feat(governance): 接入 Agent live read model gate
All checks were successful
CD Pipeline / tests (push) Successful in 1m26s
Code Review / ai-code-review (push) Successful in 13s
CD Pipeline / build-and-deploy (push) Successful in 4m39s
CD Pipeline / post-deploy-checks (push) Successful in 1m44s

This commit is contained in:
Your Name
2026-06-11 19:51:48 +08:00
parent 1e08440cd0
commit c44f4515a6
21 changed files with 1694 additions and 66 deletions

View File

@@ -0,0 +1,217 @@
"""
AI Agent live read model gate snapshot.
Loads the latest committed, read-only P2-403B gate for the AgentSession /
Redis Streams live read model. This module only validates the approval package;
it never opens a database session, starts workers, creates migrations, reads
Redis consumer groups, sends Telegram messages, or exposes raw Agent outputs.
"""
from __future__ import annotations
import json
from pathlib import Path
from typing import Any
from src.services.snapshot_paths import default_evaluations_dir
_DEFAULT_EVALUATIONS_DIR = default_evaluations_dir(Path(__file__))
_SNAPSHOT_PATTERN = "ai_agent_live_read_model_gate_*.json"
_SCHEMA_VERSION = "ai_agent_live_read_model_gate_v1"
def load_latest_ai_agent_live_read_model_gate(
evaluations_dir: Path | None = None,
) -> dict[str, Any]:
"""Load the newest committed AI Agent live read model gate snapshot."""
directory = evaluations_dir or _DEFAULT_EVALUATIONS_DIR
candidates = sorted(directory.glob(_SNAPSHOT_PATTERN))
if not candidates:
raise FileNotFoundError(
f"no AI Agent live read model gate snapshots found in {directory}"
)
latest = candidates[-1]
with latest.open(encoding="utf-8") as handle:
payload = json.load(handle)
if not isinstance(payload, dict):
raise ValueError(f"{latest}: expected JSON object")
_require_schema(payload, _SCHEMA_VERSION, str(latest))
_require_read_only_authority(payload, str(latest))
_require_storage_safety(payload, str(latest))
_require_redis_safety(payload, str(latest))
_require_no_write_smoke(payload, str(latest))
_require_rollup_consistency(payload, str(latest))
return payload
def _require_schema(payload: dict[str, Any], expected: str, label: str) -> None:
actual = payload.get("schema_version")
if actual != expected:
raise ValueError(f"{label}: expected schema_version={expected}, got {actual!r}")
def _require_read_only_authority(payload: dict[str, Any], label: str) -> None:
program_status = payload.get("program_status") or {}
if program_status.get("read_only_mode") is not True:
raise ValueError(f"{label}: program_status.read_only_mode must be true")
if program_status.get("runtime_authority") != "gate_plan_only_no_live_worker":
raise ValueError(f"{label}: runtime_authority must stay gate_plan_only_no_live_worker")
boundaries = payload.get("approval_boundaries") or {}
blocked_flags = {
"db_migration_allowed",
"live_db_query_allowed",
"redis_xadd_allowed",
"redis_consumer_group_allowed",
"runtime_worker_allowed",
"telegram_direct_send_allowed",
"learning_writeback_allowed",
"secret_plaintext_allowed",
"conversation_transcript_display_allowed",
"private_reasoning_display_allowed",
"agent_raw_output_display_allowed",
}
allowed = sorted(flag for flag in blocked_flags if boundaries.get(flag) is not False)
if allowed:
raise ValueError(f"{label}: approval boundaries must remain false: {allowed}")
live_truth = payload.get("live_truth") or {}
false_flags = {
"live_agent_session_readback_enabled",
"live_redis_stream_read_enabled",
"runtime_worker_enabled",
"telegram_receipt_send_enabled",
"learning_writeback_enabled",
}
enabled = sorted(flag for flag in false_flags if live_truth.get(flag) is not False)
if enabled:
raise ValueError(f"{label}: live truth flags must remain false: {enabled}")
zero_counts = {
"active_live_agent_sessions",
"live_redis_events_24h",
"live_handoffs_24h",
"live_learning_writes_24h",
"telegram_digest_receipts_24h",
}
non_zero = sorted(key for key in zero_counts if live_truth.get(key) != 0)
if non_zero:
raise ValueError(f"{label}: live truth counts must remain zero: {non_zero}")
def _require_storage_safety(payload: dict[str, Any], label: str) -> None:
storage = payload.get("existing_storage_contract") or {}
if storage.get("db_table") != "agent_sessions":
