21 KiB
21 KiB
AwoooP 只讀鏡像消費清單
| 項目 | 內容 |
|---|---|
| 日期 | 2026-05-13 |
| 狀態 | 初版,供 AwoooP Session 只讀消費 |
| 範圍 | Kali / Code Review / Codex / Gitea / GitHub 資安供應鏈事件 |
| 低摩擦 policy | docs/security/SECURITY-LOW-FRICTION-ROLLOUT-POLICY.md |
| Contract manifest | docs/security/SECURITY-SUPPLY-CHAIN-CONTRACT-MANIFEST.md |
| 原則 | 低摩擦分階段;AwoooP 初期只 mirror、只讀 policy、只建立必要的 approval candidate,不直接執行 |
0. 核心結論
AwoooP 可以消費 Security Supply Chain Session 產出的事件,但初期只能做三件事:
- mirror 成 Runtime State / Channel Event / Audit evidence。
- 計算 read-only policy 建議,例如
observe、warn、approve_required。 - 產生 approval candidate,等待人工核准。
AwoooP 初期不得直接啟動掃描、不得呼叫 Codex patch runner、不得切換 GitHub primary、不得修改 production runtime。
初期也不得把每個 observation 都變成阻擋條件。LOW / MEDIUM 且不涉及不可逆變更的項目,先以 observe / warn 累積 evidence;只有 repo creation、visibility change、refs sync、secret、RBAC、NetworkPolicy、firewall、deploy、primary switch 等高風險動作才進 approval。
1. 允許消費的事件
| 事件 | 來源 | AwoooP 目標 | 初期狀態 | 必要防護 |
|---|---|---|---|---|
security_finding_v1 |
Kali / Trivy / ZAP / Semgrep / detect-secrets / kube posture | Runtime State、Channel Event、Audit | mirror-only | 不保存 raw secret、cookie、token、exploit payload |
kali_integration_status_v1 |
192.168.0.112 live health / update / gap evidence | Security posture、Operator Console、Approval candidate | mirror-only | 不保存 SSH 密碼或 API key、不直接啟動 scan 或 /execute |
kali_scan_scope_approval_v1 |
Kali 112 scan scope、111/168 observe-only、safe/active/credentialed/execute/full-upgrade gates | Approval queue、Operator Console、Audit | approval-only | 只顯示 scope 與 gate,不啟動 scan、不呼叫 /execute |
security_approval_queue_v1 |
Security Supply Chain pending approval / block candidate 集中隊列 | Approval queue、Operator Console、Audit | approval-only | 只顯示 review order 與 blocked reason,不執行 queue item |
security_approval_gate_v1 |
S3 人工批准 gate | Approval queue、Operator Console、Audit | approval-only | 只記錄人工決策、批准範圍與 follow-up runtime gate,不執行 gate item |
security_approval_decision_record_v1 |
S3 人工決策紀錄 | Operator Console、Audit | approval-only | 只保存 approve / reject / defer / request more evidence / keep blocked 的稽核紀錄,不執行決策 |
security_approval_review_packet_v1 |
S3 人工審查封包 | Approval queue、Operator Console、Audit | approval-only | 只顯示 review lane、required reviewers、requested decision 與 still forbidden,不代表批准 |
security_mirror_readiness_v1 |
Security Supply Chain contract mirror readiness index | Operator Console、Runtime State、Channel Event、Audit | mirror-only | 只顯示 ready / partial / contract-only,不執行 mirror item |
security_mirror_intake_plan_v1 |
AwoooP mirror-only intake waves / destinations / acceptance gates | Operator Console、Runtime State、Channel Event、Audit、Approval Queue | mirror-only | 只照 wave 讀取與顯示,不執行 intake item |
security_mirror_event_v1 |
AwoooP mirror-only event envelope | Operator Console、Runtime State、Channel Event、Audit、Approval Queue | mirror-only | 每筆 event 必須 execution_authorized=false、action_buttons_allowed=false |
security_mirror_route_v1 |
AwoooP 鏡像路由矩陣 | Operator Console、Runtime State、Channel Event、Audit、Approval Queue | mirror-only | 只決定目的地、channel policy 與 review lane,不作 execution router |
security_mirror_acceptance_v1 |
AwoooP 鏡像驗收契約 | Operator Console、Runtime State、Audit | mirror-only | 只驗收 contract count、event envelope、route coverage、redaction;不作 runtime blocker |
security_mirror_quarantine_v1 |
AwoooP 鏡像隔離契約 | Operator Console、Audit | mirror-only | 只隔離驗收失敗 payload、顯示 recovery request 與 retry gate;不作 runtime blocker |
security_mirror_dry_run_v1 |
