Files
awoooi/docs/security/HIGH-VALUE-CONFIG-CONTROL-COVERAGE.md
Your Name 1591969578
Some checks failed
Code Review / ai-code-review (push) Successful in 13s
CD Pipeline / tests (push) Successful in 1m38s
CD Pipeline / build-and-deploy (push) Successful in 5m32s
CD Pipeline / post-deploy-checks (push) Successful in 1m30s
Ansible / Reboot Recovery Contract / validate (push) Has been cancelled
fix(security): align alert guards with controlled apply
2026-06-26 19:30:49 +08:00

393 lines
68 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# IwoooS 高價值配置控管覆蓋矩陣
| 項目 | 內容 |
|------|------|
| 日期 | 2026-06-15 |
| 狀態 | `coverage_matrix_ready` |
| 工具 | `scripts/security/high-value-config-control-coverage.py` |
| Snapshot | `docs/security/high-value-config-control-coverage.snapshot.json` |
| Schema | `docs/schemas/high_value_config_control_coverage_v1.schema.json` |
| runtime gate | `0` |
## 1. 目的
此矩陣把「所有重要配置都要被資安控管」從人讀清冊推進成可重跑 snapshot。它直接讀取 `high-value-config-change-gate.py` 的配置分類,避免變更 Gate 與長期覆蓋清冊各自漂移。
本階段仍是只讀覆蓋矩陣,不接 blocking CI、不 SSH、不讀 live host、不執行 `nginx -t`、不 reload Nginx、不做 DNS / TLS probe、不 renew cert、不同步 refs、不修改 workflow、不收 secret value、不啟動 agent-bounty runtime。
## 1.1 2026-06-14 P0 pattern 覆蓋同步
本輪 snapshot 已從最新 `high-value-config-change-gate.py` 讀回 P0 pattern 補強:
| 類別 | 新增覆蓋 | 目前解讀 |
|------|----------|----------|
| `nginx_public_gateway` | `k8s/nginx/**` | K8s 內 Nginx 公開入口設定納入 P0 / C0 owner response 與 rollback 管控 |
| `dns_tls_certbot` | `scripts/ops/**/*cert*``scripts/ops/**/*tls*` | 憑證修復、renewal 與 TLS 腳本納入 P0 / C0 owner response 與維護窗口管控 |
此同步只修正長期覆蓋矩陣與變更 Gate 的一致性,不代表 live evidence 已收到,也不代表可執行 `nginx -t`、reload、certbot renew 或 DNS / TLS 變更。
## 1.1a 2026-06-24 exporter restore helper 覆蓋同步
`high-value-config-change-gate.py` 追加 `scripts/ops/**/*exporter*``monitoring_alerting_observability`,讓 `scripts/ops/188-nginx-exporter-restore.sh` 這類 exporter restore helper 進入 P1 / C1 owner response 與 monitoring evidence 管控。這次 snapshot 固定數字仍為 `categories=14``c0=8`、平均成熟度 `73%``runtime_gate=0`;變更只修正 path coverage不代表 owner response received / accepted、Prometheus reload、Alertmanager reload、host write、Docker action、route smoke、production write 或 runtime gate 已授權。
## 1.2 2026-06-14 K8s / ArgoCD manifest repo-only 清冊
已新增 `docs/security/K8S-ARGOCD-MANIFEST-INVENTORY.md``docs/security/k8s-argocd-manifest-inventory.snapshot.json`,將 `k8s/awoooi-prod``k8s/argocd``k8s/velero``k8s/monitoring` 轉成 repo-only manifest inventory。
目前固定為 `file_count=49``c0_file_count=36``yaml_manifest_file_count=45``unique_kind_count=20``top_level_kind_marker_count=56``blocked_action_count=13``runtime_gate_count=0`。此 artifact 只補上 K8s / ArgoCD source inventory 的可重跑基線owner request、rendered manifest diff、ArgoCD health readback、ArgoCD sync、kubectl action、live cluster read 與 production write 仍全部未授權。
2026-06-14 P0-21 再新增 `docs/security/K8S-ARGOCD-OWNER-REQUEST-DRAFT.md``docs/security/k8s-argocd-owner-request-draft.snapshot.json`,將四個 scan group 轉成 `request_draft_count=4``c0_request_draft_count=3``required_owner_field_count=11``evidence_gap_count=8``blocked_action_count=13` 的 request draft。此更新仍不是 request sent、owner response received / accepted、ArgoCD readback、sync、kubectl action 或 runtime gate。
2026-06-15 P0-25 再新增 `docs/security/K8S-ARGOCD-OWNER-RESPONSE-ACCEPTANCE.md``docs/security/k8s-argocd-owner-response-acceptance.snapshot.json`,將 manifest inventory 與 owner request draft 轉成 `acceptance_candidate_count=4``c0_acceptance_candidate_count=3``required_owner_field_count=11``reviewer_check_count=12``outcome_lane_count=7``blocked_action_count=18` 的 owner response acceptance 只讀帳本。此更新讓 `k8s_production_gitops``58%` 推進到 `62%`owner response received / accepted、rendered manifest diff、ArgoCD API read、ArgoCD sync、kubectl action、live cluster read、secret collection、runtime gate 與 action button 仍全部為 `0 / false`
2026-06-15 再新增 `docs/security/K8S-ARGOCD-CHANGE-EVIDENCE-ACCEPTANCE.md``docs/security/k8s-argocd-change-evidence-acceptance.snapshot.json`,將四個 K8s / ArgoCD scan group 轉成 GitOps 變更證據驗收只讀帳本。固定 `change_evidence_candidate_count=4``c0_change_evidence_candidate_count=3``write_capable_candidate_count=4``required_evidence_field_count=18``reviewer_check_count=18``outcome_lane_count=8``blocked_action_count=28`,讓 `k8s_production_gitops``62%` 推進到 `64%`proposed commit、rendered manifest diff、ArgoCD app / sync revision、health before / after、rollout status、route smoke、metrics / alert、secret metadata parity、blast radius、maintenance window、rollback revision、postcheck owner、runtime approval package、ArgoCD sync、kubectl action、Helm upgrade、NetworkPolicy / NodePort / RBAC 變更、production write 與 runtime gate 仍全部為 `0 / false`
2026-06-15 再新增 `docs/security/K8S-ARGOCD-POST-INCIDENT-READBACK-PLAN.md``docs/security/k8s-argocd-post-incident-readback-plan.snapshot.json`,把同一批 `awoooi_prod``argocd``velero``monitoring` 轉成事故後回讀計畫。固定 `readback_candidate_count=4``c0_readback_candidate_count=3``c1_readback_candidate_count=1``write_capable_readback_candidate_count=4``required_readback_field_count=31``reviewer_check_count=28``outcome_lane_count=10``blocked_action_count=41`,讓 `k8s_production_gitops``64%` 推進到 `66%`,高價值配置平均維持 `71%`,需 live evidence 類別仍為 `9`。此更新只補上 ArgoCD health / sync、Degraded / Pending、image pull / scheduling、rollout 前後、event / metrics / alert、drift scanner、CronJob、NetworkPolicy / RBAC / Secret metadata、public/admin route、AI provider / monitoring、backup / restore、跨專案同步、postcheck、防再發與 no-false-green 的脫敏回讀欄位post-incident readback received / accepted、ArgoCD API read、ArgoCD sync、live cluster read、kubectl、Helm、NetworkPolicy / NodePort / RBAC 變更、secret value collection、route smoke、production write、runtime gate 與 action button 仍全部為 `0 / false`
## 1.2a 2026-06-15 CD / Runner / Secret 注入變更證據驗收
已新增 `docs/security/CD-RUNNER-SECRET-INJECTION-CHANGE-EVIDENCE-ACCEPTANCE.md``docs/security/cd-runner-secret-injection-change-evidence-acceptance.snapshot.json`,將 CD pipeline、Code Review、Deploy alerts、Runner attestation 與 Secret parity / injection owner 轉成 metadata-only 變更證據驗收帳本。
固定數字為 `change_evidence_candidate_count=5``c0_change_evidence_candidate_count=4``c1_change_evidence_candidate_count=1``write_capable_candidate_count=5``local_workflow_file_count=33``local_referenced_secret_name_count=42``runner_label_count=5``required_evidence_field_count=19``reviewer_check_count=19``outcome_lane_count=8``blocked_action_count=32`。此更新讓 `secret_metadata``66%` 推進到 `68%`,讓 `gitea_workflow_runner_source_control``70%` 推進到 `72%`workflow diff、runner attestation、secret name parity、secret injection route、deploy marker readback、guard result、post-check evidence、runtime approval package、workflow 修改、runner 啟用、secret rotation、repo secret change、Gitea action dispatch、production deploy 與 runtime gate 仍全部為 `0 / false`
2026-06-16 再新增 `docs/security/CD-RUNNER-SECRET-INJECTION-POST-INCIDENT-READBACK-PLAN.md``docs/security/cd-runner-secret-injection-post-incident-readback-plan.snapshot.json`,將同一批 CD pipeline、Code Review、Deploy alerts、Runner attestation 與 Secret parity / injection owner 轉成事故後回讀計畫。固定 `readback_candidate_count=5``c0_readback_candidate_count=4``c1_readback_candidate_count=1``write_capable_readback_candidate_count=5``required_readback_field_count=33``reviewer_check_count=30``outcome_lane_count=11``blocked_action_count=52`,讓 `secret_metadata``68%` 推進到 `70%`,讓 `gitea_workflow_runner_source_control``72%` 推進到 `74%`,高價值配置平均維持 `71%`,需 live evidence 類別仍為 `9`。此更新只補上 actor、時間窗、workflow diff state、runner executor / host、workspace cleanup、permission scope、secret name parity、secret injection route、step-env secret guard、log redaction、deploy marker / Gitea run、webhook / notification receipt、before / after deploy state、跨專案同步、rollback、post-check、防再發與 no-false-green 的脫敏回讀欄位post-incident readback received / accepted、workflow 修改、dispatch、runner 變更、repo secret 變更、secret value collection、secret injection change、webhook / deploy key / branch protection / CODEOWNERS 變更、Gitea action dispatch、K8s secret injection、ArgoCD sync、production deploy、runtime gate 與 action button 仍全部為 `0 / false`
