feat(iwooos): 新增 CD runner secret 事故回讀 gate
Some checks failed
Code Review / ai-code-review (push) Successful in 15s
CD Pipeline / tests (push) Successful in 1m43s
CD Pipeline / post-deploy-checks (push) Has been cancelled
CD Pipeline / build-and-deploy (push) Has been cancelled

This commit is contained in:
Your Name
2026-06-16 11:42:38 +08:00
parent 7db05e0089
commit bb459d59f9
15 changed files with 3044 additions and 41 deletions

View File

@@ -216,6 +216,9 @@ def validate(root: Path) -> None:
cd_runner_secret_injection_change_evidence_acceptance = load_json(
security_dir / "cd-runner-secret-injection-change-evidence-acceptance.snapshot.json"
)
cd_runner_secret_injection_post_incident_readback_plan = load_json(
security_dir / "cd-runner-secret-injection-post-incident-readback-plan.snapshot.json"
)
public_runtime_config_change_evidence_acceptance = load_json(
security_dir / "public-runtime-config-change-evidence-acceptance.snapshot.json"
)
@@ -3106,12 +3109,12 @@ def validate(root: Path) -> None:
assert_equal(
"high_value_config_coverage.coverage_categories.secret_metadata.coverage_percent",
secret_metadata_category["coverage_percent"],
68,
70,
)
assert_equal(
"high_value_config_coverage.coverage_categories.secret_metadata.coverage_status",
secret_metadata_category["coverage_status"],
"secret_injection_change_evidence_acceptance_ready_needs_owner_evidence",
"post_incident_readback_plan_ready_needs_secret_injection_owner_evidence",
)
for evidence_ref in [
"docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-INVENTORY.md",
@@ -3120,6 +3123,8 @@ def validate(root: Path) -> None:
"docs/security/source-control-workflow-secret-name-owner-response.snapshot.json",
"docs/security/CD-RUNNER-SECRET-INJECTION-CHANGE-EVIDENCE-ACCEPTANCE.md",
"docs/security/cd-runner-secret-injection-change-evidence-acceptance.snapshot.json",
"docs/security/CD-RUNNER-SECRET-INJECTION-POST-INCIDENT-READBACK-PLAN.md",
"docs/security/cd-runner-secret-injection-post-incident-readback-plan.snapshot.json",
"docs/security/SECRETS_REFERENCE.md",
]:
assert_contains(
@@ -3135,18 +3140,20 @@ def validate(root: Path) -> None:
assert_equal(
"high_value_config_coverage.coverage_categories.workflow_runner.coverage_percent",
workflow_runner_category["coverage_percent"],
72,
74,
)
assert_equal(
"high_value_config_coverage.coverage_categories.workflow_runner.coverage_status",
workflow_runner_category["coverage_status"],
"cd_runner_secret_injection_change_evidence_acceptance_ready_needs_owner_evidence",
"post_incident_readback_plan_ready_needs_workflow_runner_owner_evidence",
)
for evidence_ref in [
"docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-INVENTORY.md",
"docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-OWNER-RESPONSE.md",
"docs/security/CD-RUNNER-SECRET-INJECTION-CHANGE-EVIDENCE-ACCEPTANCE.md",
"docs/security/cd-runner-secret-injection-change-evidence-acceptance.snapshot.json",
"docs/security/CD-RUNNER-SECRET-INJECTION-POST-INCIDENT-READBACK-PLAN.md",
"docs/security/cd-runner-secret-injection-post-incident-readback-plan.snapshot.json",
"docs/security/SOURCE-CONTROL-PRIMARY-READINESS-GATE.md",
]:
assert_contains(
@@ -8049,6 +8056,64 @@ def validate(root: Path) -> None:
"cd_runner_secret_injection_change_evidence_acceptance_secret_metadata_coverage_percent_after_acceptance": 68,
"cd_runner_secret_injection_change_evidence_acceptance_gitea_workflow_runner_coverage_percent_before_acceptance": 70,
"cd_runner_secret_injection_change_evidence_acceptance_gitea_workflow_runner_coverage_percent_after_acceptance": 72,
"cd_runner_secret_injection_post_incident_readback_plan_first_layer": True,
"cd_runner_secret_injection_post_incident_readback_plan_candidate_count": 5,
"cd_runner_secret_injection_post_incident_readback_plan_c0_candidate_count": 4,
"cd_runner_secret_injection_post_incident_readback_plan_c1_candidate_count": 1,
"cd_runner_secret_injection_post_incident_readback_plan_write_capable_candidate_count": 5,
"cd_runner_secret_injection_post_incident_readback_plan_secret_sensitive_candidate_count": 5,
"cd_runner_secret_injection_post_incident_readback_plan_runner_or_workflow_candidate_count": 5,
"cd_runner_secret_injection_post_incident_readback_plan_deploy_or_run_readback_required_candidate_count": 5,
"cd_runner_secret_injection_post_incident_readback_plan_required_readback_field_count": 33,
"cd_runner_secret_injection_post_incident_readback_plan_reviewer_check_count": 30,
"cd_runner_secret_injection_post_incident_readback_plan_outcome_lane_count": 11,