AwoooP 鏡像 dry-run 報告契約 | Operator Console、Audit | mirror-only | 只回報接入演練結果;不得轉成 production ingestion |
security_mirror_status_rollup_v1 |
AwoooP 鏡像狀態彙整契約 | Operator Console、Runtime State、Audit | mirror-only | 只顯示階段狀態、下一個 gate 與禁止事項;不得視為 runtime authorization |
coding_task_v1 |
Code Review / Codex Security / manual review | Approval candidate、Channel Event、Audit | suggest-only | 不自動開 patch runner、不自動 merge |
source_control_migration_event_v1 |
Gitea/GitHub branch/tag/SHA diff | Supply-chain evidence、Approval candidate | mirror-only | 不觸發 deploy、不切換 primary |
gitea_repo_inventory_v1 |
Gitea org/user repo list 或管理匯出 | Supply-chain evidence、migration matrix | mirror-only | 不保存 token value、不刪除或停用 Gitea repo |
local_git_remote_inventory_v1 |
本機可見 Git working tree remote | Source-control coverage evidence、migration matrix | mirror-only | 不視為 Gitea server 全量、不修改 remote |
github_target_probe_v1 |
候選 GitHub repo read-only probe | Migration target evidence | mirror-only | not_found_or_private 不等同確認不存在 |
github_target_decision_v1 |
GitHub target 建立與可見性決策草案 | Approval candidate、Migration target evidence | mirror-only | approval 前不得建立 repo、修改 visibility、同步 refs |
github_target_repo_approval_package_v1 |
GitHub target 逐 repo approval package | Approval queue、Migration target evidence | mirror-only | 低摩擦,只 gate 高風險執行 |
source_control_approval_board_v1 |
逐 repo owner / visibility / canonical / refs 決策 board | Approval queue、PR reviewer handoff | approval-only | 只顯示決策隊列,不執行 board item |
source_control_reconcile_plan_v1 |
refs-blocked repo draft reconcile plan | Approval candidate、migration reviewer handoff | approval-only | 只顯示草案,不 push refs、不切 primary |
source_control_ref_detail_diff_v1 |
refs-blocked repo branch/tag 明細 diff | Migration reviewer evidence | mirror-only | 只顯示 diff,不 fetch、不 push、不刪 refs |
source_control_ref_truth_classification_v1 |
refs diff 真相來源與 deprecated 候選分類 | Repo owner review queue、migration reviewer handoff | approval-only | 只顯示分類與人工判定隊列,不執行 sync/delete |
local_repo_canonical_probe_v1 |
本機 working tree lineage 比對 | Canonical decision evidence | mirror-only | 不自動合併、不自動建 repo、不刪除 |
git_remote_refs_probe_v1 |
指定 repo remote refs read-only probe | Source readiness evidence | mirror-only | 不 fetch、不 push、不自動 mirror |
approval_required_event_v1 |
上述事件的高風險 gate | Approval queue、Audit | approval-only | blocked_until_approved=true |
security_rollout_policy_v1 |
低摩擦資安 rollout policy | Read-only policy、Operator Console | mirror-only | 初期 observe-first,不做 runtime enforcement |
security_supply_chain_contract_manifest_v1 |
Security Supply Chain 契約索引 | Contract registry、Operator Console | mirror-only | 只作路由索引,不作 execution router |
2. AwoooP 可以做的處理
| 處理 | 允許 | 說明 |
|---|---|---|
| Runtime State mirror | 是 | 儲存脫敏後摘要、狀態、風險等級、evidence ref |
| Channel Event | 是 | 發送資安 posture、遷移阻塞、approval pending 等通知 |
| Read-only policy | 是 | 計算建議,不改 firewall、RBAC、NetworkPolicy、secret、deploy |
| Approval candidate | 是 | 讓人審核是否批准下一步 |
| Audit evidence | 是 | 保存可追溯事件,不保存敏感原文 |
| Operator Console 顯示 | 是 | 初期只顯示,不提供高風險執行按鈕 |
3. 初期禁止動作
| 禁止動作 | 原因 |
|---|---|
| 直接啟動 Kali scan | 掃描強度與範圍需人工批准,避免誤傷內網服務 |
| 直接啟動 active DAST / credentialed scan | 會碰驗證狀態與服務負載,需 approval |
| 直接呼叫 Codex patch runner | coding 仍需 patch-only / human review gate |
| 自動 merge / auto deploy | 供應鏈與 production 風險太高 |
| 修改 secrets / RBAC / NetworkPolicy / firewall | 高風險不可逆或半不可逆變更 |
| 切換 GitHub primary / Gitea mirror 主控 | 目前 Gitea/GitHub branch、tag、main SHA 尚未對齊 |