2026-06-18 再新增 `docs/security/TELEGRAM-NOTIFICATION-EGRESS-INVENTORY.md``docs/security/telegram-notification-egress-inventory.snapshot.json`,把 repo 內 direct Telegram Bot API `sendMessage` 旁路固定成 notification egress 清冊。固定 `direct_bot_api_call_count=18``direct_bot_api_file_count=11`、workflow `13`、ops script `4`、API direct `1``gateway_normalized_callsite_count=56``gateway_final_exit_formatter_present_count=1``required_owner_field_count=18``reviewer_check_count=14``outcome_lane_count=9``blocked_action_count=22`。此更新只表示旁路已可重跑盤點owner response、formatter convergence accepted、delivery receipt accepted、workflow / script modification、Telegram send、Bot API call、secret collection、production write、runtime gate 與 action button 仍全部為 `0 / false`
同日再新增 `docs/security/TELEGRAM-NOTIFICATION-EGRESS-OWNER-REQUEST-DRAFT.md``docs/security/telegram-notification-egress-owner-request-draft.snapshot.json`,將 11 個 direct egress 檔案轉成人工送件前草稿。固定 `request_draft_count=11`、workflow `6`、ops script `4`、API direct `1``required_owner_field_count=19``preflight_check_count=16``outcome_lane_count=9``forbidden_payload_count=14``blocked_action_count=26`request sent、recipient confirmed、owner response accepted、formatter convergence accepted、Telegram send、Bot API call、workflow / script modification、API sender refactor、secret collection、production write、runtime gate 與 action button 仍全部為 `0 / false`
同日再新增 `docs/security/TELEGRAM-NOTIFICATION-EGRESS-MIGRATION-PLAN-DRAFT.md``docs/security/telegram-notification-egress-migration-plan-draft.snapshot.json`,將 11 份草稿排成三個 no-runtime 遷移波次。固定 `migration_candidate_count=11`、workflow `6`、ops script `4`、API direct `1``proposed_wave_count=3``reviewer_check_count=15``blocked_action_count=21`owner response、migration authorized、workflow / script modification、API sender refactor、Telegram send、Bot API call、secret collection、production write、runtime gate 與 action button 仍全部為 `0 / false`
2026-06-19 再新增 `docs/security/TELEGRAM-NOTIFICATION-EGRESS-NO-NEW-BYPASS-GUARD.md``docs/security/telegram-notification-egress-no-new-bypass-guard.snapshot.json`,把既有 18 個 direct send 固定為 no-new-bypass baseline。固定 `guarded_method_count=9``current_direct_bot_api_call_count=18``new_bypass_count=0``sendDocument_call_count=0``sendPhoto_call_count=0``sendMediaGroup_call_count=0``runtime_gate_count=0`。這是 repo source 防新增旁路 guard不代表既有 direct send 已收斂。
同日再新增 `docs/security/TELEGRAM-NOTIFICATION-EGRESS-OWNER-RESPONSE-ACCEPTANCE.md``docs/security/telegram-notification-egress-owner-response-acceptance.snapshot.json`,把 11 份 direct egress 檔案轉成 owner response acceptance 候選。2026-06-19 已補 `message_readability_guard_ref`,固定指向 `docs/security/telegram-alert-readability-guard.snapshot.json`,避免 direct egress 遷移審查繞過告警卡片化、脫敏、`runtime_write_gate=controlled` 事件卡語意與 no-false-greenTelegram send、Bot API call、production write、runtime gate 與 action button 仍全部維持 `0 / false`。固定 `acceptance_candidate_count=11`、workflow `6`、ops script `4`、API direct `1``acceptance_field_count=33``required_owner_field_count=19``reviewer_check_count=23``outcome_lane_count=10``blocked_action_count=35`owner response received / accepted、formatter convergence accepted、redaction contract accepted、delivery receipt accepted、migration authorized、workflow / script / API sender modification、Telegram send、Bot API call、secret collection、production write、runtime gate 與 action button 仍全部為 `0 / false`
同日再新增 `docs/security/TELEGRAM-ALERT-READABILITY-GUARD.md``docs/security/telegram-alert-readability-guard.snapshot.json``scripts/security/telegram-alert-readability-guard.py`,把 Telegram 告警最後出口可讀性固定成可重跑 guard。固定 `source_formatter_marker_count=11``final_exit_contract_count=3``test_contract_count=11``ai_signal_lane_count=7``host_resource_lane_count=6``blocked_raw_output_marker_count=12``required_output_marker_count=7`。此更新鎖住 Host CPU / root Node.js / Prisma / Next build、Wazuh、Kali、Nginx drift、backup / restore、provider freshness 與 supply-chain 類訊號必須轉成 AI 事件卡,且不得把 process list、raw JSON、內網 IP、完整路徑、URL、token 或 raw Wazuh / Nginx path 直接送進 Telegram但 Telegram send、Bot API call、delivery receipt、direct egress migration、workflow / script / API sender 修改、production write、runtime gate 與 action button 仍全部為 `0 / false`
## 1.2c 2026-06-18 Backup / Restore / Escrow 事故後回讀計畫
已新增 `docs/security/BACKUP-RESTORE-POST-INCIDENT-READBACK-PLAN.md``docs/security/backup-restore-post-incident-readback-plan.snapshot.json`,將 38 個 backup / restore / escrow / retention surface 轉成事故後回讀計畫。固定 `readback_candidate_count=38``write_capable_readback_candidate_count=27``live_evidence_required_readback_candidate_count=38``restore_drill_readback_required_candidate_count=38``offsite_or_escrow_readback_required_candidate_count=20``retention_or_remote_delete_readback_required_candidate_count=17``required_readback_field_count=34``reviewer_check_count=32``outcome_lane_count=11``blocked_action_count=51`,讓 `backup_restore_credential``64%` 推進到 `66%`,高價值配置平均維持 `71%`,需 live evidence 類別仍為 `9`
此更新只補上 actor、時間窗、改前改後 freshness、backup status readback、restore drill、隔離 restore target、offsite sync、remote delete guard、credential escrow non-secret proof、credential recovery metadata、retention runway、retention / prune decision、dependency map、data classification、restore observer、alert textfile、cold-start scorecard、cross-project sync、rollback、post-change monitoring、防再發與 no-false-green 的脫敏回讀欄位post-incident readback received / accepted、backup run、restore run、offsite sync、remote delete、credential escrow marker write、retention change、restic prune、rclone config、Velero、kubectl、SSH、secret value collection、production write、runtime gate 與 action button 仍全部為 `0 / false`
## 1.2b 2026-06-15 Public / Admin / API runtime config 變更證據驗收
已新增 `docs/security/PUBLIC-RUNTIME-CONFIG-CHANGE-EVIDENCE-ACCEPTANCE.md``docs/security/public-runtime-config-change-evidence-acceptance.snapshot.json`將公開產品頁、AwoooP 後台、API / CORS、frontend env、Sentry tunnel、webhook / callback 與跨產品 runtime route 轉成 metadata-only 變更證據驗收帳本。
固定數字為 `change_evidence_candidate_count=6``c0_change_evidence_candidate_count=5``c1_change_evidence_candidate_count=1``write_capable_candidate_count=6``source_ref_count=20``required_evidence_field_count=21``reviewer_check_count=21``outcome_lane_count=8``blocked_action_count=32`。此更新讓 `public_admin_api_runtime_config``62%` 推進到 `64%`,但 affected route、admin/auth boundary、API contract readback、CORS diff、frontend env diff、i18n redaction review、webhook / callback owner、desktop / mobile smoke、sensitive string scan、post-check evidence、runtime approval package、route / CORS / env / auth / webhook 變更、production deploy 與 runtime gate 仍全部為 `0 / false`
此帳本明確把 raw owner namespace、repo slug、內部狀態碼、內部協作文字、cookie、token、secret value、DSN value、raw payload 與未脫敏截圖列為拒收或隔離條件。前台可以顯示產品 / 專案脫敏名稱與控管狀態,但不得顯示個人 namespace、內部狀態碼、內部協作內容或抱怨語句。
