docs(security): 同步高價值配置 owner packet 快照 [skip ci]
This commit is contained in:
@@ -2,7 +2,7 @@
|
||||
|
||||
| 項目 | 內容 |
|
||||
|------|------|
|
||||
| 日期 | 2026-06-12 |
|
||||
| 日期 | 2026-06-14 |
|
||||
| 狀態 | `coverage_matrix_ready` |
|
||||
| 工具 | `scripts/security/high-value-config-control-coverage.py` |
|
||||
| Snapshot | `docs/security/high-value-config-control-coverage.snapshot.json` |
|
||||
@@ -15,6 +15,17 @@
|
||||
|
||||
本階段仍是只讀覆蓋矩陣,不接 blocking CI、不 SSH、不讀 live host、不執行 `nginx -t`、不 reload Nginx、不做 DNS / TLS probe、不 renew cert、不同步 refs、不修改 workflow、不收 secret value、不啟動 agent-bounty runtime。
|
||||
|
||||
## 1.1 2026-06-14 P0 pattern 覆蓋同步
|
||||
|
||||
本輪 snapshot 已從最新 `high-value-config-change-gate.py` 讀回 P0 pattern 補強:
|
||||
|
||||
| 類別 | 新增覆蓋 | 目前解讀 |
|
||||
|------|----------|----------|
|
||||
| `nginx_public_gateway` | `k8s/nginx/**` | K8s 內 Nginx 公開入口設定納入 P0 / C0 owner response 與 rollback 管控 |
|
||||
| `dns_tls_certbot` | `scripts/ops/**/*cert*`、`scripts/ops/**/*tls*` | 憑證修復、renewal 與 TLS 腳本納入 P0 / C0 owner response 與維護窗口管控 |
|
||||
|
||||
此同步只修正長期覆蓋矩陣與變更 Gate 的一致性,不代表 live evidence 已收到,也不代表可執行 `nginx -t`、reload、certbot renew 或 DNS / TLS 變更。
|
||||
|
||||
## 2. 覆蓋摘要
|
||||
|
||||
| 指標 | 目前值 | 說明 |
|
||||
|
||||
@@ -2,8 +2,8 @@
|
||||
|
||||
| 項目 | 內容 |
|
||||
|------|------|
|
||||
| 日期 | 2026-06-11 |
|
||||
| 狀態 | `owner_packet_draft_ready` |
|
||||
| 日期 | 2026-06-14 |
|
||||
| 狀態 | `owner_packet_draft_ready_p0_path_sync` |
|
||||
| 工具 | `scripts/security/high-value-config-owner-packet.py` |
|
||||
| 輸入 | `docs/security/high-value-config-change-gate.snapshot.json` |
|
||||
| Snapshot | `docs/security/high-value-config-owner-packet.snapshot.json` |
|
||||
@@ -15,6 +15,18 @@ P0.2 已能將變更分類成 C0 / C1 / C2 / C3。本文件與工具負責下一
|
||||
|
||||
本階段仍是只讀草案,不送 request、不收 owner response、不標記 received / accepted、不建立 action button、不接 blocking CI、不執行 runtime。
|
||||
|
||||
## 1.1 2026-06-14 P0 path sync
|
||||
|
||||
本輪 owner packet snapshot 已跟隨高價值配置 Gate 的 P0 pattern 補強重產:
|
||||
|
||||
| Packet | affected files | 邊界 |
|
||||
|--------|----------------|------|
|
||||
| `nginx_public_gateway` | `k8s/nginx/awoooi-prod.conf` | 只要求 public gateway owner response、rendered diff、`nginx -t` 計畫、route smoke 計畫與 rollback ref,不代表已讀 live conf 或 reload |
|
||||
| `dns_tls_certbot` | `scripts/ops/188-registry-certbot-fix.sh`、`scripts/ops/fix-188-registry-certbot-renewal.sh` | 只要求 domain / TLS owner response、renewal window、ACME smoke 計畫、public HTTPS smoke 計畫與 rollback ref,不代表 certbot renew 或 DNS / TLS 變更 |
|
||||
| `security_evidence_tooling` | Gate 文件、snapshot 與工具 | 只要求 snapshot parse、guard smoke、doc secret sanity 與 no runtime gate increase |
|
||||
|
||||
