docs(security): require owner response guard in mirror dry run

This commit is contained in:
Your Name
2026-05-18 09:14:02 +08:00
parent db46f204f9
commit f3b6972b29
10 changed files with 70 additions and 19 deletions

View File

@@ -40,7 +40,7 @@ AwoooP 初期不得直接啟動掃描、不得呼叫 Codex patch runner、不得
| `security_mirror_route_v1` | AwoooP 鏡像路由矩陣 | Operator Console、Runtime State、Channel Event、Audit、Approval Queue | mirror-only | 只決定目的地、channel policy 與 review lane不作 execution router |
| `security_mirror_acceptance_v1` | AwoooP 鏡像驗收契約 | Operator Console、Runtime State、Audit | mirror-only | 只驗收 contract count、event envelope、route coverage、redaction、progress estimate guard不作 runtime blocker |
| `security_mirror_quarantine_v1` | AwoooP 鏡像隔離契約 | Operator Console、Audit | mirror-only | 只隔離驗收失敗 payload、顯示 recovery request 與 retry gate不作 runtime blocker |
| `security_mirror_dry_run_v1` | AwoooP 鏡像 dry-run 報告契約 | Operator Console、Audit | mirror-only | 只回報接入演練結果,且必須包含 progress guard 與 latest local validation不得轉成 production ingestion |
| `security_mirror_dry_run_v1` | AwoooP 鏡像 dry-run 報告契約 | Operator Console、Audit | mirror-only | 只回報接入演練結果,且必須包含 progress guard、owner response guard 與 latest local validation不得轉成 production ingestion |
| `security_mirror_status_rollup_v1` | AwoooP 鏡像狀態彙整契約 | Operator Console、Runtime State、Audit | mirror-only | 只顯示階段狀態、58% 進度估算、下一個 gate 與禁止事項;不得視為 runtime authorization |
| `source_control_owner_response_validation_rollup_v1` | S4.9 / S4.10 / S4.11 / S4.12 owner response validation rollup | Operator Console、Source-control review、Audit | mirror-only | 只顯示四包 response packets、22 個 templates、10 個 cross-packet checks、quarantine rules 與 latest local validation不得視為 approval 或 runtime gate |
| `coding_task_v1` | Code Review / Codex Security / manual review | Approval candidate、Channel Event、Audit | suggest-only | 不自動開 patch runner、不自動 merge |
@@ -110,7 +110,7 @@ AwoooP 初期不得直接啟動掃描、不得呼叫 Codex patch runner、不得
| `security_mirror_route_v1.status=draft` | `observe` | 顯示 5 個 route groups、channel policy 與 review lane不得轉成 execution router |
| `security_mirror_acceptance_v1.status=draft` | `observe` | 顯示 8 個 acceptance checks其中 progress estimate guard 必須確認 58% 不是執行授權;只可驗收鏡像資料,不得阻擋 runtime |
| `security_mirror_quarantine_v1.status=draft` | `observe` | 顯示 5 個 quarantine lanes、recovery request 與 retry gate不得自動重試失敗 payload |
| `security_mirror_dry_run_v1.dry_run_status=contract_defined_not_executed` | `observe` | 顯示 7 個 dry-run steps 與 `latest_local_validation.status=repo_snapshot_guard_pass``CHECK_PROGRESS_GUARD` 必須維持 58% 不是執行授權,不得視為 production ingestion 已啟用 |
| `security_mirror_dry_run_v1.dry_run_status=contract_defined_not_executed` | `observe` | 顯示 8 個 dry-run steps 與 `latest_local_validation.status=repo_snapshot_guard_pass``CHECK_PROGRESS_GUARD` 必須維持 58% 不是執行授權,`CHECK_OWNER_RESPONSE_GUARD` 必須維持 owner response received / accepted 皆為 0不得視為 production ingestion 已啟用 |
| `security_mirror_status_rollup_v1.rollup_status=framework_ready_waiting_approval` | `observe` | 顯示 S0-S4 階段、58% 進度估算、approval queue summary 與下一個 gate不得新增 execution action |
| `source_control_owner_response_validation_rollup_v1.status=draft_waiting_owner_responses` | `observe` | 顯示四包 owner response packets、22 個 templates、received / accepted / rejected 皆為 0`latest_local_validation.result=SOURCE_CONTROL_OWNER_RESPONSE_GUARD_OK`;不得當成 approval 或 execution authorization |
| `coding_task_v1.risk=LOW|MEDIUM` | `warn` | 可排入 Codex patch-only backlog |

