、`2` 個 NodePort、`1` 個 sudoers surface 與 `1` 個 WireGuard surface。此更新只讓 `ssh_firewall_network_access``48%` 推進到 `54%`owner response、live evidence、maintenance window、rollback owner、runtime gate 與 action button 仍全部為 `0`

View File

@@ -19,6 +19,10 @@
此 artifact 只表示 owner request 的 required shape不代表 request sent、recipient confirmed、owner response received / accepted、live host read、Docker Compose action、systemctl action、repair-bot execution、Ansible apply、secret collection、host write、production write 或 runtime gate。
2026-06-14 再新增 `docs/security/HOST-SERVICE-OWNER-RESPONSE-ACCEPTANCE.md``docs/security/host-service-owner-response-acceptance.snapshot.json`,將 9 份 request draft 轉成 owner response acceptance 只讀帳本。固定 `acceptance_candidate_count=9``write_capable_acceptance_candidate_count=3``live_evidence_required_candidate_count=8``required_owner_field_count=12``reviewer_check_count=14``outcome_lane_count=7``blocked_action_count=20``owner_response_received_count=0``owner_response_accepted_count=0``runtime_gate_count=0`
此 artifact 只表示未來 owner 回覆可被收件、補件、隔離、拒收或進 reviewer review不代表 live host read、SSH、Docker Compose、systemctl、repair-bot、Ansible、sudo、host write、production write 或 runtime gate。
## 2. 覆蓋摘要
| 指標 | 目前值 | 說明 |
@@ -107,3 +111,4 @@ python3 scripts/security/host-service-config-inventory.py \
| live evidence collection | `0%` | 未 SSH、未讀 live host、未 active scan |
| restart / apply gate | `0%` | 未開啟 docker compose / systemctl / Ansible / repair-bot 操作 |
| owner request draft | `100%` | 已新增 9 份 request draft、snapshot、文件與 guardrequest sent / received / accepted 仍為 0 |
| owner response acceptance | `100%` | 已新增 9 份 acceptance candidate、snapshot、文件與 guardowner response received / accepted、live host read、restart / apply gate 仍為 0 |

View File

@@ -15,6 +15,8 @@
這不是主機真相、不是 live hash 收件、不是 restart window 已接受,也不是 `docker compose``systemctl`、repair-bot、Ansible 或 SSH 授權。
2026-06-14 已新增 `docs/security/HOST-SERVICE-OWNER-RESPONSE-ACCEPTANCE.md``docs/security/host-service-owner-response-acceptance.snapshot.json`,把本文件 9 份 request draft 轉成 owner response acceptance 只讀帳本。固定 `candidates=9``write_capable=3``live_evidence_required=8``reviewer_checks=14``outcome_lanes=7``blocked_actions=20`,但 owner response received / accepted、live host read、Docker Compose、systemctl、repair-bot、Ansible、sudo、host write 與 runtime gate 仍全部為 `0 / false`
## 2. 摘要
| 指標 | 目前值 | 說明 |
@@ -105,3 +107,4 @@ python3 scripts/security/security-mirror-progress-guard.py --root .
| live evidence collection | `0%` | 未 SSH、未讀 live host、未 active scan |
| restart / apply / repair-bot / Ansible gate | `0%` | 未授權且未執行 |
| runtime gate / production write | `0%` | 未授權且未執行 |
| owner response acceptance ledger | `100%` | 已新增 acceptance ledger仍不是 owner response received / accepted 或 runtime approval |