"cd_runner_secret_injection_post_incident_readback_plan_blocked_action_count": 52,
"cd_runner_secret_injection_post_incident_readback_plan_received_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_workflow_diff_state_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_runner_attestation_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_runner_executor_host_readback_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_runner_workspace_cleanup_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_runner_permission_scope_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_secret_name_parity_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_secret_injection_route_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_step_env_secret_guard_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_log_redaction_readback_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_deploy_marker_readback_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_gitea_action_run_readback_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_webhook_delivery_state_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_deploy_key_branch_protection_codeowners_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_notification_delivery_receipt_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_before_after_deploy_state_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_affected_route_or_service_state_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_cross_project_sync_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_rollback_validation_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_postcheck_evidence_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_post_change_monitoring_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_recurrence_guard_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_no_false_green_accepted_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_workflow_modification_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_workflow_dispatch_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_runner_change_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_github_hosted_runner_enable_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_webhook_modification_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_deploy_key_change_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_branch_protection_change_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_codeowners_change_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_repo_secret_change_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_secret_value_collection_allowed_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_secret_injection_change_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_gitea_action_dispatch_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_cd_pipeline_run_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_k8s_secret_injection_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_argocd_sync_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_production_deploy_authorized_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_runtime_gate_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_action_button_count": 0,
"cd_runner_secret_injection_post_incident_readback_plan_secret_metadata_coverage_percent_after_readback_plan": 70,
"cd_runner_secret_injection_post_incident_readback_plan_gitea_workflow_runner_coverage_percent_after_readback_plan": 74,
"secret_metadata_coverage_percent": 70,
"gitea_workflow_runner_source_control_coverage_percent": 74,
"public_runtime_config_change_evidence_acceptance_first_layer": True,
"public_runtime_config_change_evidence_acceptance_candidate_count": 6,
"public_runtime_config_change_evidence_acceptance_c0_candidate_count": 5,
@@ -17900,8 +17965,8 @@ def validate(root: Path) -> None:
"public_gateway_owner_response_acceptance_outcome_lane_count=8",
"public_gateway_owner_response_acceptance_blocked_action_count=28",
"k8s_production_gitops_coverage_percent=66",
"secret_metadata_coverage_percent=68",
"gitea_workflow_runner_source_control_coverage_percent=72",
"secret_metadata_coverage_percent=70",
"gitea_workflow_runner_source_control_coverage_percent=74",
"public_admin_api_runtime_config_coverage_percent=66",
"ai_provider_model_routing_coverage_percent=64",
"ai_provider_owner_response_acceptance_candidate_count=8",
@@ -17971,6 +18036,23 @@ def validate(root: Path) -> None:
"cd_runner_secret_injection_change_evidence_acceptance_postcheck_evidence_accepted_count=0",
"cd_runner_secret_injection_change_evidence_acceptance_runtime_approval_package_ready_count=0",
"cd_runner_secret_injection_change_evidence_acceptance_runtime_gate_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_candidate_count=5",
"cd_runner_secret_injection_post_incident_readback_plan_c0_candidate_count=4",
"cd_runner_secret_injection_post_incident_readback_plan_write_capable_candidate_count=5",
"cd_runner_secret_injection_post_incident_readback_plan_required_readback_field_count=33",
"cd_runner_secret_injection_post_incident_readback_plan_reviewer_check_count=30",
"cd_runner_secret_injection_post_incident_readback_plan_outcome_lane_count=11",
"cd_runner_secret_injection_post_incident_readback_plan_blocked_action_count=52",
"cd_runner_secret_injection_post_incident_readback_plan_received_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_workflow_diff_state_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_runner_attestation_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_secret_name_parity_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_secret_injection_route_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_deploy_marker_readback_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_gitea_action_run_readback_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_log_redaction_readback_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_runtime_gate_count=0",
"k8s_argocd_change_evidence_acceptance_candidate_count=4",
"k8s_argocd_change_evidence_acceptance_c0_candidate_count=3",
"k8s_argocd_change_evidence_acceptance_write_capable_candidate_count=4",
@@ -18293,7 +18375,7 @@ def validate(root: Path) -> None:
assert_text_contains(
"iwooos_page.critical_config_priority_workflow_secret_percent",
iwooos_projection_page,
"{ key: 'workflowSecret', rank: 'P0-4', state: '68% / 72%'",
"{ key: 'workflowSecret', rank: 'P0-4', state: '70% / 74%'",
)
assert_text_contains(
"iwooos_page.critical_config_priority_public_runtime_percent",
@@ -18317,8 +18399,8 @@ def validate(root: Path) -> None:
"nginx_public_gateway_post_incident_readback_plan_blocked_action_count=41",
"nginx_public_gateway_post_incident_readback_plan_runtime_gate_count=0",
"nginx_public_gateway_nginx_test_evidence_count=0",
"secret_metadata_coverage_percent=68",
"gitea_workflow_runner_source_control_coverage_percent=72",
"secret_metadata_coverage_percent=70",
"gitea_workflow_runner_source_control_coverage_percent=74",
"public_admin_api_runtime_config_coverage_percent=66",
"public_frontend_sensitive_surface_guard_file_count=225",
"public_frontend_sensitive_surface_guard_forbidden_pattern_count=12",
@@ -18357,6 +18439,20 @@ def validate(root: Path) -> None:
"cd_runner_secret_injection_change_evidence_acceptance_secret_injection_route_accepted_count=0",
"cd_runner_secret_injection_change_evidence_acceptance_runtime_approval_package_ready_count=0",
"cd_runner_secret_injection_change_evidence_acceptance_runtime_gate_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_candidate_count=5",
"cd_runner_secret_injection_post_incident_readback_plan_c0_candidate_count=4",
"cd_runner_secret_injection_post_incident_readback_plan_write_capable_candidate_count=5",
"cd_runner_secret_injection_post_incident_readback_plan_required_readback_field_count=33",
"cd_runner_secret_injection_post_incident_readback_plan_reviewer_check_count=30",
"cd_runner_secret_injection_post_incident_readback_plan_outcome_lane_count=11",
"cd_runner_secret_injection_post_incident_readback_plan_blocked_action_count=52",
"cd_runner_secret_injection_post_incident_readback_plan_received_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_workflow_diff_state_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_runner_attestation_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_secret_name_parity_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_secret_injection_route_accepted_count=0",
"cd_runner_secret_injection_post_incident_readback_plan_runtime_gate_count=0",
"k8s_argocd_change_evidence_acceptance_candidate_count=4",
"k8s_argocd_change_evidence_acceptance_c0_candidate_count=3",
"k8s_argocd_change_evidence_acceptance_write_capable_candidate_count=4",
@@ -20194,6 +20290,237 @@ def validate(root: Path) -> None:
f"cd_runner_secret_injection_change_evidence_acceptance.{item['change_evidence_candidate_id']}.{false_key}",
item[false_key],
)
assert_equal(
"cd_runner_secret_injection_post_incident_readback_plan.schema",