2026-06-15 再新增 `docs/security/public-frontend-sensitive-surface-guard.snapshot.json`,並將 `scripts/security/public-frontend-env-guard.py` 擴充為前台 source / messages 敏感資訊防洩漏 guard。2026-06-18 新增 Wazuh read-only API code path 後,固定 `public_surface_file_count=226``forbidden_pattern_count=12``allowlisted_match_count=2``violation_count=0``env_violation_count=0``runtime_gate_count=0`。此更新讓 `public_admin_api_runtime_config``64%` 推進到 `66%`,高價值配置平均只讀成熟度從 `69%` 推進到 `70%`;但 production bundle scan、desktop / mobile production smoke accepted、owner response、route / CORS / env / auth / webhook 變更、frontend / API deploy、production deploy 與 runtime gate 仍全部為 `0 / false`
## 1.3 2026-06-14 agent-bounty-protocol owner request draft
已新增 `docs/security/AGENT-BOUNTY-OWNER-REQUEST-DRAFT.md``docs/security/agent-bounty-owner-request-draft.snapshot.json`,將 `agent-bounty-protocol` onboarding handoff 轉成 11 份 owner request draft。
固定數字為 `request_draft_count=11``control_boundary_request_count=4``product_surface_request_count=7``write_capable_request_draft_count=8``treasury_related_request_draft_count=4``mcp_a2a_related_request_draft_count=5``required_owner_field_count=22``forbidden_input_count=25``blocked_action_count=28``runtime_gate_count=0`。此更新不提高 `agent_bounty_protocol_runtime` 成熟度,仍維持 `68%`owner response、repo / refs truth、deployment boundary、MCP / A2A boundary、treasury boundary、claim / submit、payout / withdrawal、cron / daemon、runtime gate 與 action button 仍全部為 `0 / false`
## 1.4 2026-06-14 Public Gateway owner response acceptance 只讀帳本
已新增 `docs/security/PUBLIC-GATEWAY-OWNER-RESPONSE-ACCEPTANCE.md``docs/security/public-gateway-owner-response-acceptance.snapshot.json`,將 Public Gateway live conf 匯出請求、redacted export 收件預檢與 rendered diff / `nginx -t` gate 草稿串成 owner response acceptance 只讀帳本。
固定數字為 `acceptance_candidate_count=3``c0_acceptance_candidate_count=2``c1_acceptance_candidate_count=1``acceptance_field_count=33``required_owner_response_field_count=22``reviewer_check_count=22``outcome_lane_count=8``blocked_action_count=28``owner_response_received_count=0``owner_response_accepted_count=0``runtime_gate_count=0`。2026-06-15 已補手動 / 緊急 gateway 變更 metadata gate要求 change actor/source、change time window、cross-project impact、communication sync、change intent / ticket、pre-change approval 或 break-glass reason、route health impact、rollback validation 與 post-change monitoring window 的脫敏 ref此更新讓 `nginx_public_gateway``88%` 推進到 `90%`,因為亂改 Nginx 後不再只看 owner 口頭回覆,而會要求事前意圖或事後 break-glass、健康影響、回滾驗證與監控窗口。不過 live conf、rendered diff、`nginx -t`、reload、route smoke、DNS / TLS probe、certbot renew、maintenance window、rollback owner、runtime gate 與 action button 仍全部為 `0 / false`
2026-06-14 再新增 `docs/security/PUBLIC-GATEWAY-RENDERED-DIFF-ACCEPTANCE.md``docs/security/public-gateway-rendered-diff-acceptance.snapshot.json`,把 owner response acceptance 後的 rendered diff evidence、owner-provided `nginx -t` readback、route smoke evidence、TLS / ACME impact、maintenance window、rollback owner 與 post-check evidence 轉成只讀驗收帳本。
固定數字為 `diff_acceptance_candidate_count=3``c0_diff_acceptance_candidate_count=2``c1_diff_acceptance_candidate_count=1``diff_acceptance_field_count=25``required_evidence_field_count=14``reviewer_check_count=15``outcome_lane_count=8``blocked_action_count=22``rendered_diff_accepted_count=0``nginx_test_evidence_accepted_count=0``route_smoke_result_accepted_count=0``runtime_gate_count=0`。此更新只讓 `nginx_public_gateway``86%` 推進到 `88%`owner response accepted、redacted live conf accepted、rendered diff accepted、`nginx -t`、reload、route smoke、DNS / TLS probe、certbot renew、production write、runtime gate 與 action button 仍全部為 `0 / false`
2026-06-15 再新增 `docs/security/PUBLIC-GATEWAY-POST-INCIDENT-READBACK-PLAN.md``docs/security/public-gateway-post-incident-readback-plan.snapshot.json`,把同一批三份 Public Gateway config 轉成 Nginx / gateway 事故後回讀計畫。固定 `readback_candidate_count=3``c0_readback_candidate_count=2``c1_readback_candidate_count=1``write_capable_readback_candidate_count=3``required_readback_field_count=30``reviewer_check_count=28``outcome_lane_count=10``blocked_action_count=41`,讓 `nginx_public_gateway``90%` 推進到 `92%`,高價值配置平均維持 `71%`,需 live evidence 類別仍為 `9`。此更新只補上 actor、變更時間窗、change intent / break-glass、改前改後 route、source-to-live diff、`nginx -t` readback、reload / no-reload、route smoke、TLS / ACME、WebSocket、upstream、AI provider、monitoring、跨專案同步、回滾、防再發與 no-false-green 的脫敏回讀欄位readback received / accepted、live conf read、`nginx -t`、reload、route smoke、DNS / TLS probe、certbot renew、host write、runtime gate 與 action button 仍全部為 `0 / false`
## 1.5 2026-06-14 DNS / TLS / certbot owner response acceptance 只讀帳本
已新增 `docs/security/DOMAIN-TLS-CERTBOT-OWNER-RESPONSE-ACCEPTANCE.md``docs/security/domain-tls-certbot-owner-response-acceptance.snapshot.json`,將 4 份 DNS / TLS / certbot owner confirmation request 轉成 metadata-only owner response acceptance 只讀帳本。
固定數字為 `acceptance_candidate_count=4``c0_acceptance_candidate_count=4``acceptance_field_count=23``required_owner_response_field_count=13``reviewer_check_count=13``outcome_lane_count=7``blocked_action_count=20``owner_response_received_count=0``owner_response_accepted_count=0``certificate_coverage_confirmed_count=0``dns_query_authorized_count=0``live_tls_probe_authorized_count=0``certbot_renew_authorized_count=0``nginx_reload_authorized_count=0``route_smoke_authorized_count=0``runtime_gate_count=0`。此更新讓 `dns_tls_certbot``74%` 推進到 `78%`,代表未來 owner 回覆可被補件、隔離、拒收或送 reviewer review它不代表 DNS query、TLS probe、certbot renew、Nginx reload、route smoke、host write 或 runtime gate 已授權。
## 1.6 2026-06-14 Docker / systemd / host service owner response acceptance 只讀帳本
已新增 `docs/security/HOST-SERVICE-OWNER-RESPONSE-ACCEPTANCE.md``docs/security/host-service-owner-response-acceptance.snapshot.json`,將 9 份 Docker / systemd / host service owner request draft 轉成 metadata-only owner response acceptance 只讀帳本。
固定數字為 `acceptance_candidate_count=9``write_capable_acceptance_candidate_count=3``live_evidence_required_candidate_count=8``acceptance_field_count=34``required_owner_field_count=18``reviewer_check_count=21``outcome_lane_count=8``blocked_action_count=27``owner_response_received_count=0``owner_response_accepted_count=0``live_host_read_authorized_count=0``docker_compose_action_authorized_count=0``systemctl_action_authorized_count=0``repair_bot_execution_authorized_count=0``ansible_apply_authorized_count=0``runtime_gate_count=0`。此更新讓 `docker_compose_systemd_host_config``54%` 推進到 `58%`;它不代表 live host read、restart、repair-bot、Ansible、sudo、host write 或 runtime gate 已授權。
2026-06-15 再新增 `docs/security/HOST-SERVICE-CHANGE-EVIDENCE-ACCEPTANCE.md``docs/security/host-service-change-evidence-acceptance.snapshot.json`,將 9 個 Docker / systemd / host service surface 轉成變更 / 事故證據驗收只讀帳本。固定 `change_evidence_candidate_count=9``write_capable_change_evidence_candidate_count=3``live_evidence_required_candidate_count=8``change_evidence_field_count=45``required_evidence_field_count=25``reviewer_check_count=26``outcome_lane_count=10``blocked_action_count=39`,讓 `docker_compose_systemd_host_config``58%` 推進到 `62%`。此帳本補齊重啟 actor、before / after service state、Docker daemon state、compose / systemd state、failed unit review、port binding、dependency、cold-start、route recovery、operator notification、cross-project sync 與 no-false-green service healthchange evidence、owner response、live host read、Docker / systemd、repair-bot、Ansible、route smoke、host write、runtime gate 與 action button 仍全部為 `0 / false`
## 1.7 2026-06-15 端口 / 防火牆變更證據驗收只讀帳本
已新增 `docs/security/PORT-FIREWALL-CHANGE-EVIDENCE-ACCEPTANCE.md``docs/security/port-firewall-change-evidence-acceptance.snapshot.json`,將 SSH / Firewall / Network Access owner response acceptance 裡的端口、防火牆、NodePort、NetworkPolicy、WireGuard、deploy SSH、sudo 與 alert action surface 轉成 change evidence acceptance 只讀帳本。