View File

@@ -0,0 +1,137 @@
# IwoooS Docker / systemd / 主機服務 Owner Response Acceptance
| 項目 | 內容 |
|------|------|
| 日期 | 2026-06-14 |
| 狀態 | `owner_response_acceptance_ledger_ready_no_runtime_action` |
| 工具 | `scripts/security/host-service-owner-response-acceptance.py` |
| 輸入 | `docs/security/host-service-config-inventory.snapshot.json``docs/security/host-service-owner-request-draft.snapshot.json` |
| Snapshot | `docs/security/host-service-owner-response-acceptance.snapshot.json` |
| runtime gate | `0` |
## 1. 目的
Docker / systemd / host service config 會直接影響 110 / 188 的 Compose stack、repair-bot、Ansible service role、host config backup 與服務 restart 邊界。既有 repo-only 清冊與 owner request draft 已完成,但若缺少 owner response acceptance 帳本,後續容易把未驗收回覆誤判成 live host read、`docker compose``systemctl`、repair-bot、Ansible、sudo 或 host write 授權。
本文件只定義 owner response 如何收件、補證、隔離、拒收與進 reviewer review。它不是 request sent、不是 owner response received、不是 accepted response、不是 live host read、不是 Docker / systemd 操作,也不是 repair-bot、Ansible、SSH、host write、production write 或 runtime gate 授權。
## 2. 摘要
| 指標 | 值 | 說明 |
|------|----|------|
| acceptance candidate count | `9` | 9 個 host service surface |
| write-capable candidate count | `3` | Ansible role、110 repair-bot、188 repair-bot |
| live evidence required candidate count | `8` | local dev compose 之外都需 owner-provided live hash / disposition |
| acceptance field count | `28` | 每份 candidate 的 metadata-only 欄位 |
| required owner field count | `12` | owner / decision / scope / redacted refs / live hash / windows / rollback / post-check / disable switch |
| reviewer check count | `14` | owner、scope、redaction、secret、live hash、restart window、rollback、post-check、runtime request 檢查 |
| outcome lane count | `7` | waiting、quarantine、reject、supplement、host service review、read-only update、waiting runtime gate |
| blocked action count | `20` | SSH、Docker Compose、systemctl、repair-bot、Ansible、sudo、host write、active scan 等 |
| owner response received / accepted | `0 / 0` | 尚未收到,尚未驗收 |
| live host read / Docker / systemctl / repair-bot / Ansible | `0 / 0 / 0 / 0 / 0` | 尚未批准且未執行 |
| runtime gate / action button | `0 / 0` | 未開啟 |
## 3. 九份驗收候選
| Acceptance candidate | Host scope | 類型 | 驗收焦點 |
|----------------------|------------|------|----------|
| `host_service_owner_response_acceptance:local_dev_compose` | `local_dev_only` | Docker Compose | dev-only disposition、不得誤用 production、secret placeholder policy |
| `host_service_owner_response_acceptance:monitoring_110_compose` | `192.168.0.110` | Docker Compose | live hash ref、restart window、rollback owner、post-check 指標 |
| `host_service_owner_response_acceptance:monitoring_exporters_188_compose` | `192.168.0.188` | Docker Compose | exporter env source、live hash ref、rollback owner |
| `host_service_owner_response_acceptance:sentry_110_reference_compose` | `192.168.0.110` | reference compose | actual source-of-truth、official revision、backup path、rollback owner |
| `host_service_owner_response_acceptance:langfuse_110_compose` | `192.168.0.110` | Docker Compose | live hash ref、secret placeholder disposition、restart window、rollback owner |
| `host_service_owner_response_acceptance:ansible_docker_compose_service_role` | `multi_host` | Ansible executor role | allowed service_dir、check-mode、人工 gate、rollback owner |
| `host_service_owner_response_acceptance:repair_bot_110_whitelist` | `192.168.0.110` | repair whitelist | authorized_keys binding、disable switch、audit log、post-check |
| `host_service_owner_response_acceptance:repair_bot_188_whitelist` | `192.168.0.188` | repair whitelist | systemd restart approval gate、sudoers boundary、disable switch、route smoke |
| `host_service_owner_response_acceptance:config_backup_host_capture` | `110_188_120_121_cluster` | config backup capture | latest backup status、restore drill owner、secret handling proof |
## 4. Owner response 必填欄位
| 欄位 | 規則 |
|------|------|
| `owner_role_or_team` | 只填角色或團隊,不填私人聯絡資料或 credential |
| `decision` | 允許 `confirm``defer``reject``request_more_evidence` |
| `decision_reason` | 摘要說明,不貼 raw compose、env dump、systemd unit、secret 或 log payload |
| `affected_scope` | 明確列出 host scope、service scope、repo source、runtime 影響範圍 |
| `redacted_evidence_refs` | 只接受脫敏 ref、ticket id、文件路徑、hash 或摘要 |
| `live_config_hash_ref` | 只能是 owner-provided metadata ref不得貼 raw live config |
| `maintenance_window` | 未來 live read、restart、repair-bot 或 Ansible 動作的窗口;本 response 不開執行權 |
| `restart_window` | restart / reload window 必須與 action 分離,不得自動執行 |
| `rollback_owner` | 未來若進變更的 rollback owner |
| `post_check_plan` | 服務健康、route、queue、log、error budget 與 rollback 停止條件 |
| `disable_switch` | repair-bot、Ansible role 或 service config 的停用方式 / freeze rule |
| `followup_owner` | 後續補證、reviewer 或 runtime gate 負責角色 |
## 5. Reviewer checks
| Check | 說明 |
|-------|------|
| `owner_identity_present` | owner role / team 必須可追溯 |
| `decision_reason_present` | decision 與 reason 必須同時存在 |
| `affected_scope_matches_surface` | affected scope 必須能對回 committed surface_id |
| `redacted_refs_only` | evidence 只能是脫敏 ref、ticket、hash、文件路徑或摘要 |
| `secret_value_absent` | 不得出現 token、password、cookie、private key、env dump 或 partial secret |
| `live_config_hash_metadata_only` | live config hash 只能是 metadata ref不得貼 raw live config |
| `maintenance_window_present` | 未來 host read、restart、repair-bot 或 Ansible 動作需獨立維護窗口 |
| `restart_window_separate_from_action` | restart window 與 docker / systemctl action 必須分離 |
| `rollback_owner_present` | rollback owner、rollback ref 或 disable path 必須存在 |
| `post_check_plan_present` | post-check 必須列服務健康、route、queue、log 與 rollback 停止條件 |
| `disable_switch_present` | repair-bot、Ansible role 或 service config 需有 disable switch 或 freeze rule |
| `write_capable_requires_extra_review` | write-capable surface 必須進額外 reviewer review |
| `no_runtime_request` | 夾帶 SSH、Docker、systemctl、repair-bot、Ansible、sudo 或 host write 要求時拒收 |
| `counts_transition_safe` | 只有 reviewer record 可更新 received / accepted / rejected且不得開 runtime gate |
## 6. Outcome lanes
| Lane | 意義 |
|------|------|
| `waiting_owner_response` | 尚未收到 owner response |
| `quarantine_secret_or_raw_payload` | 收到 secret、env dump、raw compose、raw systemd unit 或未脫敏 host config 時隔離 |
| `reject_execution_request` | 夾帶 SSH、Docker、systemctl、repair-bot、Ansible、sudo 或 host write 要求時拒收 |
| `request_supplement` | 欄位不足、scope 不清、live hash ref / rollback / post-check 缺失時要求補件 |
| `ready_for_host_service_review` | metadata 合格後,只能進 host service reviewer review |
| `owner_review_only_update` | 只允許更新只讀 owner review ledger |
| `waiting_runtime_gate` | 即使 owner response acceptedruntime gate 仍等待獨立人工批准 |
## 7. 禁止事項
1. 不 SSH read / write。
2. 不執行 `docker compose up/down/pull`
3. 不執行 `systemctl restart/reload`
4. 不呼叫 repair-bot。
5. 不跑 Ansible apply。
6. 不做 sudo action、host file write 或 firewall change。
7. 不保存 raw live config、env dump、secret value、未脫敏 log 或 shell history。
8. 不把 restart window、maintenance window 或 owner response 當成 runtime approval。
9. 不開 runtime gate不建立 action button。
## 8. 指令
產生 committed snapshot
```bash
python3 scripts/security/host-service-owner-response-acceptance.py \
--root . \
--inventory-report docs/security/host-service-config-inventory.snapshot.json \
--owner-request-report docs/security/host-service-owner-request-draft.snapshot.json \
--output docs/security/host-service-owner-response-acceptance.snapshot.json \
--generated-at 2026-06-14T23:45:00+08:00
```
驗證 guard
```bash
python3 scripts/security/security-mirror-progress-guard.py --root .
```
## 9. 完成度
| 工作 | 完成度 | 說明 |
|------|--------|------|
| owner response acceptance ledger artifact | `100%` | 產生器、snapshot 與文件已固定 |
| Docker / systemd / host service 只讀治理成熟度 | `50% -> 54%` | 收件驗收帳本更完整;不代表 live evidence 或 runtime action |
| owner response received / accepted | `0%` | 尚未收到,尚未驗收 |
| live config hash accepted | `0%` | 尚未收到 owner-provided metadata ref |
| live host read / SSH | `0%` | 尚未批准且未執行 |
| Docker / systemd / repair-bot / Ansible | `0%` | 尚未批准且未執行 |
| runtime gate / host write | `0%` | 未授權且未執行 |