View File

@@ -357,9 +357,9 @@ Schema`docs/schemas/security_mirror_dry_run_v1.schema.json`
Snapshot`docs/security/security-mirror-dry-run.snapshot.json`
目前 dry-run6 個 steps`dry_run_status=contract_defined_not_executed`,尚未代表 AwoooP 已實際執行 dry-run。
目前 dry-run8 個 steps,已包含 `CHECK_PROGRESS_GUARD``CHECK_OWNER_RESPONSE_GUARD``dry_run_status=contract_defined_not_executed`,尚未代表 AwoooP 已實際執行 dry-run或 production ingestion
AwoooP 初期處理方式:只顯示 dry-run 報告與各 step 狀態;不得轉成 production ingestion 或任何 runtime action。
AwoooP 初期處理方式:只顯示 dry-run 報告與各 step 狀態;不得把 guard pass 當成 owner response 已收到,也不得轉成 production ingestion 或任何 runtime action。
### `security_mirror_status_rollup_v1`
@@ -858,11 +858,11 @@ Console 初期不提供高風險執行按鈕。
2026-05-13 mirror route 追加:已新增 `docs/schemas/security_mirror_route_v1.schema.json``docs/security/security-mirror-route.snapshot.json``docs/security/SECURITY-MIRROR-ROUTE.md`。AwoooP 可依 5 個 route groups 將 35 個 contracts 分流到 Operator Console、Runtime State、Channel Event、Audit evidence 與 Approval Queueroute 只決定目的地、channel policy 與 review lane不是 execution router。
2026-05-13 mirror acceptance 追加:已新增 `docs/schemas/security_mirror_acceptance_v1.schema.json``docs/security/security-mirror-acceptance.snapshot.json``docs/security/SECURITY-MIRROR-ACCEPTANCE.md`。AwoooP 可用 7 個 acceptance checks 驗收 mirror ingestionblocking checks 只針對 contract count mismatch、缺 event envelope、route coverage 不完整未脫敏 evidence不得阻擋 runtime 流程。
2026-05-13 mirror acceptance 追加2026-05-18 已對齊 progress guard:已新增 `docs/schemas/security_mirror_acceptance_v1.schema.json``docs/security/security-mirror-acceptance.snapshot.json``docs/security/SECURITY-MIRROR-ACCEPTANCE.md`。AwoooP 可用 8 個 acceptance checks 驗收 mirror ingestionblocking checks 只針對 contract count mismatch、缺 event envelope、route coverage 不完整未脫敏 evidence 或進度估算被誤當授權,不得阻擋 runtime 流程。
2026-05-13 mirror quarantine 追加:已新增 `docs/schemas/security_mirror_quarantine_v1.schema.json``docs/security/security-mirror-quarantine.snapshot.json``docs/security/SECURITY-MIRROR-QUARANTINE.md`。AwoooP 可用 5 個 quarantine lanes 隔離驗收失敗 payload顯示 owner、recovery request 與 retry gate不得自動重試、不得猜測缺漏 contract、不得阻擋 runtime 流程。
2026-05-13 mirror dry-run 追加:已新增 `docs/schemas/security_mirror_dry_run_v1.schema.json``docs/security/security-mirror-dry-run.snapshot.json``docs/security/SECURITY-MIRROR-DRY-RUN.md`。AwoooP 未來可用 6 個 dry-run steps 回報接入演練結果;本 snapshot 狀態為 `contract_defined_not_executed`,不得視為 production ingestion 已啟用。
2026-05-13 mirror dry-run 追加2026-05-18 已對齊 progress guard 與 owner response guard:已新增 `docs/schemas/security_mirror_dry_run_v1.schema.json``docs/security/security-mirror-dry-run.snapshot.json``docs/security/SECURITY-MIRROR-DRY-RUN.md`。AwoooP 未來可用 8 個 dry-run steps 回報接入演練結果;本 snapshot 狀態為 `contract_defined_not_executed`,不得視為 production ingestion 已啟用。
2026-05-13 mirror status rollup 追加:已新增 `docs/schemas/security_mirror_status_rollup_v1.schema.json``docs/security/security-mirror-status-rollup.snapshot.json``docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md`。AwoooP 與 Security Supply Chain Session 可用同一份 rollup 同步 S0-S4、35 個 contracts、approval queue summary、review packet summary、state transition summary、follow-up runtime gate template summary、GitHub primary readiness summary、rollback ADR summary、workflow / secret name inventory summary 與下一個安全 gate本契約不授權任何 runtime action。