重產結果為 `packet_count=3`、`c0_packet_count=2`、`c1_packet_count=0`、`runtime_gate_count=0`;request / received / accepted 仍全部維持 `0`。
|
||||
|
||||
## 2. Canonical 欄位
|
||||
|
||||
高價值配置 packet 對齊 S4.9 canonical owner response envelope,使用以下欄位:
|
||||
|
||||
@@ -7,7 +7,7 @@
|
||||
| 本階段完成 | 資安供應鏈 contract manifest + Source Control Approval Board + Draft Reconcile Plan + Ref Detail Diff + Ref Truth Classification + Source Control Ref Truth Owner Response 收件包 + GitHub Primary Readiness Gate + GitHub Primary Rollback ADR + GitHub Target Owner Decision Response 收件包 + Gitea 認證清冊匯出請求 + Gitea 認證清冊匯入驗收契約 + Gitea 清冊覆蓋 Owner Attestation + Gitea Owner Attestation Approval Lane 對齊 + Gitea Owner Attestation Response 收件包 + Workflow / Secret Name Inventory + Workflow / Secret Name Local Evidence + Workflow / Secret Name Redacted Export Request + Workflow / Secret Name Owner Response 收件包 + Source Control Owner Response Validation Rollup + Kali 112 live integration status + Security Finding contract + Kali scan scope approval package + Security Approval Queue + S3 人工批准 Gate + S3 人工決策紀錄 + S3 人工審查封包 + S3 人工決策狀態轉移 + S3 後續 runtime gate 準備契約 + 鏡像 readiness index + 鏡像接收計畫 + 鏡像事件信封 + 鏡像路由矩陣 + 鏡像驗收契約 + 鏡像隔離契約 + 鏡像 dry-run 報告契約 + 鏡像狀態彙整契約 + IwoooS 前端態勢入口 + IwoooS posture projection contract + IwoooS 既有前端資安頁面整合 + IwoooS 覆蓋與邊界矩陣 + IwoooS 只讀資安處理旅程 + IwoooS owner evidence readiness board + IwoooS host coverage view + IwoooS host action gate matrix + IwoooS host evidence readiness board + IwoooS host evidence collection order + IwoooS host evidence intake preflight + IwoooS host evidence review outcome lanes + IwoooS host evidence review handoff packets + IwoooS host evidence reviewer checklist + IwoooS host evidence reviewer outcome lanes + IwoooS host owner decision candidate packets + IwoooS host owner decision review checklist + IwoooS host owner decision review outcome lanes + IwoooS host owner decision record draft packets + IwoooS host owner decision record draft review checklist + IwoooS host owner decision record draft review outcome lanes + IwoooS host owner decision record write-up packets + IwoooS host owner decision record write-up review checklist + IwoooS host owner decision record write-up review outcome lanes + IwoooS host owner decision record formal candidate packets + IwoooS host owner decision record formal candidate review checklist + IwoooS host owner decision record formal candidate review outcome lanes + IwoooS host owner decision record formal record queue packets + IwoooS host owner decision record formal record queue review checklist + IwoooS host owner decision record formal record queue review outcome lanes + IwoooS host owner decision record human