View File

@@ -32,8 +32,8 @@
| 註冊配置類別 | `14` | 代表已進 Gate 分類,不代表已批准 |
| C0 類別 | `8` | Nginx、DNS / TLS、K8s、secret、workflow / runner、runtime config、backup、agent-bounty runtime |
| C1 類別 | `4` | 監控、Docker / systemd、SSH / network、AI provider |
| 平均只讀控管成熟度 | `67%` | 只代表框架 / evidence / owner packet / acceptance ledger 準備度 |
| 需要 live evidence 類別 | `7` | 只能等 owner-provided redacted evidence 或維護窗口,不主動 SSH |
| 平均只讀控管成熟度 | `68%` | 只代表框架 / evidence / owner packet / acceptance ledger 準備度 |
| 需要 live evidence 類別 | `6` | 只能等 owner-provided redacted evidence 或維護窗口,不主動 SSH |
| owner response required | `14` | owner response received / accepted 仍 `0 / 0` |
| runtime gate | `0` | 不提供執行按鈕 |
@@ -89,6 +89,12 @@
此更新只表示 SAN / wildcard / 共用憑證覆蓋關係、certificate expiry metadata、renewal owner、ACME route owner、maintenance window、rollback owner 與 validation plan 已有收件驗收規則owner response received / accepted、certificate coverage confirmed、DNS query、TLS probe、certbot renew、Nginx reload、route smoke、DNS record / certificate path / ACME route 變更、host write、runtime gate 仍全部為 `0 / false`
### 0.8 2026-06-14 Docker / systemd / host service owner response acceptance 只讀帳本
`host_service_owner_response_acceptance_v1` 已把 9 份 Docker / systemd / host service owner request draft 轉成 owner response acceptance 只讀帳本。固定 `candidates=9``write_capable=3``live_evidence_required=8``owner_fields=12``reviewer_checks=14``outcome_lanes=7``blocked_actions=20`,讓 Docker / systemd / host service 類別成熟度從 `50%` 推進到 `54%`,高價值配置平均只讀成熟度從 `67%` 推進到 `68%`
此更新只表示 live config hash ref、maintenance / restart window、rollback owner、post-check plan、disable switch 與 no-secret-value evidence 已有收件驗收規則owner response received / accepted、live host read、SSH、Docker Compose、systemctl、repair-bot、Ansible、sudo、host write、runtime gate 仍全部為 `0 / false`
## 1. 目前已不符合新要求的項目
| 優先 | 項目 | 現況 | 風險 | 本階段處置 |
@@ -102,7 +108,7 @@
| P1 | 高價值配置變更 Gate | 已有 C0-C3 清冊與 Hard Rule但原本缺少可重跑 path 分類 | reviewer 只能靠人工記憶判斷 Nginx、workflow、secret、K8s、DNS、AI provider 是否需 owner gate | 已新增 `scripts/security/high-value-config-change-gate.py`;本階段只分類,不接 CI blocking |
| P0 | DNS / TLS / certbot | 已有 domain / certificate path 清冊、owner confirmation request 與 owner response acceptance 只讀帳本,但仍缺 owner-provided coverage metadata、expiry metadata、renewal owner、ACME route owner、maintenance window 與 rollback owner | 憑證過期、錯誤 cert path、ACME challenge 被覆蓋會造成公開服務中斷 | 維持 C0下一步只收脫敏 metadata ref不做 DNS query、TLS probe、certbot renew 或 reload |
| P1 | workflow / runner / deploy key / secret name | 已有 Gitea / GitHub readiness 盤點,但尚未把配置變更和 IwoooS 高價值配置共用 gate 合併 | workflow 或 runner 改錯會直接影響部署與 secret 注入 | 納入 C0維持只讀 owner response不收 secret value |
| P1 | Docker Compose / systemd live config | 110 / 188 多服務由 compose、systemd 與 recovery scripts 管理 | restart policy、port、volume、env 改動會影響 Harbor、Sentry、Langfuse、Gitea、agent-bounty-protocol | 已有 repo-only inventory 與 owner request draft下一步只收脫敏 owner response / live hash不主動 SSH |
| P1 | Docker Compose / systemd live config | 已有 repo-only inventory、owner request draft 與 owner response acceptance 只讀帳本,但仍缺 owner-provided live hash、maintenance / restart window、rollback owner、post-check plan、disable switch 與 no-secret-value evidence | restart policy、port、volume、env 改動會影響 Harbor、Sentry、Langfuse、Gitea 與代理賞金協議 runtime | 下一步只收脫敏 owner response / live hash metadata不主動 SSH、不重啟、不跑 repair-bot |
| P1 | AI provider / Ollama proxy | 110 Nginx proxy、GCP-A/B、111 fallback、API provider route 多處配置 | provider route drift 會造成成本、可用性、資料外送與模型品質風險 | 納入 C1任何切換仍需 dry-run / benchmark / owner gate |
| P1 | agent-bounty-protocol runtime / treasury / A2A / MCP | 已納入只讀範圍,但尚未有 production host、compose、domain、TLS、rollback owner 完整資料 | 外部 agent、claim / submit、payout 或 webhook 若未控管,風險高於一般網站 | 納入 C2仍不改該 repo、不讀 `.env`、不部署 |
@@ -155,7 +161,7 @@ Nginx 是目前必須最先資安控管的配置,原因是它同時控制公
| P1 | Grafana / SigNoz / Sentry / Langfuse | `ops/grafana/*``ops/signoz/*``ops/sentry-self-hosted/*``infra/langfuse/*``docs/security/MONITORING-ALERTING-OBSERVABILITY-INVENTORY.md``docs/security/MONITORING-OWNER-REQUEST-DRAFT.md` | 110 compose / public gateway | owner request draft 已固定;仍缺 admin secret owner、public route proof、backup owner、smoke plan、upgrade window 與 rollback owner |
| P1 | Harbor / registry | Nginx templates、backup scripts、CD workflows | 110 Harbor / registry domains | robot account owner、image tag immutability、scan policy、TLS |