cd_runner_secret_injection_post_incident_readback_plan["schema_version"],
"cd_runner_secret_injection_post_incident_readback_plan_v1",
)
assert_equal(
"cd_runner_secret_injection_post_incident_readback_plan.status",
cd_runner_secret_injection_post_incident_readback_plan["status"],
"post_incident_readback_plan_ready_no_runtime_action",
)
assert_equal(
"cd_runner_secret_injection_post_incident_readback_plan.mode",
cd_runner_secret_injection_post_incident_readback_plan["mode"],
"metadata_only_no_secret_value_no_workflow_runner_secret_change",
)
expected_cd_runner_secret_injection_readback_summary = {
"source_change_evidence_candidate_count": 5,
"source_c0_change_evidence_candidate_count": 4,
"source_c1_change_evidence_candidate_count": 1,
"source_required_evidence_field_count": 19,
"source_reviewer_check_count": 19,
"source_blocked_action_count": 32,
"source_change_evidence_accepted_count": 0,
"source_runtime_gate_count": 0,
"readback_candidate_count": 5,
"c0_readback_candidate_count": 4,
"c1_readback_candidate_count": 1,
"write_capable_readback_candidate_count": 5,
"secret_sensitive_readback_candidate_count": 5,
"runner_or_workflow_readback_candidate_count": 5,
"deploy_or_run_readback_required_candidate_count": 5,
"cross_project_sync_required_candidate_count": 5,
"no_false_green_required_candidate_count": 5,
"readback_field_count": 44,
"required_readback_field_count": 33,
"reviewer_check_count": 30,
"outcome_lane_count": 11,
"blocked_action_count": 52,
"post_incident_readback_received_count": 0,
"post_incident_readback_accepted_count": 0,
"actor_attribution_accepted_count": 0,
"workflow_diff_state_accepted_count": 0,
"runner_attestation_accepted_count": 0,
"runner_executor_host_readback_accepted_count": 0,
"runner_workspace_cleanup_accepted_count": 0,
"runner_permission_scope_accepted_count": 0,
"secret_name_parity_accepted_count": 0,
"secret_injection_route_accepted_count": 0,
"step_env_secret_guard_accepted_count": 0,
"log_redaction_readback_accepted_count": 0,
"deploy_marker_readback_accepted_count": 0,
"gitea_action_run_readback_accepted_count": 0,
"webhook_delivery_state_accepted_count": 0,
"deploy_key_branch_protection_codeowners_accepted_count": 0,
"notification_delivery_receipt_accepted_count": 0,
"before_after_deploy_state_accepted_count": 0,
"affected_route_or_service_state_accepted_count": 0,
"cross_project_sync_accepted_count": 0,
"rollback_validation_accepted_count": 0,
"postcheck_evidence_accepted_count": 0,
"post_change_monitoring_accepted_count": 0,
"recurrence_guard_accepted_count": 0,
"no_false_green_accepted_count": 0,
"workflow_modification_authorized_count": 0,
"workflow_dispatch_authorized_count": 0,
"runner_change_authorized_count": 0,
"github_hosted_runner_enable_authorized_count": 0,
"webhook_modification_authorized_count": 0,
"deploy_key_change_authorized_count": 0,
"branch_protection_change_authorized_count": 0,
"codeowners_change_authorized_count": 0,
"repo_secret_change_authorized_count": 0,
"secret_value_collection_allowed_count": 0,
"secret_injection_change_authorized_count": 0,
"gitea_action_dispatch_authorized_count": 0,
"cd_pipeline_run_authorized_count": 0,
"k8s_secret_injection_authorized_count": 0,
"argocd_sync_authorized_count": 0,
"production_deploy_authorized_count": 0,
"runtime_gate_count": 0,
"action_button_count": 0,
"secret_metadata_coverage_percent_after_readback_plan": 70,
"gitea_workflow_runner_coverage_percent_after_readback_plan": 74,
}
for key, expected in expected_cd_runner_secret_injection_readback_summary.items():
assert_equal(
f"cd_runner_secret_injection_post_incident_readback_plan.summary.{key}",
cd_runner_secret_injection_post_incident_readback_plan["summary"][key],
expected,
)
for key, value in cd_runner_secret_injection_post_incident_readback_plan["execution_boundaries"].items():
if key == "not_authorization":
assert_true(
f"cd_runner_secret_injection_post_incident_readback_plan.execution_boundaries.{key}",
value,
)
else:
assert_false(
f"cd_runner_secret_injection_post_incident_readback_plan.execution_boundaries.{key}",
value,
)
expected_cd_runner_secret_injection_readback_ids = [
"cd_runner_secret_injection_post_incident_readback:cd_pipeline_deploy_marker_and_k8s_secret_injection",
"cd_runner_secret_injection_post_incident_readback:code_review_pipeline_secret_and_notification_surface",
"cd_runner_secret_injection_post_incident_readback:deploy_alerts_and_monitoring_route",