固定數字為 `change_evidence_candidate_count=14``write_capable_change_evidence_candidate_count=6``policy_or_exposure_candidate_count=5``change_evidence_field_count=40``required_evidence_field_count=21``reviewer_check_count=21``outcome_lane_count=9``blocked_action_count=28``change_evidence_received_count=0``change_evidence_accepted_count=0``service_health_impact_accepted_count=0``operator_notification_accepted_count=0``firewall_change_authorized_count=0``port_close_authorized_count=0``port_open_authorized_count=0``runtime_gate_count=0`。此更新讓 `ssh_firewall_network_access``58%` 推進到 `62%`;它補齊端口 / 防火牆變更與事故回補的 actor、before / after state、service dependency、customer impact、service health impact、operator notification、cross-project sync、rollback 與 post-check evidence 驗收規則,不代表 SSH、live firewall read、firewall change、port close / open、route smoke、host restart、production write 或 runtime gate 已授權。
2026-06-15 再新增 `docs/security/SSH-NETWORK-POST-INCIDENT-READBACK-PLAN.md``docs/security/ssh-network-post-incident-readback-plan.snapshot.json`,把同一批端口 / 防火牆 / NodePort / NetworkPolicy / WireGuard / deploy SSH / sudo / alert action surface 補成事故後回讀計畫。固定 `readback_candidate_count=14``write_capable_readback_candidate_count=6``policy_or_exposure_readback_candidate_count=5``required_readback_field_count=24``reviewer_check_count=24``outcome_lane_count=10``blocked_action_count=34`,並要求 actor attribution、before / after state、service / public route / AI provider / monitoring impact、operator notification、cross-project sync、restoration evidence、post-check、recurrence guard 與 no-false-green attestation。此更新讓 `ssh_firewall_network_access``62%` 推進到 `64%`;但 post-incident readback received / accepted、actor attribution accepted、before / after accepted、impact accepted、notification accepted、cross-project sync accepted、restoration accepted、recurrence guard accepted、runtime gate 與 action button 仍全部為 `0 / false`
## 1.7a 2026-06-15 AI provider / model routing owner response acceptance 只讀帳本
已新增 `docs/security/AI-PROVIDER-OWNER-RESPONSE-ACCEPTANCE.md``docs/security/ai-provider-owner-response-acceptance.snapshot.json`,將 AI router provider policy、Ollama proxy gateway、fallback order / circuit breaker、cost budget / quota、privacy / data egress、benchmark / dry-run、model card / version inventory 與 agent replacement candidate boundary 轉成 metadata-only owner response acceptance 帳本。
固定數字為 `acceptance_candidate_count=8``write_capable_acceptance_candidate_count=5``paid_provider_related_candidate_count=5``data_egress_candidate_count=6``live_evidence_required_candidate_count=6``acceptance_field_count=37``required_owner_field_count=24``reviewer_check_count=24``outcome_lane_count=10``blocked_action_count=38`。此更新讓 `ai_provider_model_routing``60%` 推進到 `64%`provider owner、fallback order、dry-run、benchmark、cost review、privacy review、data classification、prompt redaction、secret handling、quota budget、quality gate、rollback owner、post-check evidence、owner response received / accepted、provider switch、external provider call、paid provider call、prompt send、live endpoint probe、secret value collection、runtime gate 與 action button 仍全部為 `0 / false`
## 1.8 2026-06-15 高價值配置集中 Guard
已新增 `docs/security/IWOOOS-CONFIG-CONTROL-GUARD.md``scripts/security/iwooos-config-control-guard.py`,把 14 類高價值配置、C0 類別、evidence refs、owner response / change evidence 帳本、supply-chain contract manifest 與 `0 / false` 邊界串成集中驗證。
此 guard 已由 `security-mirror-progress-guard.py` 呼叫。後續只要跑主進度 guard就會同步檢查 Nginx、DNS / TLS、K8s / ArgoCD、Secrets / runner、Public runtime、SSH / firewall、Backup / DR、Monitoring、agent-bounty-protocol 與 supply-chain contract 的 repo snapshot 基線。
此更新只讓「配置控管集中驗證」從 `0%` 推進到 `100%`owner response 收件、live evidence、Nginx reload、firewall change、workflow / runner / secret 變更、backup / restore、active scan、agent-bounty runtime 與 production deploy 仍全部維持 `0 / false`
## 1.9 2026-06-18 Wazuh / 主機入侵 readback 接入
已新增 `docs/security/WAZUH-IWOOOS-INTRUSION-READBACK-PLAN.md``docs/security/wazuh-iwooos-intrusion-readback-plan.snapshot.json``scripts/security/wazuh-iwooos-intrusion-readback-plan.py``apps/web/src/app/api/iwooos/wazuh/route.ts`
此接入承認 Wazuh 已建置,但不把平台存在誤判成事件已驗收。固定 `readback_candidate_count=6``c0_readback_candidate_count=6``affected_host_alias_count=2``wazuh_event_required_candidate_count=5``host_forensics_required_candidate_count=5``required_readback_field_count=30``reviewer_check_count=24``outcome_lane_count=12``blocked_action_count=49`。此更新讓 `monitoring_alerting_observability``70%` 推進到 `72%`,高價值配置平均由 `71%` 推進到 `72%`,需 live evidence 類別仍為 `9`
此 artifact 明確拒收硬編碼 Wazuh URL / 使用者 / 密碼、關閉 TLS 驗證、raw Wazuh payload、raw log、private key、runner token、外部 Agent 口頭宣稱、agent active 當結案、route `200` 當恢復,以及任何未經批准的 active response、host write、firewall drop、process kill、runner / workflow / secret 變更。Wazuh event refs、host forensic refs、containment decision、recovery proof、postcheck、recurrence guard、read-only API enabled、active response、host write、runtime gate 與 action button 仍全部為 `0`
## 1.10 2026-06-18 外部入侵主機防堵控制矩陣
已新增 `docs/security/EXTERNAL-HOST-INTRUSION-PREVENTION-CONTROL.md``docs/security/external-host-intrusion-prevention-control.snapshot.json``scripts/security/external-host-intrusion-prevention-control.py`把公開入口、SSH、端口、防火牆、Nginx、runner、secret、Docker / systemd、K8s、Wazuh、套件更新、backup / restore、監控與跨專案同步收斂成同一張 P0 防堵矩陣。
固定 `prevention_domain_count=12``control_candidate_count=14``c0_control_candidate_count=10``host_alias_count=4``sensor_alias_count=1``required_owner_field_count=36``reviewer_check_count=34``outcome_lane_count=12``blocked_action_count=82`。此更新讓 `docker_compose_systemd_host_config``64%` 推進到 `68%``ssh_firewall_network_access``64%` 推進到 `70%``monitoring_alerting_observability``72%` 推進到 `74%`;高價值配置平均仍為 `72%`,因為 headline 與 runtime gate 不因框架補強而假性提高。
此 artifact 只建立防堵控制、拒收條件與 owner packet 欄位owner response、evidence refs、prevention control accepted、containment decision、maintenance window、rollback plan、postcheck、Wazuh active response、host write、firewall change、Nginx reload、package upgrade、active scan、production write、runtime gate 與 action button 仍全部為 `0 / false`
## 1.11 2026-06-18 SOC / SIEM / Kali 112 / Wazuh 整合控制
已新增 `docs/security/SOC-SIEM-KALI-WAZUH-INTEGRATION-CONTROL.md``docs/security/soc-siem-kali-wazuh-integration-control.snapshot.json``scripts/security/soc-siem-kali-wazuh-integration-control.py`,把 Wazuh、Kali 112、Prometheus / Alertmanager、SigNoz、Sentry、Nginx / gateway、host forensic、Docker / systemd、K8s / ArgoCD、Gitea / runner、Harbor / SBOM、backup / DR 收斂成 SOC / SIEM 只讀控制矩陣。
固定 `standard_framework_count=14``operating_role_count=9``incident_lifecycle_stage_count=8``maturity_stage_count=7``validation_gate_count=18``control_domain_count=16``signal_source_count=12``control_candidate_count=20``c0_control_candidate_count=12``required_owner_field_count=42``reviewer_check_count=36``outcome_lane_count=14``blocked_action_count=103`。此更新導入 NIST CSF 2.0、NIST SP 800-61 Rev. 3、CIS Controls v8.1、CISA Zero Trust / KEV、MITRE ATT&CK / D3FEND、OWASP ASVS / SAMM、Wazuh XDR / SIEM、Wazuh Active Response 能力模型、Prometheus Alertmanager、OpenTelemetry、SLSA / Sigstore / SBOM、Suricata / Zeek 與 Kali tooling 映射,讓 `monitoring_alerting_observability` 維持 `78%``security_evidence_tooling` 維持 `88%`;高價值配置平均只讀成熟度仍維持 `73%`,避免因制度補強而假性提高 runtime 完成度。
此 artifact 只代表 SOC 控制面、證據欄位、拒收條件與前台 marker 已建立Wazuh event refs、Kali scope / finding envelope、SIEM correlation rule、alert route、incident case、forensic evidence、owner response、active response、Kali active scan、Kali `/execute`、Prometheus / Alertmanager reload、Telegram 實發、SOAR case、auto block、runtime gate 與 action button 仍全部為 `0 / false`