| P1 | PostgreSQL / Redis / MinIO | app config、backup scripts、monitoring config | 188 / 110 / K3s | no plaintext DSN, access boundary, backup, restore, metrics auth |
| P1 | Docker Compose / systemd | `docker-compose.yml``ops/*/docker-compose.yml``scripts/reboot-recovery/*.service` | 110 / 188 / agent-bounty hosts | port / volume / env diff、restart window、rollback owner |
| P1 | Docker Compose / systemd | `docker-compose.yml``ops/*/docker-compose.yml``scripts/reboot-recovery/*.service``docs/security/HOST-SERVICE-OWNER-REQUEST-DRAFT.md``docs/security/HOST-SERVICE-OWNER-RESPONSE-ACCEPTANCE.md` | 110 / 188 / agent-bounty hosts | live hash metadata、port / volume / env diff、maintenance / restart window、rollback owner、post-check plan、disable switch不得 restart / apply |
| P1 | SSH / sudoers / known_hosts | Ansible inventory、ops scripts、runner scripts | host owners | owner request draft 已固定;下一步只收脫敏 live access state、known_hosts / host-key policy、target whitelist 與 rollback owner |
| P1 | Firewall / WireGuard / NodePort / VIP | K8s service / network policy、Kali / wg-easy docs | network owner | owner request draft 已固定;下一步只收 allowed source CIDR、maintenance window、rollback owner 與 validation planno unreviewed port exposure |
| P1 | AI provider / model routing | `apps/api/src/services/ai_providers/*`、Ollama runbooks、Nginx proxy | AI owner | dry-run、benchmark、cost / privacy review、fallback order gate |
@@ -215,6 +221,7 @@ Nginx 是目前必須最先資安控管的配置,原因是它同時控制公
| owner response request / received / accepted | `0%` | Packet 只是草案;尚未送件、尚未收件、尚未 reviewer accepted |
| agent-bounty-protocol owner request draft | `100%` | 已將 repo / refs、deployment、data classification、external agent / treasury 與 7 個 product surface 轉成 11 份 owner request draftclaim / submit、payout、cron / daemon、runtime gate 仍為 0 |
| Docker / systemd owner request draft | `100%` | 已將 9 個 host service surface 轉成 owner request draftrequest sent / received / accepted 仍為 0 |
| Docker / systemd owner response acceptance | `100%` | 已新增 `host_service_owner_response_acceptance_v1`9 個 candidate、3 個 write-capable、8 個需 live evidence、14 個 reviewer checks、7 條 outcome lanes、20 類 blocked action成熟度 `50% -> 54%` |
| SSH / firewall / network owner request draft | `100%` | 已將 16 個 SSH / network access surface 轉成 owner request draftrequest sent / received / accepted、port change、firewall change、NetworkPolicy apply、NodePort change、WireGuard change 仍為 0 |
| SSH / firewall / network owner response acceptance | `100%` | 已新增 `ssh_network_owner_response_acceptance_v1`16 個 candidate、6 個 write-capable、15 個 reviewer checks、7 條 outcome lanes、22 類 blocked action成熟度 `54% -> 58%` |
| Backup / restore / escrow owner request draft | `100%` | 已將 38 個 backup / restore / escrow surface 轉成 owner request draftrequest sent / received / accepted、backup run、restore run、offsite sync、remote delete、escrow marker write、retention change 仍為 0 |
@@ -232,7 +239,7 @@ Nginx 是目前必須最先資安控管的配置,原因是它同時控制公
3. P0向 owner 收 DNS / TLS / certbot 脫敏 coverage metadata ref、expiry metadata ref、renewal owner、ACME route owner、maintenance window、rollback owner 與 validation plan不做 DNS query、TLS probe、certbot renew 或 reload。
4. P0把 workflow / runner / secret name owner response 與高價值配置 C0 gate 串成同一個 IwoooS 狀態。
5. P0把 agent-bounty-protocol compose / MCP / A2A / treasury 高價值配置欄位接入同一個 owner packet queue不啟用 runtime。
6. P1向 owner 收 110 / 188 Docker Compose 與 systemd 脫敏 live hashrestart window、rollback ownerpost-check 指標;不主動 SSH、不重啟、不跑 repair-bot。
6. P1向 owner 收 110 / 188 Docker Compose 與 systemd 脫敏 live hash metadata、maintenance / restart window、rollback ownerpost-check plan、disable switch 與 no-secret-value evidence;不主動 SSH、不重啟、不跑 repair-bot。
7. P1向 owner 收 SSH / firewall / WireGuard / NodePort 脫敏 live access state、allowed source CIDR、maintenance window、rollback owner 與 validation plan不主動 keyscan、不改 firewall、不開關端口。
8. P1向 owner 收 backup / restore / offsite / escrow 非敏感 evidence id、最新備份狀態、restore drill plan、maintenance window、rollback owner 與 validation plan驗收前 backup run、restore drill、offsite sync、remote delete、escrow marker write、retention change 全部維持 `0 / false`
9. P1把 Prometheus / Alertmanager / Grafana / SigNoz / Sentry / Langfuse owner request draft 接入 AwoooP 只讀狀態;驗收前 reload、receiver route change、silence change、Telegram send 與 alert chain smoke 全部維持 `0 / false`

