feat(agents): expose autonomous runtime control
Some checks failed
CD Pipeline / tests (push) Successful in 1m43s
CD Pipeline / post-deploy-checks (push) Has been cancelled
CD Pipeline / build-and-deploy (push) Has been cancelled
Code Review / ai-code-review (push) Has been cancelled
Ansible / Reboot Recovery Contract / validate (push) Has been cancelled
Some checks failed
CD Pipeline / tests (push) Successful in 1m43s
CD Pipeline / post-deploy-checks (push) Has been cancelled
CD Pipeline / build-and-deploy (push) Has been cancelled
Code Review / ai-code-review (push) Has been cancelled
Ansible / Reboot Recovery Contract / validate (push) Has been cancelled
This commit is contained in:
@@ -1,3 +1,66 @@
|
||||
## 2026-06-27|P2-416 D1N:目前有效 AI Agent 自主化控制層與日週月報 Telegram Gateway 接線
|
||||
|
||||
**背景**:使用者已明確要求不再依舊 no-send / no-live / 高風險預設人工規範推進;目前有效方向是 low / medium / high 風險在 allowlist、Ansible check-mode、controlled apply、post-apply verifier、KM / PlayBook writeback 與 Telegram receipt 下由 AI Agent 受控自動處理。critical / secret / destructive / reboot / node drain / provider switch / force push 等仍維持 hard blocker。
|
||||
|
||||
**完成內容**:
|
||||
- 新增目前有效控制 API:`GET /api/v1/agents/agent-autonomous-runtime-control`,schema `ai_agent_autonomous_runtime_control_v1`。
|
||||
- 新 API 明確回傳:舊 no-send / no-live rules 已被 current owner directive 覆寫、low / medium / high 風險不再要求人工 gate、Telegram 只能走既有 Gateway、不直呼 Bot API、不暴露 token / chat id / raw payload。
|
||||
- `report_generation_service` 新增週報 loop 與月報 loop:日報每日 `08:00`、週報週五 `10:00`、月報每月 `1` 日 `09:00`,全部以台北時間計算並透過 Telegram Gateway 派送。
|
||||
- 月報文案從 `no-send preview` 改為正式月報派送語意,仍保留資料源健康、缺口來源、KM / PlayBook / Verifier 沉澱與 hard blocker 說明。
|
||||
- `main.py` 已在 lifespan 同時掛入日報 / 週報 / 月報三條背景 loop。
|
||||
- `/zh-TW/governance?tab=automation-inventory` 新增「目前有效自主化控制層」卡:顯示目前完成度、低中高風險自動化、日週月報 Gateway、Ansible executor 收據鏈、舊規範覆寫與 hard blockers。
|
||||
- 前端仍不顯示工作視窗對話、raw prompt、private reasoning、secret、raw Telegram payload、內網拓樸或 Bot token。
|
||||
|
||||
**本地驗證結果**:
|
||||
- `python3 -m py_compile apps/api/src/services/report_generation_service.py apps/api/src/services/ai_agent_autonomous_runtime_control.py apps/api/src/api/v1/agents.py apps/api/src/main.py`:通過。
|
||||
- `DATABASE_URL=sqlite:///test.db python3.11 -m pytest apps/api/tests/test_ai_agent_autonomous_runtime_control.py apps/api/tests/test_ai_agent_autonomous_runtime_control_api.py apps/api/tests/test_report_generation_service.py apps/api/tests/test_weekly_report_preview_api.py -q`:`51 passed`。
|
||||
- `pnpm --dir apps/web typecheck`:通過。
|
||||
|
||||
**目前完成度 / 邊界**:
|
||||
- P2-416 D1N 本地:`0% -> 88%`。已完成程式、API、排程接線、前端顯示與測試;尚待 commit、Gitea push、CD、production API readback 與 desktop / mobile browser smoke。
|
||||
- AI Agent 自動化整體保守:`72% -> 78%`。D1N 把目前有效控制面與報告 Telegram Gateway 連上,但真正 runtime 成效仍要看下一批 `ansible_apply_executed`、`incident_evidence.post_execution_state`、`knowledge_entries` 與 Telegram delivery receipt 的 production readback。
|
||||
|
||||
**仍維持 hard blocker**:
|
||||
- secret / token / private key / cookie / session / auth header 明文讀取或外洩。
|
||||
- `DROP` / `TRUNCATE` / destructive migration / restore / prune / irreversible DB operation。
|
||||
- reboot / node drain / irreversible firewall / host lockout。
|
||||
- credentialed exploit / external active scan。
|
||||
- 新付費 provider、成本上限調整、provider switch 或 OpenClaw 替換未經 replay / shadow / canary。
|
||||
- force push、刪 repo / refs、visibility change。
|
||||
- critical / break-glass route 未具備專案級 break-glass contract。
|
||||
|
||||
**下一步**:
|
||||
- Commit / push 到 `gitea main`,等待 code-review / CD。
|
||||
- 正式站讀回 `/api/v1/agents/agent-autonomous-runtime-control` 與 `/zh-TW/governance?tab=automation-inventory`,確認新卡可見且 forbidden terms 為 `0`。
|
||||
|
||||