## 2. 覆蓋摘要
| 指標 | 目前值 | 說明 |
|------|--------|------|
| 註冊配置類別 | `14` | 全部來自高價值配置 Gate 的 CATEGORIES |
| C0 類別 | `8` | Nginx、DNS / TLS、K8s、secret、workflow / runner、runtime config、backup、agent-bounty runtime |
| C1 類別 | `4` | 監控、Docker / systemd、SSH / network、AI provider |
| C2 類別 | `1` | 產品 runtime route 與跨產品邊界 |
| C3 類別 | `1` | security evidence / snapshot / guard tooling |
| 平均只讀控管成熟度 | `73%` | 僅代表框架 / evidence / owner packet / acceptance ledger / source guard / post-incident readback / 防堵控制矩陣 / SOC 整合控制準備度,不代表 runtime 可執行 |
| 需要 live / owner evidence 的類別 | `10` | 只能等 owner-provided redacted evidence 或維護窗口,不主動修改 workflow、secret、runner、route、CORS、env、備份或主機 |
| owner response required | `14` | 每類都需要 owner response 才能往 accepted 前進 |
| owner response received / accepted | `0 / 0` | 不得假性提高 |
| runtime gate | `0` | 不得產生執行按鈕 |
## 3. 低成熟與高風險追蹤優先順序
| 優先 | 類別 | 目前成熟度 | 下一步 |
|------|------|------------|--------|
| P1-1 | Docker Compose / systemd / host service config | `68%` | repo-only 清冊、owner response acceptance、host service change evidence acceptance、post-incident readback plan 與外部入侵防堵矩陣已納入;主機 runtime、process、port binding、package、persistence、AI provider、monitoring、operator notification、cross-project sync、防再發與 no-false-green 已納入;仍缺 owner response、live hash、Wazuh / host forensic refs、maintenance / restart window、rollback owner、post-check plan、disable switch 與 no-secret-value evidence |
| P1-2 | SSH / sudoers / known_hosts / firewall / WireGuard / NodePort | `70%` | repo-only 清冊、owner response acceptance、端口 / 防火牆變更證據驗收、post-incident readback plan 與外部入侵防堵矩陣已固定SSH / sudo、known_hosts、firewall、WireGuard、NodePort、NetworkPolicy、before / after state、break-glass 與維護窗口皆已納入;仍缺 owner-provided change / incident ref、actor、Wazuh / host forensic refs、service impact、notification、cross-project sync、maintenance window、rollback owner 與 post-check evidence |
| P1-3 | AI provider / model routing / Ollama proxy / cost and privacy | `64%` | 已新增 owner response acceptance 帳本,固定 8 個候選、24 個 owner 必填欄位、24 個 reviewer checks、10 條 outcome lanes、38 類 blocked actions仍缺 provider owner、fallback order、dry-run、benchmark、cost review、privacy review、data classification、prompt redaction、quality gate、rollback owner 與 post-check evidence不切 production |
| P1-4 | K8s / ArgoCD / production manifests | `66%` | manifest inventory、owner response acceptance、GitOps change evidence acceptance 與 post-incident readback plan 已完成;仍缺 proposed commit ref、rendered manifest diff、ArgoCD app / sync revision、health before / after、rollout、route smoke、metrics / alert、blast radius、rollback revision、maintenance window 與 post-check owner |
| P1-5 | Backup / restore / escrow / retention | `66%` | repo-only 清冊、owner response acceptance 與事故後回讀計畫已納入 38 個 surfacefreshness before-after、backup status readback、restore drill、offsite sync、credential escrow non-secret proof、retention runway、cold-start scorecard、防再發與 no-false-green 已納入;仍缺 owner response、事故回讀包、restore drill approval package、offsite / escrow owner、rollback owner、validation plan 與 no-secret-value evidence |
| P1-6 | Wazuh / Kali 112 / SOC / Prometheus / Alertmanager / Grafana / SigNoz / Sentry / Langfuse | `78%` | repo-only 清冊、owner response acceptance、事故後回讀計畫、Wazuh / 主機入侵 readback plan、外部入侵防堵矩陣與 SOC / SIEM / Kali 112 / Wazuh 整合控制已納入NIST CSF、CIS Controls、CISA KEV、OWASP ASVS、Wazuh、Suricata 與 Kali tooling 已映射;仍缺 Wazuh event refs、Kali scope refs、host forensic refs、SIEM correlation、alert route owner、incident case owner、postcheck、owner response、noise budget owner 與 maintenance window |
## 4. 固定 0 / false 邊界
以下旗標必須維持 `false`
```text
runtime_execution_authorized=false
host_write_authorized=false
host_live_conf_read_authorized=false
nginx_test_authorized=false
public_gateway_reload_authorized=false
public_route_change_authorized=false
admin_route_change_authorized=false
websocket_route_change_authorized=false
acme_challenge_change_authorized=false
route_smoke_authorized=false
rollback_executed=false
nginx_reload_authorized=false
dns_tls_change_authorized=false
certbot_renew_authorized=false
argocd_sync_authorized=false
kubectl_action_authorized=false
backup_run_authorized=false
restore_run_authorized=false
restore_drill_authorized=false
offsite_sync_authorized=false
offsite_remote_delete_authorized=false
credential_escrow_marker_write_authorized=false
retention_change_authorized=false
restic_prune_authorized=false
rclone_config_authorized=false
velero_restore_authorized=false
workflow_modification_authorized=false
runner_change_authorized=false
refs_sync_authorized=false
force_push_authorized=false
gitea_action_dispatch_authorized=false
cd_pipeline_run_authorized=false
github_hosted_runner_enable_authorized=false
repo_secret_change_authorized=false
secret_store_read_authorized=false
secret_injection_change_authorized=false
secret_value_collection_allowed=false
secret_hash_collection_allowed=false
partial_token_collection_allowed=false
secret_rotation_authorized=false
runtime_config_change_authorized=false
api_route_change_authorized=false
cors_change_authorized=false
frontend_env_change_authorized=false
middleware_auth_change_authorized=false
callback_url_change_authorized=false
webhook_secret_change_authorized=false
security_header_change_authorized=false
cookie_policy_change_authorized=false
csrf_disable_authorized=false
rate_limit_disable_authorized=false
api_contract_change_authorized=false
i18n_public_text_internal_identity_allowed=false
internal_ip_exposure_allowed=false
repo_namespace_exposure_allowed=false
owner_namespace_exposure_allowed=false
internal_status_code_exposure_allowed=false
internal_transcript_exposure_allowed=false
raw_payload_storage_allowed=false
desktop_mobile_smoke_authorized=false
database_migration_authorized=false
active_scan_authorized=false
agent_bounty_runtime_authorized=false
payout_or_withdrawal_authorized=false
action_buttons_allowed=false
prometheus_reload_authorized=false
alertmanager_reload_authorized=false
grafana_dashboard_apply_authorized=false
signoz_rule_apply_authorized=false
sentry_deploy_authorized=false
langfuse_config_change_authorized=false
otel_collector_reload_authorized=false
receiver_route_change_authorized=false
silence_policy_change_authorized=false
telegram_send_authorized=false
notification_route_change_authorized=false
webhook_receiver_change_authorized=false
remote_write_change_authorized=false
exporter_deploy_authorized=false
live_alert_fire_authorized=false
alert_chain_smoke_authorized=false
```
## 5. 判讀規則
1. `coverage_percent` 只代表只讀框架成熟度,不代表已收到 owner response。
2. `coverage_status` 是下一步分流用語,不是 runtime approval state。
3. C0 / C1 類別若缺 live evidence只能等待 owner-provided redacted evidence、維護窗口與 rollback owner。
4. `agent-bounty-protocol` 已是 C0 runtime / MCP / A2A / treasury boundary且 owner request draft 已完成;目前仍不得 claim / submit / payout / daemon / webhook / runtime execution。
5. IwoooS 前端可顯示覆蓋矩陣,但不得提供可執行按鈕,也不得把可見狀態解讀成資安批准。
## 6. 指令
```bash
python3 scripts/security/high-value-config-control-coverage.py \
--root . \
--output docs/security/high-value-config-control-coverage.snapshot.json
```
固定 committed snapshot 時間:
```bash
python3 scripts/security/high-value-config-control-coverage.py \
--root . \
--generated-at 2026-06-11T21:30:00+08:00 \
--output docs/security/high-value-config-control-coverage.snapshot.json
```
集中驗證 guard
```bash
python3 scripts/security/iwooos-config-control-guard.py --root .
