Merge remote-tracking branch 'gitea-ssh/main' into codex/p0-product-manifest-standard-20260629
This commit is contained in:
@@ -49538,3 +49538,19 @@ production browser smoke:
|
||||
- 沒有讀 secret / token / `.env` / raw sessions / SQLite / auth,沒有寫 credential marker。
|
||||
- 沒有重啟主機,沒有 restart Docker / Nginx / K3s / DB / firewall。
|
||||
- 沒有使用 GitHub / gh / GitHub API / GitHub Actions。
|
||||
|
||||
## 2026-06-29 — 15:45 P0-005 production safe next step readback
|
||||
|
||||
**runtime readback**:
|
||||
- Gitea `main` 已包含 `91edba1a2 fix(api): expose credential escrow safe next step`;後續 `e8228fd2` 仍包含該 commit。
|
||||
- Production GET `/api/v1/agents/credential-escrow-evidence-intake-readiness` 已讀回 top-level `safe_next_step=collect_redacted_non_secret_evidence_refs_then_rerun_preflight`,`readback.safe_next_step` 同值。
|
||||
- P0-005 blocker 維持正確紅燈:`missing_item_count=5`、`owner_response_accepted_count=0`、`runtime_gate_count=0`。
|
||||
|
||||
**下一步**:
|
||||
- P0-005 現在只剩收齊五個 non-secret evidence refs 後跑單一 preflight;不得收 secret 值、不得寫 credential marker、不得打開 runtime gate。
|
||||
- 若五個 refs 尚未存在,照 priority order 進入 P0-003 Gitea authenticated/admin redacted inventory 或 owner coverage attestation。
|
||||
|
||||
**仍維持**:
|
||||
- 沒有讀 secret / token / `.env` / raw sessions / SQLite / auth,沒有寫 credential marker。
|
||||
- 沒有重啟主機,沒有 restart Docker / Nginx / K3s / DB / firewall。
|
||||
- 沒有使用 GitHub / gh / GitHub API / GitHub Actions。
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
{
|
||||
"schema_version": "awoooi_priority_work_order_readback_v1",
|
||||
"generated_at": "2026-06-29T15:34:00+08:00",
|
||||
"status": "p0_ordered_readback_p0_006_timer_live_p0_005_safe_next_step_source_fixed_p0_003_public_inventory_refreshed",
|
||||
"generated_at": "2026-06-29T15:45:00+08:00",
|
||||
"status": "p0_ordered_readback_p0_006_timer_live_p0_005_safe_next_step_production_readback_p0_003_public_inventory_refreshed",
|
||||
"source_refs": {
|
||||
"global_scorecard": "~/.codex/product-runtime-governance-completion-scorecard.snapshot.json",
|
||||
"workstation_dashboard": "~/.codex/codex-workstation-sync-dashboard.snapshot.json",
|
||||
@@ -22,7 +22,7 @@
|
||||
"credential_escrow_intake_readiness_tests": "apps/api/tests/test_credential_escrow_evidence_intake_readiness_api.py"
|
||||
},
|
||||
"current_head": {
|
||||
"gitea_main_sha": "fe42ed1b4368800fca43ce040f8f498f0e88494f",
|
||||
"gitea_main_sha": "e8228fd2c4ef2a026eebc483f6b58fc0850aba6d",
|
||||
"latest_successful_deploy_marker": "15824e9ec chore(cd): deploy 57c1df1 [skip ci]",
|
||||
"latest_successful_deployed_source_sha": "57c1df19fca580dafa5980d82d164819de0dbcd5",
|
||||
"latest_source_readiness_commit_sha": "0c8d4e88c39157b92322fa41a92e6b15c317ac49",
|
||||
@@ -31,7 +31,7 @@
|
||||
"source_readiness_ci_fix_required": false,
|
||||
"no_matching_runner_visible": false,
|
||||
"latest_verified_worktree_base_sha": "8f0c6d300",
|
||||
"latest_fetched_gitea_main_subject": "feat(awooop): expose ai automation log taxonomy"
|
||||
"latest_fetched_gitea_main_subject": "feat(awooop): expose ai automation work items"
|
||||
},
|
||||
"completed_in_priority_order": [
|
||||
{
|
||||
@@ -114,8 +114,8 @@
|
||||
{
|
||||
"workplan_id": "P0-005",
|
||||
"title": "產品資料與備份 contract",
|
||||
"status": "source_fixed_waiting_non_secret_credential_escrow_evidence",
|
||||
"reason": "Production GET still reports five missing non-secret DR credential escrow evidence refs and zero accepted owner responses. The API source now exposes a top-level safe_next_step so downstream readbacks no longer receive null while the escrow evidence blocker remains honest.",
|
||||
"status": "waiting_non_secret_credential_escrow_evidence_refs",
|
||||
"reason": "Production credential escrow readiness now exposes top-level safe_next_step, so the API no longer returns null. The remaining blocker is the real five non-secret DR credential escrow evidence refs; no secret values, marker writes, or runtime gates were opened.",
|
||||
"evidence": {
|
||||
"product_data_green": true,
|
||||
"stock_freshness_status": "ok",
|
||||
@@ -145,7 +145,10 @@
|
||||
"production_top_level_safe_next_step_was_null_before_source_fix": true,
|
||||
"source_top_level_safe_next_step_present": true,
|
||||
"source_safe_next_step": "collect_redacted_non_secret_evidence_refs_then_rerun_preflight",
|
||||
"focused_p0_005_tests_passed": 16
|
||||
"focused_p0_005_tests_passed": 16,
|
||||
"production_top_level_safe_next_step_readback": true,
|
||||
"production_safe_next_step": "collect_redacted_non_secret_evidence_refs_then_rerun_preflight",
|
||||
"production_readback_safe_next_step": "collect_redacted_non_secret_evidence_refs_then_rerun_preflight"
|
||||
},
|
||||
"missing_items": [
|
||||
"restic_repository_password",
|
||||
@@ -169,7 +172,7 @@
|
||||
"Do not create additional owner-package variants for the same five refs."
|
||||
]
|
||||
},
|
||||
"safe_next_step": "deploy_and_read_back_credential_escrow_safe_next_step_then_collect_five_non_secret_refs_and_rerun_preflight"
|
||||
"safe_next_step": "collect_five_non_secret_credential_escrow_evidence_refs_then_rerun_single_preflight"
|
||||
},
|
||||
{
|
||||
"workplan_id": "P0-003",
|
||||
@@ -357,7 +360,7 @@
|
||||
},
|
||||
"next_execution_order": [
|
||||
"P0-006: keep the live reboot SLO timer active; no reboot or service restart from this lane; next proof is the next fresh all-host reboot event or separately approved reboot drill.",
|
||||
"P0-005: deploy/read back the credential escrow readiness safe_next_step source fix, then collect five non-secret refs and rerun one preflight; backup/offsite freshness is already green.",
|
||||
"P0-005: collect five non-secret credential escrow evidence refs and rerun one preflight; production API safe_next_step now reads back correctly and backup/offsite freshness is green.",
|
||||
"P0-003: complete Gitea authenticated/admin redacted inventory export or owner coverage attestation; public-only live inventory is refreshed to four repos; GitHub remains stopped/retired/do_not_use."
|
||||
]
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user