View File

@@ -95,7 +95,7 @@ IwoooS 首版只讀取或對齊以下已提交 evidence
51. 10 個 frontend surface reverse bridge statuses顯示既有資安入口目前是 embedded bridge、direct bridge 或 AwoooP read-only candidate這只是連接狀態不代表 owner response、runtime authorization、Code Review blocker、Gitea/GitHub action 或任何執行控制。
52. 6 個 source control primary readiness items顯示 GitHub primary 前置缺口candidate repo inventory、primary ready counter、owner response validation、refs truth、workflow / secret name inventory、rollback ADR這只是 readiness不代表 repo 建立、visibility 變更、refs mutation、secret value collection、primary switch 或 Gitea 停用。
53. 4 個 rollout risk read-only items顯示風險來源部署 marker、`AWOOOI_ROLLOUT_RISK=1`、ArgoCD `Degraded` / `OutOfSync`、API health / smoke 已通過與執行期閘門仍為 0這只是部署風險可見性不代表 ArgoCD sync、kubectl、主機重啟、修復、部署或 runtime gate 已授權。
54. 14 類 high-value config control coverage statuses顯示 Nginx、DNS / TLS、K8s、secret、workflow、backup、agent-bounty runtime、monitoring、Docker / systemd、SSH / network、AI provider、產品 route 與 security evidence 的全域配置控管覆蓋矩陣;平均只讀成熟度 `67%`、C0 類別 `8`、需 live evidence 類別 `7`、owner response received / accepted 與 runtime gate 仍為 `0`,不代表 reload、sync、scan、secret rotation、payout 或主機操作授權。
54. 14 類 high-value config control coverage statuses顯示 Nginx、DNS / TLS、K8s、secret、workflow、backup、agent-bounty runtime、monitoring、Docker / systemd、SSH / network、AI provider、產品 route 與 security evidence 的全域配置控管覆蓋矩陣;平均只讀成熟度 `68%`、C0 類別 `8`、需 live evidence 類別 `6`、owner response received / accepted 與 runtime gate 仍為 `0`,不代表 reload、sync、scan、secret rotation、payout 或主機操作授權。
55. 9 個 host-service config repo-only inventory surfaces顯示 Docker Compose、systemd / repair-bot、Ansible service role 與 host config backup capture 的第一層清冊write-capable surface `3`、repair-bot whitelist `2`、systemd restart surface `1`owner response、live evidence、restart window、rollback owner、runtime gate 與 action button 仍全部為 `0`,不代表 `docker compose``systemctl`、repair-bot 或 Ansible apply 已授權。
56. 16 個 SSH / network access repo-only inventory surfaces 與 owner response acceptance 只讀帳本,顯示 SSH target、known_hosts workflow、CI deploy SSH、monitoring SSH、backup SSH capture、sudoers wrapper、NetworkPolicy、NodePort、WireGuard runbook 與 alert SSH action catalog 的第一層清冊write-capable surface `6`、NetworkPolicy `2`、NodePort `2`、sudoers `1`、WireGuard `1`acceptance candidate `16`、reviewer check `15`、outcome lane `7`、blocked action `22`,讓 SSH / network 類別成熟度從 `54%` 推進到 `58%`owner response、live evidence、maintenance window、rollback owner、runtime gate 與 action button 仍全部為 `0`,不代表 SSH、sudo、firewall、NetworkPolicy、NodePort、WireGuard 或 known_hosts patch 已授權。
57. 38 個 Backup / restore / escrow / retention repo-only inventory surfaces顯示 backup orchestration、service backup scripts、restic retention、offsite sync、credential escrow、Velero restore drill、backup health alert 與 cold-start / DR runbook 的第一層清冊write-capable surface `27`、restore drill surface `4`、offsite / escrow surface `8`owner response、live evidence、restore drill、offsite sync、credential escrow、retention change、runtime gate 與 action button 仍全部為 `0`,不代表 backup、restore、offsite sync、remote delete、restic prune、escrow marker write、rclone config 或 Velero restore 已授權。