handoff readiness packets + IwoooS host owner decision record human handoff readiness review checklist + IwoooS host owner decision record human handoff readiness review outcome lanes + IwoooS host owner decision record human record owner review candidate packets + IwoooS host owner decision record human record owner review candidate checklist + IwoooS host owner decision record human record owner review candidate outcome lanes + IwoooS host owner decision record human record owner review preparation packets + IwoooS host owner decision record human record owner review preparation checklist + IwoooS progress acceleration lanes + IwoooS owner response next-action focus + IwoooS S4.9 owner response preflight + IwoooS S4.9 owner response request templates + IwoooS progress hold movement gates + IwoooS AwoooP read-only landing readiness + IwoooS AwoooP cross-session handoff packets + AwoooP 首頁 IwoooS 資安鏡像候選 + AwoooP 工作鏈路 IwoooS 資安鏡像候選 + AwoooP 審批佇列 IwoooS owner response 只讀焦點 |
|
||||
| 本階段追加 | AwoooP 合約儀表板 IwoooS 資安契約只讀候選 + AwoooP 租戶管理 IwoooS 資安租戶範圍只讀候選 + AwoooP 執行監控 IwoooS 執行狀態只讀候選 + 既有安全 / 合規頁面 IwoooS 只讀反向橋接 + 告警 / 錯誤 / 授權 / 治理頁面 IwoooS 只讀反向橋接 + 稽核 / 工程審查頁面 IwoooS 深色只讀反向橋接 + IwoooS 前端資安頁面連接狀態板 + IwoooS GitHub 主要來源就緒度只讀狀態板 + AwoooP 工作鏈路 GitHub 主要來源就緒度只讀工作項 + AwoooP 合約儀表板 GitHub 主要來源就緒度合約只讀候選 + AwoooP 審批佇列 GitHub 主要來源就緒度審批邊界 + AwoooP 首頁 GitHub 主要來源就緒度只讀摘要 + AwoooP 租戶管理 GitHub 主要來源就緒度租戶範圍 + AwoooP 執行監控 GitHub 主要來源就緒度執行邊界 + IwoooS / AwoooP 資安可視區塊繁體中文呈現防護檢查 + AwoooP 執行詳情 / 審批詳情繁體中文呈現防護檢查 + AwoooP 首頁負責人回覆驗收總覽 + AwoooP 工作鏈路負責人回覆驗收只讀工作項 + AwoooP 合約儀表板負責人回覆驗收契約只讀候選 + AwoooP 審批佇列負責人回覆驗收只讀審查邊界 + AwoooP 租戶管理負責人回覆驗收租戶範圍 + AwoooP 執行監控負責人回覆驗收執行邊界 + AwoooP 執行詳情負責人回覆驗收詳情邊界 + AwoooP 審批決策負責人回覆驗收審批邊界 + IwoooS AwoooP 資安入口覆蓋狀態板 + IwoooS 階段式資安收斂節奏圖 + IwoooS 下一步人工收件作戰板 + IwoooS 人工回覆安全驗收閘道 + IwoooS 人工回覆審查結果分流 + IwoooS 人工決策準備佇列 + IwoooS 人工決策紀錄草稿防誤用 + IwoooS 人工決策正式紀錄負責人指派確認準備包 + IwoooS 人工決策正式紀錄負責人指派確認清單 + IwoooS 人工決策正式紀錄負責人指派確認結果分流 + IwoooS 人工決策正式紀錄負責人指派決策準備包 + IwoooS 人工決策正式紀錄負責人指派決策檢查清單 + IwoooS S4.9 負責人回覆封套欄位 + IwoooS S4.9 負責人回覆封套送件前檢查 + IwoooS S4.9 負責人回覆封套送件前結果分流 + IwoooS S4.9 負責人回覆送件請求草稿 + IwoooS S4.9 負責人回覆送件鏈路摘要 + IwoooS 低摩擦分階段收斂主控 + IwoooS 低摩擦下一步行動邊界 + IwoooS 64% 進度移動訊號驗收條 + IwoooS 第一個進度解鎖路徑 + IwoooS 第一解鎖證據包 + IwoooS 第一解鎖證據包預檢分流 + IwoooS 第一解鎖證據包補件路徑 + IwoooS 第一解鎖證據包補件送審前檢查 + IwoooS 第一解鎖證據包補件送審結果分流 + IwoooS 第一解鎖證據包 reviewer 指派準備包 + IwoooS 第一解鎖證據包 reviewer 指派前檢查 + IwoooS 第一解鎖證據包 reviewer 指派前檢查結果分流 + IwoooS 正式只讀 landing 與 Kali 112 只讀證據進度重估 |
|
||||