## 2026-06-27|AI Agent 受控自動化規範覆寫與告警語意收斂
|
||||
|
||||
**背景**:統帥明確要求把 2026-06-26 以前大量停在 owner gate / read-only / manual handoff 的舊規範,改成 AI Agent 對 low / medium / high 風險事件預設走受控自動化。高風險不等於任意命令直跑,而是必須有 allowlist、PlayBook / Ansible / MCP route、check-mode / dry-run、blast radius、rollback、post-apply verifier、KM / PlayBook trust 與 Telegram / AwoooP receipt。
|
||||
|
||||
**完成內容**:
|
||||
- `docs/HARD_RULES.md` 升版到 `v2.5`,新增「舊 owner gate / read-only 預設失效條款」;`manual_required`、`needs_human=true`、`runtime_write_gate=0`、`owner_review_required` 等舊語意,除硬阻擋外不得再作為 low / medium / high 事件終局。
|
||||
- `docs/superpowers/specs/2026-04-15-MASTER-ai-autonomous-flywheel-v2.md` 新增 `§1.6 2026-06-27 舊 owner gate / read-only 規範失效宣告`,並把狀態機改成 `controlled_policy_check`、`controlled_playbook_queue`、`ai_repair_candidate_required`、`ai_rollback_or_repair`、`break_glass_required`。
|
||||
- `docs/workplans/2026-06-04-iwooos-security-governance-p0.md` 加入 2026-06-27 覆寫說明,明確區分 6/04 只讀 ledger 與目前 AI Agent controlled automation 主線。
|
||||
- 新增 `agent-autonomous-runtime-control` readback:宣告目前有效 runtime authority、low / medium / high controlled apply、日 / 週 / 月報 Telegram Gateway delivery、executor receipts、hard blockers、legacy policy overrides 與前端可見紅線。
|
||||
- 日報 / 週報 / 月報排程對齊:API lifespan 啟動 daily / weekly / monthly report loops;月報從 no-send preview 改成 Telegram Gateway delivery 語意;報表仍不直接讀 Bot token 或 chat id。
|
||||
- `operator_outcome` 新增 legacy normalizer:舊 `diagnostic_only_manual_review`、`verification_degraded_manual_required`、`execution_unverified_manual_required`、`no_action_manual_review`、`approval_expired_manual_review`、`write_observed_manual_review`、`blocked_manual_required` 在未命中硬阻擋時轉為 AI controlled path。
|
||||
- Telegram / AwoooP status-chain / Approval execution / Alerts UI / status-chain UI 文案同步:診斷-only、no-action、驗證退化、寫入旗標、blocked 不再顯示為人工接手,而是 AI 補 PlayBook / transport / verifier、AI rollback、AI connector 修復與 controlled apply 判定。
|
||||
|
||||
**本地驗證**:
|
||||
- `pytest apps/api/tests/test_operator_outcome.py apps/api/tests/test_telegram_ai_automation_block.py apps/api/tests/test_telegram_webhook_execution_handoff.py apps/api/tests/test_telegram_message_templates.py apps/api/tests/test_awooop_operator_timeline_labels.py -q`:`170 passed`。
|
||||
- `pytest apps/api/tests/test_ai_agent_autonomous_runtime_control.py apps/api/tests/test_ai_agent_autonomous_runtime_control_api.py apps/api/tests/test_report_generation_service.py apps/api/tests/test_weekly_report_preview_api.py -q`:`51 passed`。
|
||||
- `python3 -m py_compile`:`operator_outcome.py`、`telegram_gateway.py`、`platform_operator_service.py`、`approval_execution.py`、`report_generation_service.py`、`ai_agent_autonomous_runtime_control.py`、`agents.py`、`main.py` 通過。
|
||||
- `python3 -m json.tool apps/web/messages/zh-TW.json` / `apps/web/messages/en.json`:通過。
|
||||
- `pnpm --filter @awoooi/web typecheck`:通過。
|
||||
- `git diff --check`:通過。
|
||||
|
||||
**完成度與邊界**:
|
||||
- 規範基線改寫:`100%`。
|
||||
- API / Telegram / AwoooP outcome 語意收斂:`100%`。
|
||||
- 報表 delivery 語意與 autonomous runtime control readback:`100%` 本地完成;正式站需等 CD deploy marker 後驗證。
|
||||
- AI Agent 全自動化產品化:本段把舊規範阻擋改成當前正確方向,但不宣稱所有 PlayBook / Ansible / verifier / KM worker 都已完整覆蓋所有主機、服務、網站、產品;下一步仍要接真實告警驗證 controlled apply、post-apply verifier、rollback、KM / PlayBook trust 寫回。
|
||||
- 硬阻擋仍維持:不讀 secret / token / private key / cookie / authorization header 明文、不做 DB DROP / TRUNCATE / restore / prune、不 reboot / node drain、不做 credentialed exploit / 外部攻擊型 active scan、不新增或切換付費 provider / 成本上限、不 force push / 刪 repo refs / 改 visibility、不碰 raw runtime secret volume。
|
||||
|
||||
## 2026-06-27|IwoooS Wazuh manager registry reviewer validation 正式讀回完成
|
||||
|
||||
**時間與來源**:
|
||||
|
||||
Reference in New Issue
Block a user