View File

@@ -24,6 +24,7 @@
| `CHECK_ROUTE_COVERAGE` | 確認 route groups 覆蓋所有 contracts | 不建立 fallback execution route |
| `CHECK_ACCEPTANCE_AND_QUARANTINE` | 確認驗收與隔離只處理 mirror payload | 不阻擋 runtime |
| `CHECK_PROGRESS_GUARD` | 確認 58% 進度估算只作狀態顯示 | 不把進度當 approval 或 runtime authorization |
| `CHECK_OWNER_RESPONSE_GUARD` | 確認四包 owner response 仍未收到 / 接受 | 不把 guard pass 當成 repo、refs、workflow、secret、runner、primary 或 runtime 授權 |
| `CHECK_LOW_NOISE_CHANNEL` | 確認 Channel Event 低噪音 | 不對 LOW / MEDIUM 洗版 |
| `CONFIRM_NO_RUNTIME_ACTION` | 確認 dry-run 沒有任何 runtime action | 不掃描、不 deploy、不 sync refs |
@@ -31,9 +32,10 @@
```text
python3 scripts/security/security-mirror-progress-guard.py
python3 scripts/security/source-control-owner-response-guard.py
```
指令只讀 committed snapshots確認 dry-run 仍維持 `runtime_actions_executed=false``payloads_ingested=false`
這兩個指令只讀 committed snapshots確認 dry-run 仍維持 `runtime_actions_executed=false``payloads_ingested=false`,且 owner response received / accepted 仍為 0
## 1.1 最新本機只讀驗證
@@ -41,8 +43,8 @@ python3 scripts/security/security-mirror-progress-guard.py
|------|------|
| 日期 | 2026-05-18 |
| 範圍 | `repo_snapshot_only` |
| 指令 | `python3 scripts/security/security-mirror-progress-guard.py` |
| 結果 | `SECURITY_MIRROR_PROGRESS_GUARD_OK` |
| 指令 | `python3 scripts/security/security-mirror-progress-guard.py && python3 scripts/security/source-control-owner-response-guard.py` |
| 結果 | `SECURITY_MIRROR_PROGRESS_GUARD_OK; SOURCE_CONTROL_OWNER_RESPONSE_GUARD_OK` |
| dry-run 狀態 | `contract_defined_not_executed` |
| production ingestion | `false` |
| runtime actions | `false` |

View File

@@ -33,7 +33,7 @@
| Gitea inventory | S4.5 已補認證清冊匯出請求S4.6 已補匯入驗收契約S4.7 已補 owner coverage attestationS4.8 已把既有 Gitea queue/gate/review packet/follow-up gate 對齊 attestation 先行S4.9 已補 owner response 收件包;目前 status=`partial_waiting_authenticated_inventory`、未認證公開範圍 repos 2 個、本機可見 Gitea unique repos 4 個、匯出來源選項 2 類、匯入驗收 payload 0 筆、owner attestation items 5 個、收到 attestation 0 筆、owner response 0 筆、敏感 payload 必須隔離、允許收集 token value=false |
| Workflow / secret name inventory | S4.1 已建立S4.2 補 4 個 repos、31 個 workflow files、43 個 referenced secret names 的 local evidenceS4.3 補 7 個 repos、5 類 lanes 的 redacted export requestS4.12 補 5 個 owner response templates0 個 inventory complete、禁止收集 secret value、禁止 write token |
| Owner response validation | S4.13 已建立;四包 owner response 目前 received/accepted 皆為 0latest local validation 為 `SOURCE_CONTROL_OWNER_RESPONSE_GUARD_OK`,不代表 owner response 已收到或任何執行授權 |
| Dry-run | `contract_defined_not_executed`;已納入 `CHECK_PROGRESS_GUARD`latest local validation 為 `repo_snapshot_guard_pass`,仍不代表 production ingestion |
| Dry-run | `contract_defined_not_executed`;已納入 `CHECK_PROGRESS_GUARD``CHECK_OWNER_RESPONSE_GUARD`latest local validation 為 `repo_snapshot_guard_pass`,仍不代表 production ingestion |
| Runtime actions | `false` |
| Payload ingestion | `false` |