| 本階段追加補充 | IwoooS 目前具體工作地圖 + IwoooS 目前具體交付清單 + IwoooS 目前阻塞與解除條件 + IwoooS 三軸進度與全產品套用範圍 + IwoooS 全產品分階段套用台帳 + IwoooS 全產品 rollout 波次驗收門檻 + IwoooS 全產品 rollout 驗收結果分流 + IwoooS 全產品證據接線地圖 + IwoooS 全產品證據接線預檢 + IwoooS 全產品證據接線預檢結果分流 + IwoooS 全產品預檢補件回收台帳 + IwoooS 全產品補件重試門檻 + IwoooS 全產品重試結果分流 + IwoooS 全產品人工審查候選準備 + IwoooS 全產品人工審查候選預檢 + IwoooS 全產品人工審查候選預檢結果分流 + IwoooS 全產品人工審查候選預檢補件回收台帳 + IwoooS 全產品人工審查候選預檢補件重試門檻 + IwoooS 全產品只讀套用快照 + P2-145 owner response acceptance gate 正式驗證完成 |
|
||||
| P0 追加 | IwoooS P0 配置控管優先序前台正式驗證完成;Nginx public gateway、DNS / TLS / certbot、K8s / ArgoCD / production manifests、Workflow / runner / secret metadata、Public / admin / API runtime config、agent-bounty runtime / treasury 六類先列為即時風險配置;高價值配置 Gate 已補上 `k8s/nginx/**`、`scripts/ops/**/*cert*`、`scripts/ops/**/*tls*`,sample 從 `matched=0 / C0=0` 收斂到 `matched=3 / C0=2`;Gate 預設工作樹 preflight 已可讀取 staged / unstaged / untracked,本地 smoke 對臨時 `k8s/nginx/*` 檔命中 C0;owner response / live evidence / runtime gate / action buttons 仍全部為 0 |
|
||||
| P0 追加 | IwoooS P0 配置控管優先序前台正式驗證完成;Nginx public gateway、DNS / TLS / certbot、K8s / ArgoCD / production manifests、Workflow / runner / secret metadata、Public / admin / API runtime config、agent-bounty runtime / treasury 六類先列為即時風險配置;高價值配置 Gate 已補上 `k8s/nginx/**`、`scripts/ops/**/*cert*`、`scripts/ops/**/*tls*`,sample 從 `matched=0 / C0=0` 收斂到 `matched=3 / C0=2`;Gate 預設工作樹 preflight 已可讀取 staged / unstaged / untracked,本地 smoke 對臨時 `k8s/nginx/*` 檔命中 C0;Owner Packet snapshot 已同步為 `packets=3 / c0=2`,Coverage snapshot 已同步最新 patterns;owner response / live evidence / runtime gate / action buttons 仍全部為 0 |
|
||||
| 原則 | 低摩擦分階段;文件、schema、read-only evidence 優先;不做 runtime enforcement、不切 primary |
|
||||
| P0 主控板 | `docs/workplans/2026-06-04-iwooos-security-governance-p0.md` |
|
||||
|
||||
|
||||
@@ -23,6 +23,7 @@
|
||||
"patterns": [
|
||||
"infra/ansible/roles/nginx/templates/*.j2",
|
||||
"infra/ansible/playbooks/nginx-sync.yml",
|
||||
"k8s/nginx/**",
|
||||
"ops/nginx/**",
|
||||
"docs/runbooks/disaster-recovery/DR-Nginx.md"
|
||||
],
|
||||
@@ -58,6 +59,8 @@
|
||||
"docs/runbooks/REGISTRY-CERTBOT-188.md",
|
||||
"docs/runbooks/**/*CERTBOT*.md",
|
||||
"docs/runbooks/**/*TLS*.md",
|
||||
"scripts/ops/**/*cert*",
|
||||
"scripts/ops/**/*tls*",
|
||||
"ops/**/*cert*",
|
||||
"ops/**/*tls*",
|
||||
"infra/**/*cert*",
|
||||
@@ -564,8 +567,8 @@
|
||||
"websocket_route_change_authorized": false,
|
||||
"workflow_modification_authorized": false
|
||||
},
|
||||
"generated_at": "2026-06-12T10:35:00+08:00",
|
||||
"git_commit": "e4747722",
|
||||
"generated_at": "2026-06-14T17:21:00+08:00",
|
||||
"git_commit": "3db8d53d",
|
||||
"lowest_coverage_categories": [
|
||||
{
|
||||
"category_id": "docker_compose_systemd_host_config",
|
||||
|
||||
@@ -24,6 +24,7 @@
|
||||
"path_patterns": [
|
||||
"infra/ansible/roles/nginx/templates/*.j2",
|
||||
"infra/ansible/playbooks/nginx-sync.yml",
|
||||