View File

@@ -3,7 +3,7 @@
| 項目 | 內容 |
|------|------|
| 日期 | 2026-06-15 |
| 狀態 | IwoooS 64% 只讀治理推進中P2-145 owner response acceptance gate 已完成正式驗證P0 DNS / TLS / certbot owner response acceptance 只讀帳本已本地完成S4.9 owner response gate 仍是第一優先 |
| 狀態 | IwoooS 64% 只讀治理推進中P2-145 owner response acceptance gate 已完成正式驗證P1 Docker / systemd / host service owner response acceptance 只讀帳本已本地完成S4.9 owner response gate 仍是第一優先 |
| 本階段完成 | 資安供應鏈 contract manifest + Source Control Approval Board + Draft Reconcile Plan + Ref Detail Diff + Ref Truth Classification + Source Control Ref Truth Owner Response 收件包 + GitHub Primary Readiness Gate + GitHub Primary Rollback ADR + GitHub Target Owner Decision Response 收件包 + Gitea 認證清冊匯出請求 + Gitea 認證清冊匯入驗收契約 + Gitea 清冊覆蓋 Owner Attestation + Gitea Owner Attestation Approval Lane 對齊 + Gitea Owner Attestation Response 收件包 + Workflow / Secret Name Inventory + Workflow / Secret Name Local Evidence + Workflow / Secret Name Redacted Export Request + Workflow / Secret Name Owner Response 收件包 + Source Control Owner Response Validation Rollup + Kali 112 live integration status + Security Finding contract + Kali scan scope approval package + Security Approval Queue + S3 人工批准 Gate + S3 人工決策紀錄 + S3 人工審查封包 + S3 人工決策狀態轉移 + S3 後續 runtime gate 準備契約 + 鏡像 readiness index + 鏡像接收計畫 + 鏡像事件信封 + 鏡像路由矩陣 + 鏡像驗收契約 + 鏡像隔離契約 + 鏡像 dry-run 報告契約 + 鏡像狀態彙整契約 + IwoooS 前端態勢入口 + IwoooS posture projection contract + IwoooS 既有前端資安頁面整合 + IwoooS 覆蓋與邊界矩陣 + IwoooS 只讀資安處理旅程 + IwoooS owner evidence readiness board + IwoooS host coverage view + IwoooS host action gate matrix + IwoooS host evidence readiness board + IwoooS host evidence collection order + IwoooS host evidence intake preflight + IwoooS host evidence review outcome lanes + IwoooS host evidence review handoff packets + IwoooS host evidence reviewer checklist + IwoooS host evidence reviewer outcome lanes + IwoooS host owner decision candidate packets + IwoooS host owner decision review checklist + IwoooS host owner decision review outcome lanes + IwoooS host owner decision record draft packets + IwoooS host owner decision record draft review checklist + IwoooS host owner decision record draft review outcome lanes + IwoooS host owner decision record write-up packets + IwoooS host owner decision record write-up review checklist + IwoooS host owner decision record write-up review outcome lanes + IwoooS host owner decision record formal candidate packets + IwoooS host owner decision record formal candidate review checklist + IwoooS host owner decision record formal candidate review outcome lanes + IwoooS host owner decision record formal record queue packets + IwoooS host owner decision record formal record queue review checklist + IwoooS host owner decision record formal record queue review outcome lanes + IwoooS host owner decision record human handoff readiness packets + IwoooS host owner decision record human handoff readiness review checklist + IwoooS host owner decision record human handoff readiness review outcome lanes + IwoooS host owner decision record human record owner review candidate packets + IwoooS host owner decision record human record owner review candidate checklist + IwoooS host owner decision record human record owner review candidate outcome lanes + IwoooS host owner decision record human record owner review preparation packets + IwoooS host owner decision record human record owner review preparation checklist + IwoooS progress acceleration lanes + IwoooS owner response next-action focus + IwoooS S4.9 owner response preflight + IwoooS S4.9 owner response request templates + IwoooS progress hold movement gates + IwoooS AwoooP read-only landing readiness + IwoooS AwoooP cross-session handoff packets + AwoooP 首頁 IwoooS 資安鏡像候選 + AwoooP 工作鏈路 IwoooS 資安鏡像候選 + AwoooP 審批佇列 IwoooS owner response 只讀焦點 |
