From d2d1446594f231ba93d3fe0d1863b9bcca94be14 Mon Sep 17 00:00:00 2001 From: Your Name Date: Sat, 27 Jun 2026 21:25:47 +0800 Subject: [PATCH] docs(github): record owner response intake readback [skip ci] --- docs/LOGBOOK.md | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) diff --git a/docs/LOGBOOK.md b/docs/LOGBOOK.md index f25fd5c9..a47cc88f 100644 --- a/docs/LOGBOOK.md +++ b/docs/LOGBOOK.md @@ -1,3 +1,49 @@ +## 2026-06-27 — 21:24 GitHub backup owner response intake readiness 正式讀回完成 + +**時間與來源**: +- 2026-06-27 20:49-21:24 Asia/Taipei。 +- 來源:feature branch `codex/github-backup-missing-targets-20260627`、Gitea main、Gitea Actions、production API readback。 + +**完成內容**: +- `GET /api/v1/agents/github-target-private-backup-evidence-gate` 已正式讀回 `owner_response_intake_readiness`。 +- GitHub target owner response request packet、9 個 response templates、allowed fields、forbidden payloads、collection checks、intake preflight checks 與 acceptance checks 已能由 production API 讀出。 +- 每個 target 已能讀回 owner response template mapping 與 `owner_response_execution_authorized=false`。 +- Validator 已防止 owner response request packet、templates 或 checks 夾帶 execution authorization。 + +**Gitea / deploy 狀態**: +- code commit:`80138e985 feat(api): expose github owner response intake readiness`。 +- merge / main push commit:`9f5097f66 Merge remote-tracking branch 'gitea/main' into codex/github-backup-missing-targets-20260627`。 +- deploy marker:`e49c6190e chore(cd): deploy 9f5097f [skip ci]`。 +- code-review:`#3690` 成功。 +- CD:`#3689` 成功;tests、build-and-deploy、post-deploy-checks 均完成。 +- 最新 main 後續 docs marker:`7b2b3db45 docs(awooop): record controlled automation readback [skip ci]`,不改本段 production code 基準。 + +**production API readback**: +- `/api/v1/health?_v=9f5097f66-github-owner-intake`:HTTP `200`、`status=healthy`、`environment=prod`、`mock_mode=false`。 +- `GET /api/v1/agents/github-target-private-backup-evidence-gate?_v=9f5097f66-github-owner-intake`:HTTP `200`。 +- `approval_required_target_count=9`、`private_backup_verified_count=4`、`private_visibility_verified_count=4`。 +- `github_missing_target_resolution_count=5`、`github_missing_target_create_private_repo_ready_count=0`、`github_missing_target_refs_sync_ready_count=0`。 +- `owner_response_request_ready=true`、`owner_response_required_response_item_count=9`、`owner_response_requested_template_count=9`、`owner_response_template_count=9`。 +- `owner_response_allowed_response_field_count=25`、`owner_response_forbidden_payload_count=15`、`owner_response_collection_check_count=6`、`owner_response_intake_preflight_check_count=6`。 +- `owner_response_request_execution_authorized=false`、`owner_response_received_count=0`、`owner_response_accepted_count=0`、`safe_credential_accepted_evidence_count=0`、`execution_ready_count=0`、`blocked_target_count=9`。 +- `owner_response_intake_readiness.status=ready_to_collect_read_only_owner_response_not_authorization`、`request_ready=true`、`execution_authorized=false`、`not_approval=true`。 + +**Delivery Workbench readback**: +- `GET /api/v1/agents/delivery-closure-workbench?_v=9f5097f66-github-owner-intake`:HTTP `200`。 +- schema:`delivery_closure_workbench_v1`。 +- GitHub lane:`status=blocked_private_visibility_and_safe_credential_evidence_required`、metric `private_backup_verified=4/9`、`completion_percent=44`、`blocker_count=9`。 + +**仍維持 0 / false**: +- `github_missing_target_create_private_repo_ready_count=0`、`github_missing_target_refs_sync_ready_count=0`、`owner_response_received_count=0`、`owner_response_accepted_count=0`、`safe_credential_accepted_evidence_count=0`、`execution_ready_count=0`。 +- `github_api_write_allowed=false`、`repo_creation_allowed=false`、`visibility_change_allowed=false`、`refs_sync_allowed=false`、`workflow_trigger_allowed=false`、`private_clone_url_collection_allowed=false`、`secret_value_collection_allowed=false`。 + +**未做**: +- 沒有 GitHub repo creation、visibility change、refs sync、workflow trigger、private clone URL collection、secret value collection;沒有 host / Docker / systemd / Nginx / firewall / K8s / DB / Wazuh runtime 寫操作;沒有 force push。 + +**完成度 / 下一步**: +- 本段「GitHub owner response intake readiness API / production readback」:`85% -> 100%`。 +- GitHub backup mirror governance 仍為 blocked;下一個 P0 是 owner-provided safe credential evidence / redacted evidence refs intake,但不得收 private clone URL credential 或 secret value。 + ## 2026-06-27|AwoooP Approvals controlled automation 文案正式讀回完成 **背景**:P2-416 D1N 已把 AI Agent 舊 manual gate 規範改為 controlled automation;low / medium / high 風險應走 allowlist、check-mode、controlled apply、verifier、rollback 與 KM / PlayBook writeback,critical 才 break-glass。正式 `/zh-TW/awooop/approvals` 仍因 Next HTML payload 序列化其他 namespace,殘留 `待人工決策`、`阻塞與人工閘門`、`人工接手`、`owner review`、`owner packet` 等舊語意,容易讓 Approvals / Runs / Work Items / Alerts 看起來把人工當預設終局。