"k8s/nginx/**",
|
||||
"ops/nginx/**",
|
||||
"docs/runbooks/disaster-recovery/DR-Nginx.md"
|
||||
],
|
||||
@@ -57,6 +58,8 @@
|
||||
"docs/runbooks/REGISTRY-CERTBOT-188.md",
|
||||
"docs/runbooks/**/*CERTBOT*.md",
|
||||
"docs/runbooks/**/*TLS*.md",
|
||||
"scripts/ops/**/*cert*",
|
||||
"scripts/ops/**/*tls*",
|
||||
"ops/**/*cert*",
|
||||
"ops/**/*tls*",
|
||||
"infra/**/*cert*",
|
||||
@@ -490,8 +493,8 @@
|
||||
"runtime_execution_authorized": false,
|
||||
"secret_value_collected": false
|
||||
},
|
||||
"generated_at": "2026-06-11T13:00:00+08:00",
|
||||
"git_commit": "ccf87213",
|
||||
"generated_at": "2026-06-14T17:21:00+08:00",
|
||||
"git_commit": "3db8d53d",
|
||||
"next_steps": [
|
||||
"若 packet_count > 0,將 packet 交給 owner 補 canonical 欄位;不得把草案視為已送件。",
|
||||
"若 owner 回覆含 secret 或執行要求,先 quarantine 或 reject_execution_request。",
|
||||
@@ -500,14 +503,264 @@
|
||||
"packets": [
|
||||
{
|
||||
"affected_files": [
|
||||
"docs/LOGBOOK.md",
|
||||
"scripts/ops/188-registry-certbot-fix.sh",
|
||||
"scripts/ops/fix-188-registry-certbot-renewal.sh"
|
||||
],
|
||||
"allowed_decisions": [
|
||||
"confirm",
|
||||
"defer",
|
||||
"reject",
|
||||
"request_more_evidence"
|
||||
],
|
||||
"blocked_requests": [
|
||||
"repo_create",
|
||||
"visibility_change",
|
||||
"refs_sync",
|
||||
"refs_delete",
|
||||
"force_push",
|
||||
"workflow_modify",
|
||||
"runner_enable",
|
||||
"secret_value_submit",
|
||||
"ssh_host_modify",
|
||||
"nginx_reload",
|
||||
"dns_tls_modify",
|
||||
"argocd_sync",
|
||||
"kubectl_apply",
|
||||
"active_scan",
|
||||
"agent_bounty_runtime_execute",
|
||||
"payout_or_withdrawal"
|
||||
],
|
||||
"category_id": "dns_tls_certbot",
|
||||
"control_tier": "C0",
|
||||
"false_flags": {
|
||||
"action_buttons_allowed": false,
|
||||
"active_scan_authorized": false,
|
||||
"dns_tls_change_authorized": false,
|
||||
"force_push_authorized": false,
|
||||
"host_write_authorized": false,
|
||||
"nginx_reload_authorized": false,
|
||||
"refs_sync_authorized": false,
|
||||
"request_sent": false,
|
||||
"response_accepted": false,
|
||||
"response_received": false,
|
||||
"runner_change_authorized": false,
|
||||
"runtime_execution_authorized": false,
|
||||
"secret_value_collection_allowed": false,
|
||||
"workflow_modification_authorized": false
|
||||
},
|
||||
"field_templates": [
|
||||
{
|
||||
"field": "owner_role_or_team",
|
||||
"instruction": "填角色或團隊,不填私人帳號、密碼、token 或私人聯絡資訊。",
|
||||
"required": true
|
||||
},
|
||||
{
|
||||
"field": "decision",
|
||||
"instruction": "只能填 confirm、defer、reject、request_more_evidence;不得附帶 runtime 執行批准。",
|
||||
"required": true
|
||||
},
|
||||
{
|
||||
"field": "decision_reason",
|