```
## 7. 完成度
| 工作 | 完成度 | 說明 |
|------|--------|------|
| 全高價值配置類別註冊 | `100%` | 14 類全部來自既有 Gate 定義 |
| 覆蓋 snapshot / schema | `100%` | 已新增可重跑 snapshot 與 JSON schema |
| 高價值配置集中 guard | `100%` | 已新增 `scripts/security/iwooos-config-control-guard.py`,並串接 `security-mirror-progress-guard.py`14 類配置、主要 owner / change evidence 帳本、supply-chain manifest 與 `0 / false` 邊界可集中驗證 |
| DNS / TLS / certbot owner response acceptance | `100%` | 已新增 `domain_tls_certbot_owner_response_acceptance_v1`4 個 C0 candidate、13 個 owner 必填欄位、13 個 reviewer checks、7 條 outcome lanes、20 類 blocked action成熟度 `74% -> 78%` |
| Docker / systemd / host service owner response acceptance | `100%` | 已新增 `host_service_owner_response_acceptance_v1`9 個 candidate、3 個 write-capable、21 個 reviewer checks、8 條 outcome lanes、27 類 blocked action成熟度 `54% -> 58%` |
| CD / Runner / Secret injection change evidence acceptance | `100%` | 已新增 `cd_runner_secret_injection_change_evidence_acceptance_v1`5 個 candidate、4 個 C0、19 個 reviewer checks、8 條 outcome lanes、32 類 blocked actionsecret metadata 成熟度 `66% -> 68%`workflow / runner 成熟度 `70% -> 72%` |
| Public / Admin / API runtime config 變更證據驗收 | `100%` | 已新增 `public_runtime_config_change_evidence_acceptance_v1` 與前台 source / messages 防洩漏 guard6 個 candidate、5 個 C0、21 個 reviewer checks、8 條 outcome lanes、32 類 blocked action另掃 226 個前端檔案、12 類禁字、違規 0public/admin/API runtime config 成熟度 `62% -> 66%`raw namespace / repo slug / 內部狀態碼 / 內部協作內容外洩列為拒收或隔離條件 |
| Backup / restore / escrow owner response acceptance backfill | `100%` | 已將 `backup_restore_owner_response_acceptance_v1` 補強為 38 個 candidate、27 個 write-capable、23 個 owner 必填欄位、22 個 reviewer checks、9 條 outcome lanes、31 類 blocked actionbackup / restore / credential 成熟度 `62% -> 64%` |
| Backup / restore / escrow post-incident readback plan | `100%` | 已新增 `backup_restore_post_incident_readback_plan_v1`38 個事故回讀 candidate、27 個 write-capable、34 個必填欄位、32 個 reviewer checks、11 條 outcome lanes、51 類 blocked action成熟度 `64% -> 66%`readback received / accepted、backup status、restore drill、offsite sync、credential escrow、retention runway、no-false-green 與 runtime gate 仍為 `0` |
| Monitoring / alerting / observability owner response acceptance backfill | `100%` | 已將 `monitoring_owner_response_acceptance_v1` 補強為 60 個 candidate、11 個 write-capable、38 個 acceptance fields、23 個 reviewer checks、12 條 outcome lanes、34 類 blocked actionmonitoring / alerting / observability 成熟度 `66% -> 68%` |
| Monitoring / alerting / observability post-incident readback plan | `100%` | 已新增 `monitoring_post_incident_readback_plan_v1`60 個事故回讀 candidate、11 個 write-capable、30 個必填欄位、28 個 reviewer checks、11 條 outcome lanes、53 類 blocked action成熟度 `68% -> 70%`readback received / accepted、receiver receipt、stale / silence、alert chain health、reload、Telegram send、alert chain smoke 與 runtime gate 仍為 `0` |
| Wazuh / 主機入侵 readback plan | `100%` | 已新增 `wazuh_iwooos_intrusion_readback_plan_v1`6 個 P0 candidate、2 個 host alias、30 個必填欄位、24 個 reviewer checks、12 條 outcome lanes、49 類 blocked actionmonitoring / alerting / observability 成熟度 `70% -> 72%`Wazuh event、主機鑑識、containment、recovery proof、active response、host write 與 runtime gate 仍為 `0` |
| 外部入侵主機防堵控制矩陣 | `100%` | 已新增 `external_host_intrusion_prevention_control_v1`12 個控制域、14 個 P0 防堵候選、4 個 host alias、1 個 sensor alias、36 個 owner 必填欄位、34 個 reviewer checks、12 條 outcome lanes、82 類 blocked actionDocker / systemd 成熟度 `64% -> 68%`、SSH / firewall 成熟度 `64% -> 70%`、monitoring / Wazuh 成熟度 `72% -> 74%`Wazuh active response、host write、firewall change、Nginx reload、package upgrade、active scan、runtime gate 與 action button 仍為 `0` |
| AI provider / model routing owner response acceptance | `100%` | 已新增 `ai_provider_owner_response_acceptance_v1`8 個 candidate、5 個 write-capable、24 個 owner 必填欄位、24 個 reviewer checks、10 條 outcome lanes、38 類 blocked actionAI provider / model routing 成熟度 `60% -> 64%` |
| Public Gateway / Nginx post-incident readback plan | `100%` | 已新增 `public_gateway_post_incident_readback_plan_v1`3 個事故回讀 candidate、2 個 C0、30 個必填欄位、28 個 reviewer checks、10 條 outcome lanes、41 類 blocked action成熟度 `90% -> 92%`readback received / accepted、`nginx -t`、reload、route smoke、DNS / TLS、certbot 與 runtime gate 仍為 `0` |
| SSH / firewall / network post-incident readback plan | `100%` | 已新增 `ssh_network_post_incident_readback_plan_v1`14 個事故回讀 candidate、6 個 write-capable、24 個必填欄位、24 個 reviewer checks、10 條 outcome lanes、34 類 blocked action成熟度 `62% -> 64%`readback received / accepted、actor、before / after、impact、通知、同步、恢復、防再發與 runtime gate 仍為 `0` |
| Docker / systemd / host service post-incident readback plan | `100%` | 已新增 `host_service_post_incident_readback_plan_v1`9 個事故回讀 candidate、3 個 write-capable、28 個必填欄位、28 個 reviewer checks、10 條 outcome lanes、41 類 blocked action成熟度 `62% -> 64%`readback received / accepted、Docker daemon、compose、systemd、failed unit、port binding、public/admin route、AI provider、monitoring、同步、防再發與 runtime gate 仍為 `0` |
| K8s / ArgoCD post-incident readback plan | `100%` | 已新增 `k8s_argocd_post_incident_readback_plan_v1`4 個事故回讀 candidate、3 個 C0、4 個 write-capable、31 個必填欄位、28 個 reviewer checks、10 條 outcome lanes、41 類 blocked action成熟度 `64% -> 66%`readback received / accepted、ArgoCD health / sync、Pending、image pull / scheduling、drift、impact、同步、防再發與 runtime gate 仍為 `0` |
| owner response 收件 | `0%` | 尚未收到或接受任何 owner response |
| live evidence collection | `0%` | 未 SSH、未 live probe、未 active scan |
| runtime gate | `0%` | 未開啟任何執行期閘門 |
## 8. P1-1 Docker / systemd 清冊更新
`host_service_config_inventory_v1` 已把 Docker Compose、systemd / repair-bot、Ansible service role 與 host config backup capture 納入 repo-only 清冊,共 `9` 個 surface、`3` 個 write-capable surface、`2` 個 repair-bot whitelist、`1` 個 systemd restart surface。此更新只讓 `docker_compose_systemd_host_config``42%` 推進到 `50%`owner response、live evidence、restart window、rollback owner、runtime gate 與 action button 仍全部為 `0`
2026-06-14 再新增 `host_service_owner_request_draft_v1`,把 9 個 surface 轉成 `request_draft_count=9``write_capable_request_draft_count=3``live_evidence_required_request_count=8``required_owner_field_count=12``blocked_action_count=14` 的人工送件前草稿。此更新仍不調高類別成熟度,因為 request sent、owner response received / accepted、live evidence、restart window、rollback owner、runtime gate 與 action button 仍全部為 `0`
2026-06-15 追加事故回補欄位,將 `host_service_owner_response_acceptance_v1` 固定為 `acceptance_field_count=34``required_owner_field_count=18``reviewer_check_count=21``outcome_lane_count=8``blocked_action_count=27`。新增要求包含 source-of-truth、服務依賴圖、port binding、cold-start sequence、incident recovery evidence 與 daemon / runner contention review。此更新讓 `docker_compose_systemd_host_config``54%` 推進到 `58%`,但 owner response received / accepted、live hash、maintenance / restart window、rollback owner、post-check plan、disable switch、live host read、SSH、Docker Compose、systemctl、repair-bot、Ansible、sudo、host write、runtime gate 與 action button 仍全部為 `0`