| 本階段追加 | AwoooP 合約儀表板 IwoooS 資安契約只讀候選 + AwoooP 租戶管理 IwoooS 資安租戶範圍只讀候選 + AwoooP 執行監控 IwoooS 執行狀態只讀候選 + 既有安全 / 合規頁面 IwoooS 只讀反向橋接 + 告警 / 錯誤 / 授權 / 治理頁面 IwoooS 只讀反向橋接 + 稽核 / 工程審查頁面 IwoooS 深色只讀反向橋接 + IwoooS 前端資安頁面連接狀態板 + IwoooS GitHub 主要來源就緒度只讀狀態板 + AwoooP 工作鏈路 GitHub 主要來源就緒度只讀工作項 + AwoooP 合約儀表板 GitHub 主要來源就緒度合約只讀候選 + AwoooP 審批佇列 GitHub 主要來源就緒度審批邊界 + AwoooP 首頁 GitHub 主要來源就緒度只讀摘要 + AwoooP 租戶管理 GitHub 主要來源就緒度租戶範圍 + AwoooP 執行監控 GitHub 主要來源就緒度執行邊界 + IwoooS / AwoooP 資安可視區塊繁體中文呈現防護檢查 + AwoooP 執行詳情 / 審批詳情繁體中文呈現防護檢查 + AwoooP 首頁負責人回覆驗收總覽 + AwoooP 工作鏈路負責人回覆驗收只讀工作項 + AwoooP 合約儀表板負責人回覆驗收契約只讀候選 + AwoooP 審批佇列負責人回覆驗收只讀審查邊界 + AwoooP 租戶管理負責人回覆驗收租戶範圍 + AwoooP 執行監控負責人回覆驗收執行邊界 + AwoooP 執行詳情負責人回覆驗收詳情邊界 + AwoooP 審批決策負責人回覆驗收審批邊界 + IwoooS AwoooP 資安入口覆蓋狀態板 + IwoooS 階段式資安收斂節奏圖 + IwoooS 下一步人工收件作戰板 + IwoooS 人工回覆安全驗收閘道 + IwoooS 人工回覆審查結果分流 + IwoooS 人工決策準備佇列 + IwoooS 人工決策紀錄草稿防誤用 + IwoooS 人工決策正式紀錄負責人指派確認準備包 + IwoooS 人工決策正式紀錄負責人指派確認清單 + IwoooS 人工決策正式紀錄負責人指派確認結果分流 + IwoooS 人工決策正式紀錄負責人指派決策準備包 + IwoooS 人工決策正式紀錄負責人指派決策檢查清單 + IwoooS S4.9 負責人回覆封套欄位 + IwoooS S4.9 負責人回覆封套送件前檢查 + IwoooS S4.9 負責人回覆封套送件前結果分流 + IwoooS S4.9 負責人回覆送件請求草稿 + IwoooS S4.9 負責人回覆送件鏈路摘要 + IwoooS 低摩擦分階段收斂主控 + IwoooS 低摩擦下一步行動邊界 + IwoooS 64% 進度移動訊號驗收條 + IwoooS 第一個進度解鎖路徑 + IwoooS 第一解鎖證據包 + IwoooS 第一解鎖證據包預檢分流 + IwoooS 第一解鎖證據包補件路徑 + IwoooS 第一解鎖證據包補件送審前檢查 + IwoooS 第一解鎖證據包補件送審結果分流 + IwoooS 第一解鎖證據包 reviewer 指派準備包 + IwoooS 第一解鎖證據包 reviewer 指派前檢查 + IwoooS 第一解鎖證據包 reviewer 指派前檢查結果分流 + IwoooS 正式只讀 landing 與 Kali 112 只讀證據進度重估 |
| 本階段追加補充 | IwoooS 目前具體工作地圖 + IwoooS 目前具體交付清單 + IwoooS 目前阻塞與解除條件 + IwoooS 三軸進度與全產品套用範圍 + IwoooS 全產品分階段套用台帳 + IwoooS 全產品 rollout 波次驗收門檻 + IwoooS 全產品 rollout 驗收結果分流 + IwoooS 全產品證據接線地圖 + IwoooS 全產品證據接線預檢 + IwoooS 全產品證據接線預檢結果分流 + IwoooS 全產品預檢補件回收台帳 + IwoooS 全產品補件重試門檻 + IwoooS 全產品重試結果分流 + IwoooS 全產品人工審查候選準備 + IwoooS 全產品人工審查候選預檢 + IwoooS 全產品人工審查候選預檢結果分流 + IwoooS 全產品人工審查候選預檢補件回收台帳 + IwoooS 全產品人工審查候選預檢補件重試門檻 + IwoooS 全產品只讀套用快照 + P2-145 owner response acceptance gate 正式驗證完成 |
@@ -13,6 +13,12 @@
| 原則 | 低摩擦分階段文件、schema、read-only evidence 優先;不做 runtime enforcement、不切 primary |
| P0 主控板 | `docs/workplans/2026-06-04-iwooos-security-governance-p0.md` |
## 0.00a 2026-06-14 Docker / systemd / host service owner response acceptance
本輪把 Docker / systemd / host service 從 owner request draft 推進到 owner response acceptance 只讀帳本:`host_service_owner_response_acceptance_v1` 固定 `candidates=9``write_capable=3``live_evidence_required=8``owner_fields=12``reviewer_checks=14``outcome_lanes=7``blocked_actions=20`,並讓 `docker_compose_systemd_host_config` 只讀治理成熟度 `50% -> 54%`,高價值配置平均只讀成熟度 `67% -> 68%`。這是 metadata-only 收件驗收,不是 request sent、owner response received / accepted、live host read、SSH、Docker Compose、systemctl、repair-bot、Ansible、sudo、host write、production write 或 runtime gate。
同步邊界IwoooS headline 維持 `64%`active runtime gate 維持 `0`owner response / live evidence / runtime gate / action buttons 全部仍為 `0 / false`。本段只更新文件、snapshot、guard 與覆蓋矩陣,不改前端 bundle、不部署、不碰 Docker daemon、systemd、repair-bot、Ansible、Nginx、firewall 或主機。
## 0.00 2026-06-14 DNS / TLS / certbot owner response acceptance
本輪把 DNS / TLS / certbot 從 owner confirmation request 草稿推進到 owner response acceptance 只讀帳本:`domain_tls_certbot_owner_response_acceptance_v1` 固定 `candidates=4``c0=4``owner_fields=13``reviewer_checks=13``outcome_lanes=7``blocked_actions=20`,並讓 `dns_tls_certbot` 只讀治理成熟度 `74% -> 78%`。這是 metadata-only 收件驗收,不是 request sent、owner response received / accepted、certificate coverage confirmed、DNS query、live TLS probe、certbot renew、Nginx reload、route smoke、host write、production write 或 runtime gate。