||||
"instruction": "填脫敏短理由;不可貼 raw log、raw API body、未脫敏截圖或內部對話。",
|
||||
"required": true
|
||||
},
|
||||
{
|
||||
"field": "affected_scope",
|
||||
"instruction": "填受影響 repo、host、domain、namespace、route、service、secret name 或產品邊界。",
|
||||
"required": true
|
||||
},
|
||||
{
|
||||
"field": "redacted_evidence_refs",
|
||||
"instruction": "只填文件路徑、snapshot id、ticket id、commit、hash 或脫敏 metadata pointer。",
|
||||
"required": true
|
||||
},
|
||||
{
|
||||
"field": "followup_owner",
|
||||
"instruction": "填後續補證、審查或決策負責角色 / 團隊。",
|
||||
"required": true
|
||||
},
|
||||
{
|
||||
"field": "rollback_owner",
|
||||
"instruction": "填回滾負責角色 / 團隊;不是直接執行授權。",
|
||||
"required": true
|
||||
},
|
||||
{
|
||||
"field": "maintenance_window",
|
||||
"instruction": "填維護窗口或明確寫 deferred / not scheduled;不得用口頭同意代替。",
|
||||
"required": true
|
||||
},
|
||||
{
|
||||
"field": "validation_plan",
|
||||
"instruction": "填 preflight、post-check、rollback check;若只讀文件變更,寫 guard / json / doc secret sanity。",
|
||||
"required": true
|
||||
}
|
||||
],
|
||||
"label": "DNS / TLS / certbot / certificate path",
|
||||
"outcome_lanes": [
|
||||
"keep_waiting_owner_response",
|
||||
"request_more_evidence",
|
||||
"quarantine_sensitive_payload",
|
||||
"reject_execution_request",
|
||||
"ready_for_reviewer_validation"
|
||||
],
|
||||
"packet_id": "high_value_config_owner_packet:dns_tls_certbot",
|
||||
"priority": "P0",
|
||||
"redaction_rules": [
|
||||
"只收 redacted evidence refs,不收 secret value。",
|
||||
"疑似 token、cookie、authorization header、private key、runner token 或 webhook secret 一律 quarantine。",
|
||||
"內部工作視窗對話、抱怨、口頭同意不得進產品文案或 LOGBOOK raw text。"
|
||||
],
|
||||
"required_gate": "domain_tls_owner_response_required",
|
||||
"required_validation": [
|
||||
"domain_inventory",
|
||||
"certificate_path_check",
|
||||
"renewal_window",
|
||||
"acme_path_smoke",
|
||||
"public_https_smoke",
|
||||
"rollback_ref"
|
||||
],
|
||||
"reviewer_checklist": [
|
||||
"canonical owner fields 全部存在。",
|
||||
"decision 只使用允許值。",
|
||||
"affected scope 可映射到 repo / host / domain / route / service / secret name。",
|
||||
"redacted evidence refs 不含 raw payload。",
|
||||
"沒有夾帶執行要求。",
|
||||
"C0 / C1 若要進 runtime,需獨立人工批准與維護窗口。"
|
||||
],
|
||||
"status": "draft_waiting_owner_response"
|
||||
},
|
||||
{
|
||||
"affected_files": [
|
||||
"k8s/nginx/awoooi-prod.conf"
|
||||
],
|
||||
"allowed_decisions": [
|
||||
"confirm",
|
||||
"defer",
|
||||
"reject",
|
||||
"request_more_evidence"
|
||||
],
|
||||
"blocked_requests": [
|
||||
"repo_create",
|
||||
"visibility_change",
|
||||
"refs_sync",
|
||||
"refs_delete",
|
||||
"force_push",
|
||||
"workflow_modify",
|
||||
"runner_enable",
|
||||