raise ValueError(f"{label}: existing_storage_contract.db_table must be agent_sessions")
if storage.get("approved_for_live_query") is not False:
raise ValueError(f"{label}: live DB query must remain unapproved")
if storage.get("migration_delta_required") is not False:
raise ValueError(f"{label}: migration delta must remain false for this gate")
if storage.get("safe_read_query_defined") is not True:
raise ValueError(f"{label}: safe read query contract must be defined")
selected_fields = set(storage.get("safe_selected_fields") or [])
forbidden_selected = selected_fields.intersection(
{
"output_json",
"prompt",
"raw_prompt",
"conversation_transcript",
"private_reasoning",
"chain_of_thought",
"secret_plaintext",
"credential_value",
}
)
if forbidden_selected:
raise ValueError(f"{label}: safe read query selects forbidden fields: {sorted(forbidden_selected)}")
def _require_redis_safety(payload: dict[str, Any], label: str) -> None:
redis_contract = payload.get("redis_stream_contract") or {}
if redis_contract.get("consumer_group_allowed") is not False:
raise ValueError(f"{label}: Redis consumer group must remain unapproved")
if redis_contract.get("xadd_allowed") is not False:
raise ValueError(f"{label}: Redis XADD must remain unapproved")
if redis_contract.get("xreadgroup_allowed") is not False:
raise ValueError(f"{label}: Redis XREADGROUP must remain unapproved")
if not redis_contract.get("event_envelope_required_fields"):
raise ValueError(f"{label}: Redis event envelope required fields must be defined")
def _require_no_write_smoke(payload: dict[str, Any], label: str) -> None:
smoke_steps = payload.get("no_write_smoke_plan") or []
if not smoke_steps:
raise ValueError(f"{label}: no_write_smoke_plan must not be empty")
unsafe_steps = [
step.get("smoke_id")
for step in smoke_steps
if step.get("writes_allowed") is not False or step.get("status") != "defined"
]
if unsafe_steps:
raise ValueError(f"{label}: no-write smoke steps must be defined and write-blocked: {unsafe_steps}")
redaction = payload.get("display_redaction_contract") or {}
if redaction.get("redaction_required") is not True:
raise ValueError(f"{label}: frontend redaction must be required")
for flag in (
"work_window_conversation_display_allowed",
"agent_raw_output_display_allowed",
"secret_value_display_allowed",
):
if redaction.get(flag) is not False:
raise ValueError(f"{label}: {flag} must remain false")
def _require_rollup_consistency(payload: dict[str, Any], label: str) -> None:
rollups = payload.get("rollups") or {}
expected_counts = {
"source_ref_count": len(payload.get("source_refs") or []),
"read_model_card_count": len(payload.get("read_model_cards") or []),
"gate_count": len(payload.get("worker_gate_plan") or []),
"rollback_step_count": len(payload.get("rollback_plan") or []),
"no_write_smoke_count": len(payload.get("no_write_smoke_plan") or []),
"forbidden_frontend_content_count": len(
(payload.get("display_redaction_contract") or {}).get("forbidden_frontend_content") or []
),
}
mismatched = {
key: {"expected": expected, "actual": rollups.get(key)}
for key, expected in expected_counts.items()
if rollups.get(key) != expected
}
if mismatched:
raise ValueError(f"{label}: rollup counts must match payload sections: {mismatched}")
approval_required_gate_ids = sorted(
gate.get("gate_id")
for gate in payload.get("worker_gate_plan") or []
if gate.get("status") in {"approval_required", "blocked"}
)
if sorted(rollups.get("approval_required_gate_ids") or []) != approval_required_gate_ids:
raise ValueError(f"{label}: rollups.approval_required_gate_ids mismatch")
ready_cards = sorted(
card.get("card_id")
for card in payload.get("read_model_cards") or []
if card.get("readiness_status") == "query_contract_ready"
)
if sorted(rollups.get("query_contract_ready_card_ids") or []) != ready_cards:
raise ValueError(f"{label}: rollups.query_contract_ready_card_ids mismatch")
live_truth = payload.get("live_truth") or {}
live_count_total = sum(
int(live_truth.get(key) or 0)
for key in (
"active_live_agent_sessions",
"live_redis_events_24h",
"live_handoffs_24h",
"live_learning_writes_24h",
"telegram_digest_receipts_24h",
)
)
if rollups.get("live_truth_count_total") != live_count_total:
raise ValueError(f"{label}: rollups.live_truth_count_total mismatch")