| 刪除、停用、歸檔 Gitea repo | 需要完整 repo inventory 與人工確認 |
| 保存 raw secret / token / cookie / exploit payload | 違反 evidence 脫敏原則 |
4. 事件到處理模式對照
| 條件 | AwoooP recommended mode | 後續 |
|---|---|---|
| `security_finding_v1.severity=LOW | MEDIUM且confidence=LOW |
MEDIUM` |
| `security_finding_v1.severity=HIGH | CRITICAL` | approve_required |
kali_integration_status_v1.status=partial_runtime_health_integrated |
observe |
顯示 Kali 112 health、更新紀錄、缺口與 approval gates;不得直接掃描 |
kali_scan_scope_approval_v1.status=draft_waiting_approval |
approve_required |
顯示 Kali 112、111/168、核心主機、公開網站 scope 與 gate;不得執行 scan |
security_approval_queue_v1.status=draft |
approve_required |
顯示 8 個 queue items、review order 與 blocked reason;不得執行 item |
security_approval_gate_v1.mode=approval_gate_only |
approve_required |
顯示 8 個 gate items、批准範圍與 follow-up runtime gate;批准後不得自動執行 |
security_approval_decision_record_v1.mode=decision_record_only |
observe |
顯示人工決策紀錄;每筆紀錄都必須 execution_authorized=false |
security_approval_review_packet_v1.mode=approval_review_packet_only |
approve_required |
顯示 8 個 review packets、review lane 與 still forbidden;不得當成批准或執行授權 |
security_mirror_readiness_v1.status=draft |
observe |
顯示 30 個 contracts 的 readiness;不得把 readiness 當 execution authorization |
security_mirror_intake_plan_v1.status=draft |
observe |
顯示 5 個 intake waves 與 4 個 acceptance gates;不得執行 wave |
security_mirror_event_v1.execution_authorized=false |
observe |
只包裝鏡像 payload,明確不授權執行、不顯示執行按鈕 |
security_mirror_route_v1.status=draft |
observe |
顯示 5 個 route groups、channel policy 與 review lane;不得轉成 execution router |
security_mirror_acceptance_v1.status=draft |
observe |
顯示 7 個 acceptance checks;只可驗收鏡像資料,不得阻擋 runtime |
security_mirror_quarantine_v1.status=draft |
observe |
顯示 5 個 quarantine lanes、recovery request 與 retry gate;不得自動重試失敗 payload |
security_mirror_dry_run_v1.dry_run_status=contract_defined_not_executed |
observe |
顯示 6 個 dry-run steps;不得視為 production ingestion 已啟用 |
security_mirror_status_rollup_v1.rollup_status=framework_ready_waiting_approval |
observe |
顯示 S0-S4 階段、approval queue summary 與下一個 gate;不得新增 execution action |
| `coding_task_v1.risk=LOW | MEDIUM` | warn |
| `coding_task_v1.risk=HIGH | CRITICAL` | approve_required |
source_control_migration_event_v1.status=blocked |
observe |
顯示 blocking reason,不允許切 primary |
source_control_migration_event_v1.status=verified |
approve_required |
仍需人工批准主控切換 |
gitea_repo_inventory_v1.status=blocked |
observe |
補只讀 token 或管理匯出,不做同步 |
gitea_repo_inventory_v1.status=partial |
observe |
視為 public-only evidence,不做同步 |
gitea_repo_inventory_v1.status=ok |
warn |
進入 repo mapping / branch tag diff |
approval_required_event_v1.requested_action=run_gitea_readonly_inventory |
approve_required |
只允許 read-only token 或 redacted admin export,不保存 token value |
local_git_remote_inventory_v1.status=partial |
observe |
補 server-side inventory,不做主控切換 |
github_target_probe_v1.status=ok 且有 not_found_or_private |
observe |
補 GitHub target 決策,不自動建立 repo |
github_target_decision_v1.approval_required_count>0 |
approve_required |
產生 approval candidate,但不執行 repo 建立或 visibility 修改 |
github_target_repo_approval_package_v1.status=draft |
observe |
建立 approval queue draft,不阻擋 read-only evidence |
source_control_approval_board_v1.pending_approval_count>0 |
approve_required |
顯示逐 repo 決策隊列,不執行 repo 建立、visibility 修改、refs sync |
source_control_reconcile_plan_v1.status=draft_blocked |
approve_required |
只顯示 refs reconcile 草案與 gate,不執行 sync |
source_control_ref_detail_diff_v1.status=draft_blocked |