"cd_runner_secret_injection_post_incident_readback:runner_label_and_executor_attestation",
"cd_runner_secret_injection_post_incident_readback:repository_secret_name_parity_and_injection_owner",
]
assert_equal(
"cd_runner_secret_injection_post_incident_readback_plan.candidate_ids",
[
item["post_incident_readback_candidate_id"]
for item in cd_runner_secret_injection_post_incident_readback_plan["readback_candidates"]
],
expected_cd_runner_secret_injection_readback_ids,
)
assert_equal(
"cd_runner_secret_injection_post_incident_readback_plan.reviewer_checks.count",
len(cd_runner_secret_injection_post_incident_readback_plan["reviewer_checks"]),
30,
)
assert_equal(
"cd_runner_secret_injection_post_incident_readback_plan.outcome_lanes.count",
len(cd_runner_secret_injection_post_incident_readback_plan["outcome_lanes"]),
11,
)
assert_equal(
"cd_runner_secret_injection_post_incident_readback_plan.blocked_actions.count",
len(cd_runner_secret_injection_post_incident_readback_plan["blocked_actions"]),
52,
)
for item in cd_runner_secret_injection_post_incident_readback_plan["readback_candidates"]:
assert_equal(
f"cd_runner_secret_injection_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.readback_fields",
len(item["readback_fields"]),
44,
)
assert_equal(
f"cd_runner_secret_injection_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.required_readback_fields",
len(item["required_readback_fields"]),
33,
)
assert_equal(
f"cd_runner_secret_injection_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.reviewer_checks",
len(item["reviewer_checks"]),
30,
)
assert_equal(
f"cd_runner_secret_injection_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.outcome_lanes",
len(item["outcome_lanes"]),
11,
)
assert_equal(
f"cd_runner_secret_injection_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.blocked_actions",
len(item["blocked_actions"]),
52,
)
assert_true(
f"cd_runner_secret_injection_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.not_approval",
item["not_approval"],
)
assert_true(
f"cd_runner_secret_injection_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.requires_runtime_approval_package",
item["requires_runtime_approval_package"],
)
for false_key in [
"post_incident_readback_received",
"post_incident_readback_accepted",
"actor_attribution_accepted",
"workflow_diff_state_accepted",
"runner_attestation_accepted",
"runner_executor_host_readback_accepted",
"runner_workspace_cleanup_accepted",
"runner_permission_scope_accepted",
"secret_name_parity_accepted",
"secret_injection_route_accepted",
"step_env_secret_guard_accepted",
"log_redaction_readback_accepted",
"deploy_marker_readback_accepted",
"gitea_action_run_readback_accepted",
"webhook_delivery_state_accepted",
"deploy_key_branch_protection_codeowners_accepted",
"notification_delivery_receipt_accepted",
"before_after_deploy_state_accepted",
"affected_route_or_service_state_accepted",
"cross_project_sync_accepted",
"rollback_validation_accepted",
"postcheck_evidence_accepted",
"post_change_monitoring_accepted",
"recurrence_guard_accepted",
"no_secret_value_attestation",
"no_raw_workflow_payload_attestation",
"no_unredacted_log_attestation",
"no_false_green_attestation",
"no_false_green_accepted",
"runtime_execution_authorized",
"workflow_modification_authorized",
"workflow_dispatch_authorized",
"runner_change_authorized",
"github_hosted_runner_enable_authorized",
"webhook_modification_authorized",
"deploy_key_change_authorized",
"branch_protection_change_authorized",
"codeowners_change_authorized",
"repo_secret_change_authorized",
"secret_value_collection_allowed",
"secret_hash_collection_allowed",
"partial_token_collection_allowed",
"runner_token_collection_allowed",
"webhook_secret_collection_allowed",
"deploy_key_private_material_collection_allowed",
"secret_rotation_authorized",
"secret_store_read_authorized",
"secret_injection_change_authorized",
"gitea_action_dispatch_authorized",
"cd_pipeline_run_authorized",
"deploy_marker_write_authorized",
"k8s_secret_injection_authorized",
"argocd_sync_authorized",
"production_deploy_authorized",
"refs_sync_authorized",
"force_push_authorized",
"github_primary_switch_authorized",
"disable_gitea_authorized",
"runtime_gate",
"action_buttons_allowed",
]:
assert_false(
f"cd_runner_secret_injection_post_incident_readback_plan.{item['post_incident_readback_candidate_id']}.{false_key}",
item[false_key],
)
assert_equal(
"public_runtime_config_change_evidence_acceptance.schema",
public_runtime_config_change_evidence_acceptance["schema_version"],