2026-06-15 再新增 `host_service_post_incident_readback_plan_v1`,將同一批 Docker / systemd / compose / repair-bot / Ansible / host config surface 轉成 `readback_candidate_count=9``write_capable_readback_candidate_count=3``live_evidence_required_readback_candidate_count=8``required_readback_field_count=28``reviewer_check_count=28``outcome_lane_count=10``blocked_action_count=41` 的事故後回讀計畫。此更新讓 `docker_compose_systemd_host_config``62%` 推進到 `64%`,但 post-incident readback received / accepted、actor attribution、before / after state、Docker daemon、compose、systemd、failed unit、port binding、public/admin route recovery、AI provider health、monitoring alert、operator notification、cross-project sync、restoration evidence、post-check、recurrence guard、no-false-green、runtime gate 與 action button 仍全部為 `0`
## 9. P1-2 SSH / network access 清冊更新
`ssh_network_access_inventory_v1` 已把 SSH target、known_hosts workflow、CI deploy SSH、monitoring SSH、backup SSH capture、sudoers wrapper、NetworkPolicy、NodePort、WireGuard runbook 與 alert SSH action catalog 納入 repo-only 清冊,共 `16` 個 surface、`6` 個 write-capable surface、`2` 個 NetworkPolicy、`2` 個 NodePort、`1` 個 sudoers surface 與 `1` 個 WireGuard surface。此更新只讓 `ssh_firewall_network_access``48%` 推進到 `54%`owner response、live evidence、maintenance window、rollback owner、runtime gate 與 action button 仍全部為 `0`
2026-06-14 再新增 `ssh_network_owner_request_draft_v1`,把 16 個 surface 轉成 `request_draft_count=16``write_capable_request_draft_count=6``live_evidence_required_request_count=16``required_owner_field_count=13``blocked_action_count=16` 的人工送件前草稿。此更新仍不調高類別成熟度,因為 request sent、owner response received / accepted、live access state、firewall / port / NetworkPolicy / NodePort / WireGuard 變更、runtime gate 與 action button 仍全部為 `0`
2026-06-15 再新增 `ssh_network_owner_response_acceptance_v1`,把 16 份 request draft 轉成 `acceptance_candidate_count=16``write_capable_acceptance_candidate_count=6``live_evidence_required_candidate_count=16``required_owner_field_count=13``reviewer_check_count=15``outcome_lane_count=7``blocked_action_count=22` 的 owner response acceptance 只讀帳本。此更新讓 `ssh_firewall_network_access``54%` 推進到 `58%`,但 owner response received / accepted、live access state、host key pinning、port policy、firewall owner、NetworkPolicy / NodePort、WireGuard cutover、SSH、keyscan、known_hosts patch、firewall / port 變更、runtime gate 與 action button 仍全部為 `0`
2026-06-15 再新增 `port_firewall_change_evidence_acceptance_v1`,把 14 個端口、防火牆、NodePort、NetworkPolicy、WireGuard、deploy SSH、sudo 與 alert action surface 轉成 `change_evidence_candidate_count=14``write_capable_change_evidence_candidate_count=6``policy_or_exposure_candidate_count=5``required_evidence_field_count=21``reviewer_check_count=21``outcome_lane_count=9``blocked_action_count=28` 的 change evidence acceptance 只讀帳本;同日再補事故型欄位,要求 severity、service health impact、operator notification、restoration time 與 break-glass backfill。此更新讓 `ssh_firewall_network_access``58%` 推進到 `62%`,但 change evidence received / accepted、actor identified、before / after state、service health impact accepted、operator notification accepted、cross-project sync、post-check evidence、firewall change、port close / open、NetworkPolicy apply、NodePort change、WireGuard change、route smoke、host restart、runtime gate 與 action button 仍全部為 `0`
2026-06-15 再新增 `ssh_network_post_incident_readback_plan_v1`,將同一批端口 / 防火牆事故 surface 轉成 `readback_candidate_count=14``write_capable_readback_candidate_count=6``policy_or_exposure_readback_candidate_count=5``required_readback_field_count=24``reviewer_check_count=24``outcome_lane_count=10``blocked_action_count=34` 的事故後回讀計畫。此更新讓 `ssh_firewall_network_access``62%` 推進到 `64%`,但 post-incident readback received / accepted、actor attribution、before / after state、service / public route / AI provider / monitoring impact、operator notification、cross-project sync、restoration evidence、post-check、recurrence guard、no-false-green、runtime gate 與 action button 仍全部為 `0`
## 10. P1-3 Backup / restore / escrow / retention 清冊更新
`backup_restore_escrow_inventory_v1` 已把 backup orchestration、service backup scripts、restic retention、offsite sync、credential escrow、Velero restore drill、backup health alert 與 cold-start / DR runbook 納入 repo-only 清冊,共 `38` 個 surface、`15` 個 backup script surface、`8` 個 offsite / escrow surface、`5` 個 Velero surface 與 `27` 個 write-capable surface。此更新只讓 `backup_restore_credential``52%` 推進到 `58%`owner response、live evidence、restore drill acceptance、offsite sync acceptance、credential escrow acceptance、retention change acceptance、runtime gate 與 action button 仍全部為 `0`
2026-06-14 再新增 `backup_restore_owner_request_draft_v1`,把 38 個 surface 轉成 `request_draft_count=38``write_capable_request_draft_count=27``live_evidence_required_request_count=38``required_owner_field_count=14``blocked_action_count=18` 的人工送件前草稿。此更新仍不調高類別成熟度,因為 request sent、owner response received / accepted、live backup evidence、backup run、restore run、offsite sync、escrow marker write、retention change、runtime gate 與 action button 仍全部為 `0`
2026-06-15 再新增 `backup_restore_owner_response_acceptance_v1`,把 38 份 request draft 轉成 `acceptance_candidate_count=38``write_capable_acceptance_candidate_count=27``live_evidence_required_candidate_count=38``required_owner_field_count=14``reviewer_check_count=13``outcome_lane_count=7``blocked_action_count=22` 的 owner response acceptance 只讀帳本。此更新讓 `backup_restore_credential``58%` 推進到 `62%`,但 owner response received / accepted、live backup evidence、restore drill acceptance、offsite sync acceptance、credential escrow acceptance、retention change acceptance、backup run、restore run、runtime gate 與 action button 仍全部為 `0`
2026-06-15 再補 restore recovery backfill 欄位,將 `backup_restore_owner_response_acceptance_v1` 固定為 `acceptance_field_count=33``required_owner_field_count=23``reviewer_check_count=22``outcome_lane_count=9``blocked_action_count=31`。新增要求包含 freshness SLO、隔離 restore target、backup dependency map、data classification、remote delete guard、retention runway、restore observer / stop condition、credential recovery non-secret proof 與 backup health no-false-green review。此更新讓 `backup_restore_credential``62%` 推進到 `64%`,但 owner response received / accepted、freshness SLO accepted、restore target isolation accepted、remote delete guard accepted、retention runway accepted、credential recovery drill accepted、backup health no-false-green accepted、backup run、restore run、offsite sync、remote delete、retention change、secret collection、runtime gate 與 action button 仍全部為 `0`