View File

@@ -349,17 +349,21 @@
"action_buttons_allowed": false,
"category_id": "docker_compose_systemd_host_config",
"control_tier": "C1",
"coverage_percent": 50,
"coverage_status": "repo_only_inventory_ready_needs_live_owner_evidence",
"current_gap": "repo-only 清冊已納入 9 個 surface仍缺 110 / 188 live hash、restart window、rollback ownerpost-check 指標。",
"coverage_percent": 54,
"coverage_status": "owner_response_acceptance_ledger_ready_needs_live_owner_evidence",
"current_gap": "已固定 9 份 Docker / systemd / host service owner response acceptance candidate仍缺 owner response、110 / 188 live hash、maintenance / restart window、rollback ownerpost-check plan、disable switch 與 no-secret-value evidence。",
"evidence_refs": [
"docs/security/IWOOOS-CONFIG-CONTROL-INVENTORY.md",
"docs/security/HOST-SERVICE-CONFIG-INVENTORY.md",
"docs/security/host-service-config-inventory.snapshot.json",
"docs/security/HOST-SERVICE-OWNER-REQUEST-DRAFT.md",
"docs/security/host-service-owner-request-draft.snapshot.json",
"docs/security/HOST-SERVICE-OWNER-RESPONSE-ACCEPTANCE.md",
"docs/security/host-service-owner-response-acceptance.snapshot.json",
"docs/security/DEV-HOSTS-112-111-168-OBSERVE-ONLY-MAPPING.md"
],
"label": "Docker Compose / systemd / host service config",
"next_owner_action": "補 owner-provided live hash / disposition、compose / systemd owner、restart window、rollback ownerpost-check 指標。",
"next_owner_action": "補 owner-provided live hash / disposition、compose / systemd owner、maintenance / restart window、rollback ownerpost-check plan 與 disable switch。",
"owner_response_accepted": false,
"owner_response_received": false,
"owner_response_required": true,
@@ -584,15 +588,15 @@
"websocket_route_change_authorized": false,
"workflow_modification_authorized": false
},
"generated_at": "2026-06-14T23:05:00+08:00",
"git_commit": "d26f3bef",
"generated_at": "2026-06-14T23:45:00+08:00",
"git_commit": "92e451cb",
"lowest_coverage_categories": [
{
"category_id": "docker_compose_systemd_host_config",
"coverage_percent": 50,
"current_gap": "repo-only 清冊已納入 9 個 surface仍缺 110 / 188 live hash、restart window、rollback ownerpost-check 指標。",
"coverage_percent": 54,
"current_gap": "已固定 9 份 Docker / systemd / host service owner response acceptance candidate仍缺 owner response、110 / 188 live hash、maintenance / restart window、rollback ownerpost-check plan、disable switch 與 no-secret-value evidence。",
"label": "Docker Compose / systemd / host service config",
"next_owner_action": "補 owner-provided live hash / disposition、compose / systemd owner、restart window、rollback ownerpost-check 指標。"
"next_owner_action": "補 owner-provided live hash / disposition、compose / systemd owner、maintenance / restart window、rollback ownerpost-check plan 與 disable switch。"
},
{
"category_id": "ssh_firewall_network_access",
@@ -638,14 +642,14 @@
"status": "coverage_matrix_ready",
"summary": {
"action_button_count": 0,
"average_coverage_percent": 67,
"average_coverage_percent": 68,
"c0_category_count": 8,
"c1_category_count": 4,
"c2_category_count": 1,
"c3_category_count": 1,
"category_count": 14,
"lowest_coverage_category_count": 4,
"needs_live_evidence_count": 7,
"needs_live_evidence_count": 6,
"owner_response_accepted_count": 0,
"owner_response_received_count": 0,
"owner_response_required_count": 14,

File diff suppressed because it is too large Load Diff

View File

@@ -34,6 +34,8 @@
"docs/schemas/domain_tls_certbot_inventory_v1.schema.json",
"docs/security/host-service-config-inventory.snapshot.json",
"docs/security/HOST-SERVICE-CONFIG-INVENTORY.md",
"docs/security/host-service-owner-response-acceptance.snapshot.json",
"docs/security/HOST-SERVICE-OWNER-RESPONSE-ACCEPTANCE.md",
"docs/schemas/host_service_config_inventory_v1.schema.json",
"docs/security/ssh-network-access-inventory.snapshot.json",
"docs/security/SSH-NETWORK-ACCESS-INVENTORY.md",
@@ -258,8 +260,8 @@
"high_value_config_control_coverage_category_count": 14,
"high_value_config_control_coverage_c0_category_count": 8,
"high_value_config_control_coverage_c1_category_count": 4,
"high_value_config_control_coverage_average_percent": 67,
"high_value_config_control_coverage_needs_live_evidence_count": 7,
"high_value_config_control_coverage_average_percent": 68,
"high_value_config_control_coverage_needs_live_evidence_count": 6,
"high_value_config_control_coverage_owner_response_required_count": 14,
"high_value_config_control_coverage_owner_response_received_count": 0,
"high_value_config_control_coverage_owner_response_accepted_count": 0,