"secret_value_submit",
|
||||
"ssh_host_modify",
|
||||
"nginx_reload",
|
||||
"dns_tls_modify",
|
||||
"argocd_sync",
|
||||
"kubectl_apply",
|
||||
"active_scan",
|
||||
"agent_bounty_runtime_execute",
|
||||
"payout_or_withdrawal"
|
||||
],
|
||||
"category_id": "nginx_public_gateway",
|
||||
"control_tier": "C0",
|
||||
"false_flags": {
|
||||
"action_buttons_allowed": false,
|
||||
"active_scan_authorized": false,
|
||||
"dns_tls_change_authorized": false,
|
||||
"force_push_authorized": false,
|
||||
"host_write_authorized": false,
|
||||
"nginx_reload_authorized": false,
|
||||
"refs_sync_authorized": false,
|
||||
"request_sent": false,
|
||||
"response_accepted": false,
|
||||
"response_received": false,
|
||||
"runner_change_authorized": false,
|
||||
"runtime_execution_authorized": false,
|
||||
"secret_value_collection_allowed": false,
|
||||
"workflow_modification_authorized": false
|
||||
},
|
||||
"field_templates": [
|
||||
{
|
||||
"field": "owner_role_or_team",
|
||||
"instruction": "填角色或團隊,不填私人帳號、密碼、token 或私人聯絡資訊。",
|
||||
"required": true
|
||||
},
|
||||
{
|
||||
"field": "decision",
|
||||
"instruction": "只能填 confirm、defer、reject、request_more_evidence;不得附帶 runtime 執行批准。",
|
||||
"required": true
|
||||
},
|
||||
{
|
||||
"field": "decision_reason",
|
||||
"instruction": "填脫敏短理由;不可貼 raw log、raw API body、未脫敏截圖或內部對話。",
|
||||
"required": true
|
||||
},
|
||||
{
|
||||
"field": "affected_scope",
|
||||
"instruction": "填受影響 repo、host、domain、namespace、route、service、secret name 或產品邊界。",
|
||||
"required": true
|
||||
},
|
||||
{
|
||||
"field": "redacted_evidence_refs",
|
||||
"instruction": "只填文件路徑、snapshot id、ticket id、commit、hash 或脫敏 metadata pointer。",
|
||||
"required": true
|
||||
},
|
||||
{
|
||||
"field": "followup_owner",
|
||||
"instruction": "填後續補證、審查或決策負責角色 / 團隊。",
|
||||
"required": true
|
||||
},
|
||||
{
|
||||
"field": "rollback_owner",
|
||||
"instruction": "填回滾負責角色 / 團隊;不是直接執行授權。",
|
||||
"required": true
|
||||
},
|
||||
{
|
||||
"field": "maintenance_window",
|
||||
"instruction": "填維護窗口或明確寫 deferred / not scheduled;不得用口頭同意代替。",
|
||||
"required": true
|
||||
},
|
||||
{
|
||||
"field": "validation_plan",
|
||||
"instruction": "填 preflight、post-check、rollback check;若只讀文件變更,寫 guard / json / doc secret sanity。",
|
||||
"required": true
|
||||
}
|
||||
],
|
||||
"label": "Nginx / reverse proxy / public route",
|
||||
"outcome_lanes": [
|
||||
"keep_waiting_owner_response",
|
||||
"request_more_evidence",
|
||||
"quarantine_sensitive_payload",
|
||||
"reject_execution_request",
|
||||
"ready_for_reviewer_validation"
|
||||
],
|
||||
"packet_id": "high_value_config_owner_packet:nginx_public_gateway",
|
||||