View File

@@ -44,9 +44,9 @@ python3 scripts/security/security-mirror-progress-guard.py
| S2.1 AwoooP mirror-only intake plan | 完成草案 | `security_mirror_intake_plan_v1` 已建立 5 個 intake waves 與 4 個 acceptance gates | AwoooP 主線照 wave mirror不新增 execution router |
| S2.2 AwoooP 鏡像事件信封 | 完成草案 | `security_mirror_event_v1` 已建立,要求每筆鏡像 payload 標示 `execution_authorized=false``action_buttons_allowed=false` | AwoooP 鏡像 payload 統一信封 |
| S2.3 AwoooP 鏡像路由矩陣 | 完成草案 | `security_mirror_route_v1` 已建立 5 個 route groups定義目的地、channel policy 與 review lane | AwoooP 消費時不猜路由、不新增執行入口 |
| S2.4 AwoooP 鏡像驗收契約 | 完成草案 | `security_mirror_acceptance_v1` 已建立 7 個 acceptance checksblocking 只針對鏡像資料不完整未脫敏 | AwoooP 接入時可驗收,不升級成 runtime enforcement |
| S2.4 AwoooP 鏡像驗收契約 | 完成草案 | `security_mirror_acceptance_v1` 已建立 8 個 acceptance checksblocking 只針對鏡像資料不完整未脫敏或進度估算被誤當授權 | AwoooP 接入時可驗收,不升級成 runtime enforcement |
| S2.5 AwoooP 鏡像隔離契約 | 完成草案 | `security_mirror_quarantine_v1` 已建立 5 個 quarantine lanes失敗 payload 必須等新 snapshot commit 後才能 retry | AwoooP 可隔離壞資料,不阻擋 runtime |
| S2.6 AwoooP 鏡像 dry-run 報告契約 | 完成草案 | `security_mirror_dry_run_v1` 已建立 7 個 dry-run steps已納入 `CHECK_PROGRESS_GUARD`latest local validation 為 `repo_snapshot_guard_pass`;目前狀態仍為 contract defined not executed | AwoooP 未來可回報演練結果,但不啟動 production ingestion |
| S2.6 AwoooP 鏡像 dry-run 報告契約 | 完成草案 | `security_mirror_dry_run_v1` 已建立 8 個 dry-run steps已納入 `CHECK_PROGRESS_GUARD``CHECK_OWNER_RESPONSE_GUARD`latest local validation 為 `repo_snapshot_guard_pass`;目前狀態仍為 contract defined not executed | AwoooP 未來可回報演練結果,但不啟動 production ingestion |
| S2.7 AwoooP 鏡像狀態彙整契約 | 完成草案 | `security_mirror_status_rollup_v1` 已建立,彙整 S0-S4、approval queue summary 與下一個安全 gateS4.13 已補 owner response validation rollup | 兩個 Session 用同一份 rollup 同步,不誤啟執行面 |
| S3 approval gate | 進行中 | `security_approval_gate_v1` 已建立 8 個人工 gate items7 pending、1 block candidate、0 approved | 不得繞過人工批准;批准後仍需 follow-up runtime gate |
| S3.0 人工批准 Gate 契約 | 完成草案 | 定義批准範圍、決策選項、required reviewers、still forbidden 與 follow-up runtime gate | AwoooP 可記錄決策,不可執行 gate item |