observe |
顯示 branch/tag 明細 diff,支援人工 review |
source_control_ref_truth_classification_v1.status=draft_blocked |
approve_required |
顯示 main/dev 真相來源、drift deprecated 候選、release / UAT tag review lane,不執行分類結果 |
local_repo_canonical_probe_v1.status=unrelated |
approve_required |
禁止自動合併,需人工 canonical 判定 |
git_remote_refs_probe_v1.status=ok |
observe |
可作 source evidence,但仍需 GitHub target 與 approval |
security_rollout_policy_v1.enforcement_level=mirror_only |
observe |
只顯示 policy,不阻擋既有流程 |
security_supply_chain_contract_manifest_v1.default_enforcement_level=mirror_only |
observe |
只載入契約索引,不新增執行入口 |
5. Evidence 脫敏要求
| 資料 | 保存方式 |
|---|---|
| repo URL | 移除 username、password、token |
| API token | 只保存 `token_present=true |
| secret 名稱 | 可保存名稱與 owner |
| secret value | 禁止保存 |
| exploit payload | 禁止保存 raw payload,只保存 redacted evidence ref |
| scan result | 保存 finding 摘要、severity、confidence、asset key |
| host IP | 內網資產可保存,但外部分享需改 asset key |
6. 目前可立即 mirror 的檔案
| 類型 | 檔案 |
|---|---|
| source control event snapshot | docs/security/gitea-github-awoooi-inventory.snapshot.json |
| source control event 人讀版 | docs/security/GITEA-GITHUB-MIGRATION-SNAPSHOT.md |
| clawbot-v5 source control snapshot | docs/security/source-control-clawbot-v5.snapshot.json / docs/security/SOURCE-CONTROL-CLAWBOT-V5-SNAPSHOT.md |
| wooo-aiops source control snapshot | docs/security/source-control-wooo-aiops.snapshot.json / docs/security/SOURCE-CONTROL-WOOO-AIOPS-SNAPSHOT.md |
| Gitea repo inventory snapshot | docs/security/gitea-repo-inventory.snapshot.json |
| Gitea repo inventory 人讀版 | docs/security/GITEA-REPO-INVENTORY-SNAPSHOT.md |
| Gitea org endpoint blocked snapshot | docs/security/gitea-org-repo-inventory-blocked.snapshot.json / docs/security/GITEA-ORG-REPO-INVENTORY-BLOCKED-SNAPSHOT.md |
| Gitea server-side inventory runbook | docs/security/GITEA-SERVER-SIDE-INVENTORY-RUNBOOK.md |
| Gitea read-only inventory approval package | docs/security/GITEA-READONLY-INVENTORY-APPROVAL-PACKAGE.md |
| Gitea read-only inventory approval snapshot | docs/security/gitea-readonly-inventory-approval.snapshot.json |
| Gitea admin export redaction checklist | docs/security/GITEA-ADMIN-EXPORT-REDACTION-CHECKLIST.md |
| Gitea public repo search snapshot | docs/security/gitea-public-repo-search.snapshot.json / docs/security/GITEA-PUBLIC-REPO-SEARCH-SNAPSHOT.md |
| 本機 Git remote inventory snapshot | docs/security/local-git-remote-inventory.snapshot.json |
| 本機 Git remote inventory 人讀版 | docs/security/LOCAL-GIT-REMOTE-INVENTORY-SNAPSHOT.md |
| Source Control 遷移矩陣 | docs/security/SOURCE-CONTROL-MIGRATION-MATRIX.md |
| Source Control Canonical Repo 判定表 | docs/security/SOURCE-CONTROL-CANONICAL-DECISION-TABLE.md |
| GitHub target probe snapshot | docs/security/github-target-probe.snapshot.json / docs/security/GITHUB-TARGET-PROBE-SNAPSHOT.md |
| GitHub target 決策 snapshot | docs/security/github-target-decision.snapshot.json / docs/security/GITHUB-TARGET-VISIBILITY-DECISION-TABLE.md |
| GitHub target repo approval package | docs/security/github-target-repo-approval-package.snapshot.json / docs/security/GITHUB-TARGET-REPO-APPROVAL-PACKAGE.md |
| Source Control approval board | docs/security/source-control-approval-board.snapshot.json / docs/security/SOURCE-CONTROL-APPROVAL-BOARD.md |
| Source Control draft reconcile plan | docs/security/source-control-reconcile-plan.snapshot.json / docs/security/SOURCE-CONTROL-RECONCILE-PLAN.md |