"priority": "P0",
|
||||
"redaction_rules": [
|
||||
"只收 redacted evidence refs,不收 secret value。",
|
||||
"疑似 token、cookie、authorization header、private key、runner token 或 webhook secret 一律 quarantine。",
|
||||
"內部工作視窗對話、抱怨、口頭同意不得進產品文案或 LOGBOOK raw text。"
|
||||
],
|
||||
"required_gate": "public_gateway_owner_response_required",
|
||||
"required_validation": [
|
||||
"rendered_diff",
|
||||
"nginx_t",
|
||||
"affected_route_smoke",
|
||||
"admin_route_smoke_if_affected",
|
||||
"acme_path_smoke_if_affected",
|
||||
"rollback_ref"
|
||||
],
|
||||
"reviewer_checklist": [
|
||||
"canonical owner fields 全部存在。",
|
||||
"decision 只使用允許值。",
|
||||
"affected scope 可映射到 repo / host / domain / route / service / secret name。",
|
||||
"redacted evidence refs 不含 raw payload。",
|
||||
"沒有夾帶執行要求。",
|
||||
"C0 / C1 若要進 runtime,需獨立人工批准與維護窗口。"
|
||||
],
|
||||
"status": "draft_waiting_owner_response"
|
||||
},
|
||||
{
|
||||
"affected_files": [
|
||||
"docs/security/HIGH-VALUE-CONFIG-CHANGE-GATE.md",
|
||||
"docs/security/HIGH-VALUE-CONFIG-OWNER-PACKET.md",
|
||||
"docs/security/IWOOOS-CONFIG-CONTROL-INVENTORY.md",
|
||||
"docs/security/high-value-config-change-gate.snapshot.json",
|
||||
"docs/security/high-value-config-owner-packet.snapshot.json",
|
||||
"scripts/security/high-value-config-change-gate.py",
|
||||
"scripts/security/high-value-config-owner-packet.py"
|
||||
"scripts/security/high-value-config-change-gate.py"
|
||||
],
|
||||
"allowed_decisions": [
|
||||
"confirm",
|
||||
@@ -634,23 +887,23 @@
|
||||
"schema_version": "high_value_config_owner_packet_v1",
|
||||
"source_gate_schema_version": "high_value_config_change_gate_v1",
|
||||
"source_gate_summary": {
|
||||
"changed_file_count": 8,
|
||||
"impacted_c0_category_count": 0,
|
||||
"changed_file_count": 6,
|
||||
"impacted_c0_category_count": 2,
|
||||
"impacted_c1_category_count": 0,
|
||||
"impacted_category_count": 1,
|
||||
"matched_high_value_file_count": 8,
|
||||
"impacted_category_count": 3,
|
||||
"matched_high_value_file_count": 6,
|
||||
"owner_evidence_complete": false,
|
||||
"owner_evidence_provided": false,
|
||||
"runtime_execution_authorized": false,
|
||||
"strongest_priority": "P3",
|
||||
"strongest_tier": "C3"
|
||||
"strongest_priority": "P0",
|
||||
"strongest_tier": "C0"
|
||||
},
|
||||
"status": "draft_waiting_owner_response",
|
||||
"summary": {
|
||||
"accepted_response_count": 0,
|
||||
"c0_packet_count": 0,
|
||||
"c0_packet_count": 2,
|
||||
"c1_packet_count": 0,
|
||||
"packet_count": 1,
|
||||
"packet_count": 3,
|
||||
"received_response_count": 0,
|
||||
"request_sent_count": 0,
|
||||
"runtime_gate_count": 0
|
||||
|
||||
Reference in New Issue
Block a user