View File

@@ -12,7 +12,8 @@
"docs/security/security-mirror-route.snapshot.json",
"docs/security/security-mirror-acceptance.snapshot.json",
"docs/security/security-mirror-quarantine.snapshot.json",
"docs/security/security-mirror-status-rollup.snapshot.json"
"docs/security/security-mirror-status-rollup.snapshot.json",
"docs/security/source-control-owner-response-validation-rollup.snapshot.json"
],
"summary": {
"total_contracts": 35,
@@ -71,7 +72,7 @@
},
{
"step_id": "CHECK_ACCEPTANCE_AND_QUARANTINE",
"expected_observation": "7 個 acceptance checks 與 5 個 quarantine lanes 都可顯示,且失敗 payload 只隔離不執行。",
"expected_observation": "8 個 acceptance checks 與 5 個 quarantine lanes 都可顯示,且失敗 payload 只隔離不執行。",
"evidence_refs": [
"docs/security/security-mirror-acceptance.snapshot.json",
"docs/security/security-mirror-quarantine.snapshot.json"
@@ -104,6 +105,26 @@
"switch_github_primary"
]
},
{
"step_id": "CHECK_OWNER_RESPONSE_GUARD",
"expected_observation": "AwoooP dry-run 必須確認 S4.9 / S4.10 / S4.11 / S4.12 四包 owner response 仍為 waiting_owner_responsereceived / accepted 皆為 0且不能解鎖 repo、refs、workflow、secret、runner、GitHub primary 或 runtime action。",
"evidence_refs": [
"docs/security/source-control-owner-response-validation-rollup.snapshot.json",
"docs/security/SOURCE-CONTROL-OWNER-RESPONSE-VALIDATION-ROLLUP.md",
"scripts/security/source-control-owner-response-guard.py"
],
"pass_condition": "`python3 scripts/security/source-control-owner-response-guard.py` 回傳 SOURCE_CONTROL_OWNER_RESPONSE_GUARD_OK且 received_response_count=0、accepted_response_count=0。",
"execution_allowed": false,
"blocked_actions": [
"treat_owner_guard_as_response_received",
"create_github_repo",
"change_repo_visibility",
"sync_git_refs",
"modify_workflow_or_secret",
"enable_runner",
"switch_github_primary"
]
},
{
"step_id": "CHECK_LOW_NOISE_CHANNEL",
"expected_observation": "Channel Event 初期只發低噪音摘要或人工批准必要事件。",
@@ -143,12 +164,13 @@
"status": "repo_snapshot_guard_pass",
"date": "2026-05-18",
"scope": "repo_snapshot_only",
"command": "python3 scripts/security/security-mirror-progress-guard.py",
"result": "SECURITY_MIRROR_PROGRESS_GUARD_OK",
"command": "python3 scripts/security/security-mirror-progress-guard.py && python3 scripts/security/source-control-owner-response-guard.py",
"result": "SECURITY_MIRROR_PROGRESS_GUARD_OK; SOURCE_CONTROL_OWNER_RESPONSE_GUARD_OK",
"validated_steps": [
"LOAD_CONTRACT_INDEXES",
"CHECK_ACCEPTANCE_AND_QUARANTINE",
"CHECK_PROGRESS_GUARD",
"CHECK_OWNER_RESPONSE_GUARD",
"CONFIRM_NO_RUNTIME_ACTION"
],
"runtime_actions_executed": false,

View File

@@ -59,7 +59,7 @@
"execution_router",
"blocking_gate"
],
"exit_gate": "Operator Console 能顯示 35 個 contract、5 個 route groups、7 個 acceptance checks、5 個 quarantine lanes、6 個 dry-run steps、status rollup、approval gate、decision record、review packet、state transition、follow-up runtime gate preparation、GitHub primary readiness gate、rollback ADR 與 workflow / secret name inventory gate且 mirror event envelope action_buttons_allowed=false。"
"exit_gate": "Operator Console 能顯示 35 個 contract、5 個 route groups、8 個 acceptance checks、5 個 quarantine lanes、8 個 dry-run steps、status rollup、owner response guard、approval gate、decision record、review packet、state transition、follow-up runtime gate preparation、GitHub primary readiness gate、rollback ADR 與 workflow / secret name inventory gate且 mirror event envelope action_buttons_allowed=false。"
},
{
"wave_id": "M1_kali_visibility",

View File

@@ -57,7 +57,7 @@
"runtime blocking",
"自動批准任何 queue item"
],
"exit_gate": "AwoooP 可顯示 35 個 contract、5 個 route groups、7 個 acceptance checks、5 個 quarantine lanes、6 個 dry-run steps、status rollup、approval gate、decision record、review packet、state transition、follow-up runtime gate preparation、GitHub primary readiness gate、rollback ADR 與 workflow / secret name inventory gate且所有 route 都維持 runtime_execution_authorized=false。"
"exit_gate": "AwoooP 可顯示 35 個 contract、5 個 route groups、8 個 acceptance checks、5 個 quarantine lanes、8 個 dry-run steps、status rollup、owner response guard、approval gate、decision record、review packet、state transition、follow-up runtime gate preparation、GitHub primary readiness gate、rollback ADR 與 workflow / secret name inventory gate且所有 route 都維持 runtime_execution_authorized=false。"
},
{
"wave_id": "M1_kali_visibility",