| Source Control branch/tag detail diff | docs/security/source-control-ref-detail-diff.snapshot.json / docs/security/SOURCE-CONTROL-REF-DETAIL-DIFF.md |
| Source Control ref truth classification | docs/security/source-control-ref-truth-classification.snapshot.json / docs/security/SOURCE-CONTROL-REF-TRUTH-CLASSIFICATION.md |
| Kali 112 integration status | docs/security/kali-integration-status.snapshot.json / docs/security/KALI-INTEGRATION-STATUS.md |
| Security finding contract | docs/security/security-finding-kali-sample.snapshot.json / docs/security/SECURITY-FINDING-CONTRACT.md |
| Kali scan scope approval package | docs/security/kali-scan-scope-approval.snapshot.json / docs/security/KALI-SCAN-SCOPE-APPROVAL-PACKAGE.md |
| Security approval queue | docs/security/security-approval-queue.snapshot.json / docs/security/SECURITY-APPROVAL-QUEUE.md |
| Security approval gate | docs/security/security-approval-gate.snapshot.json / docs/security/SECURITY-APPROVAL-GATE.md |
| Security approval decision record | docs/security/security-approval-decision-record.snapshot.json / docs/security/SECURITY-APPROVAL-DECISION-RECORD.md |
| Security approval review packet | docs/security/security-approval-review-packet.snapshot.json / docs/security/SECURITY-APPROVAL-REVIEW-PACKET.md |
| Security mirror readiness | docs/security/security-mirror-readiness.snapshot.json / docs/security/SECURITY-MIRROR-READINESS.md |
| Security mirror intake plan | docs/security/security-mirror-intake-plan.snapshot.json / docs/security/SECURITY-MIRROR-INTAKE-PLAN.md |
| 資安鏡像事件契約 | docs/security/security-mirror-event-sample.snapshot.json / docs/security/SECURITY-MIRROR-EVENT-CONTRACT.md |
| 資安鏡像路由矩陣 | docs/security/security-mirror-route.snapshot.json / docs/security/SECURITY-MIRROR-ROUTE.md |
| 資安鏡像驗收契約 | docs/security/security-mirror-acceptance.snapshot.json / docs/security/SECURITY-MIRROR-ACCEPTANCE.md |
| 資安鏡像隔離契約 | docs/security/security-mirror-quarantine.snapshot.json / docs/security/SECURITY-MIRROR-QUARANTINE.md |
| 資安鏡像 dry-run 報告契約 | docs/security/security-mirror-dry-run.snapshot.json / docs/security/SECURITY-MIRROR-DRY-RUN.md |
| 資安鏡像狀態彙整契約 | docs/security/security-mirror-status-rollup.snapshot.json / docs/security/SECURITY-MIRROR-STATUS-ROLLUP.md |
| 本機 repo canonical lineage snapshot | docs/security/local-repo-canonical-ewoooc-momo.snapshot.json / docs/security/LOCAL-REPO-CANONICAL-EWOOOC-MOMO-SNAPSHOT.md |
| Internal 110 refs snapshot | docs/security/git-remote-refs-bitan-tsenyang.snapshot.json / docs/security/GIT-REMOTE-REFS-BITAN-TSENYANG-SNAPSHOT.md |
| wooo-infra-config refs snapshot | docs/security/git-remote-refs-wooo-infra-config.snapshot.json / docs/security/GIT-REMOTE-REFS-WOOO-INFRA-CONFIG-SNAPSHOT.md |
| Gitea/GitHub migration inventory | docs/security/GITEA-GITHUB-MIGRATION-INVENTORY.md |
| AwoooP handoff | docs/security/AWOOOP-SECURITY-SUPPLYCHAIN-INTEGRATION-HANDOFF.md |
| 低摩擦資安 rollout policy | docs/security/SECURITY-LOW-FRICTION-ROLLOUT-POLICY.md / docs/security/security-rollout-policy.snapshot.json |
| Security Supply Chain contract manifest | docs/security/SECURITY-SUPPLY-CHAIN-CONTRACT-MANIFEST.md / docs/security/security-supply-chain-contract-manifest.snapshot.json |
7. 下一步
- AwoooP 主線先把本清單視為契約消費檢查清單。
- Security Supply Chain Session 補齊 Gitea 全量 repo inventory 的只讀 token 或管理匯出來源。
- AwoooP 只建立 mirror/read-only policy 入口,不新增 execution action。
- 任一方要把事件升級成實際執行,都必須先產出
approval_required_event_v1,並在security_approval_queue_v1中維持blocked_until_approved=true直到人工決策完成。