## 11. P1-4 Monitoring / alerting / observability 清冊更新
`monitoring_alerting_observability_inventory_v1` 已把 Prometheus、Alertmanager、Grafana、SigNoz、Sentry、Langfuse、OTEL、Telegram / notification policy、deploy / reload scripts 與 alert chain smoke scripts 納入 repo-only 清冊,共 `60` 個 surface、`13` 個 alert rule surface、`6` 個 deploy / reload surface、`11` 個 write-capable surface 與 `1` 個 drift guard surface。此更新只讓 `monitoring_alerting_observability``56%` 推進到 `62%`owner response、live evidence、reload owner、receiver owner、route smoke、runtime gate 與 action button 仍全部為 `0`
2026-06-14 再新增 `monitoring_owner_request_draft_v1`,把 60 個 surface 轉成 `request_draft_count=60``write_capable_request_draft_count=11``live_evidence_required_request_count=60``required_owner_field_count=14``blocked_action_count=24` 的人工送件前草稿。此更新仍不調高類別成熟度,因為 request sent、owner response received / accepted、live evidence、reload、receiver route change、silence change、Telegram send、alert chain smoke、runtime gate 與 action button 仍全部為 `0`
2026-06-15 再新增 `monitoring_owner_response_acceptance_v1`,把 60 份 request draft 轉成 `acceptance_candidate_count=60``write_capable_acceptance_candidate_count=11``live_evidence_required_candidate_count=60``required_owner_field_count=14``reviewer_check_count=15``outcome_lane_count=7``blocked_action_count=28` 的 owner response acceptance 只讀帳本。此更新讓 `monitoring_alerting_observability``62%` 推進到 `66%`,高價值配置平均成熟度從 `68%` 推進到 `69%`;但 owner response received / accepted / rejected、live evidence、reload、receiver route change、silence change、Telegram send、alert chain smoke、runtime gate 與 action button 仍全部為 `0`
2026-06-15 再補告警鏈路 no-false-green 回補欄位,將 `monitoring_owner_response_acceptance_v1` 固定為 `acceptance_field_count=38``reviewer_check_count=23``outcome_lane_count=12``blocked_action_count=34`。新增要求包含 incident context、alert chain health 不得只用 route 200 或 UI 可見判定、receiver receipt proof、stale alert review、silence / dedup review、false-green risk review、post-reload readback plan 與 cross-project notification ref。此更新讓 `monitoring_alerting_observability``66%` 推進到 `68%`;但 owner response received / accepted / rejected、receiver receipt accepted、stale alert review accepted、silence / dedup review accepted、false-green risk review accepted、post-reload readback accepted、reload、receiver route change、silence change、Telegram send、alert chain smoke、runtime gate 與 action button 仍全部為 `0`
2026-06-15 再新增 `monitoring_post_incident_readback_plan_v1`,把同一批 60 個 monitoring / alerting / observability surface 轉成 `readback_candidate_count=60``write_capable_readback_candidate_count=11``live_evidence_required_readback_candidate_count=60``alert_rule_readback_candidate_count=13``deploy_or_reload_readback_candidate_count=6``required_readback_field_count=30``reviewer_check_count=28``outcome_lane_count=11``blocked_action_count=53` 的事故後回讀計畫。此更新讓 `monitoring_alerting_observability``68%` 推進到 `70%`;但 post-incident readback received / accepted、actor attribution、before / after alert state、rule / datasource / scrape state、receiver route、receiver receipt、stale / pending / resolved review、silence / mute / dedup / inhibit review、dashboard / trace / log freshness、notification delivery、alert chain health、cross-project sync、rollback、post-change monitoring、防再發、no-false-green、reload、receiver route change、Telegram send、alert chain smoke、production write、runtime gate 與 action button 仍全部為 `0`
2026-06-18 再新增 `wazuh_iwooos_intrusion_readback_plan_v1`,把已建置的 Wazuh、host-110 / host-188 入侵訊號、外部 Agent 宣稱、Runner / gateway / secret 連動與 containment / recovery proof 轉成 `readback_candidate_count=6``affected_host_alias_count=2``required_readback_field_count=30``reviewer_check_count=24``outcome_lane_count=12``blocked_action_count=49` 的只讀接入計畫。此更新讓 `monitoring_alerting_observability``70%` 推進到 `72%`;但 Wazuh event refs、host forensic refs、containment decision、recovery proof、postcheck、recurrence guard、read-only API enabled、active response、host write、secret collection、runtime gate 與 action button 仍全部為 `0`
## 12. P0 Public Gateway Preflight 清冊更新
`public_gateway_preflight_inventory_v1` 已把 Nginx public gateway reload / route change 前置 Gate 固定成只讀清冊,共 `3` 份 source config、`14` 個 route impact、`14` 個 unique upstream、`12` 個 preflight gate其中 `2` 個 gate 只代表 repo-only ready`10` 個 gate 仍需 owner acceptance。此更新讓 `nginx_public_gateway``78%` 推進到 `84%`owner response、owner-provided live conf、rendered diff、`nginx -t` evidence、route smoke、maintenance window、rollback owner、runtime gate 與 action button 仍全部為 `0`
2026-06-14 再新增 `public_gateway_owner_response_acceptance_v1`,把 3 份 public gateway config 轉成 owner response acceptance 只讀帳本2026-06-15 已強化手動 / 緊急 gateway 變更 metadata gate固定 `acceptance_candidate_count=3``c0_acceptance_candidate_count=2``required_owner_response_field_count=22``reviewer_check_count=22``outcome_lane_count=8``blocked_action_count=28`。此更新要求 change actor/source、change time window、cross-project impact、communication sync、change intent / ticket、pre-change approval 或 break-glass reason、route health impact、rollback validation 與 post-change monitoring window 的脫敏 ref`nginx_public_gateway``88%` 推進到 `90%`,因為亂改 Nginx 後不再只看 owner 口頭回覆,而會要求事前意圖或事後 break-glass、健康影響、回滾驗證與監控窗口。不過 owner response received / accepted、redacted export received / accepted、rendered diff ready、`nginx -t`、reload、route smoke、DNS / TLS probe、certbot renew、runtime gate 與 action button 仍全部為 `0`
2026-06-14 再新增 `public_gateway_rendered_diff_acceptance_v1`,把 3 份 public gateway config 轉成 `diff_acceptance_candidate_count=3``c0_diff_acceptance_candidate_count=2``required_evidence_field_count=14``reviewer_check_count=15``outcome_lane_count=8``blocked_action_count=22` 的 rendered diff evidence acceptance 只讀帳本。此更新只讓 `nginx_public_gateway``86%` 推進到 `88%`owner response accepted、rendered diff accepted、owner-provided `nginx -t` evidence accepted、route smoke evidence accepted、reload、DNS / TLS probe、certbot renew、runtime gate 與 action button 仍全部為 `0`
2026-06-15 再新增 `public_gateway_post_incident_readback_plan_v1`,把 3 份 public gateway config 轉成 `readback_candidate_count=3``c0_readback_candidate_count=2``required_readback_field_count=30``reviewer_check_count=28``outcome_lane_count=10``blocked_action_count=41` 的事故後回讀計畫。此更新讓 `nginx_public_gateway``90%` 推進到 `92%`readback received / accepted、actor attribution accepted、before / after route state accepted、source-live diff accepted、owner-provided `nginx -t` readback accepted、reload / no-reload accepted、route smoke readback accepted、TLS / ACME accepted、WebSocket accepted、upstream accepted、AI provider impact accepted、monitoring accepted、cross-project sync accepted、no-false-green accepted、`nginx -t`、reload、route smoke、DNS / TLS probe、certbot renew、host write、runtime gate 與 action button 仍全部為 `0`
## 13. P0 DNS / TLS / certbot owner response acceptance 更新
`domain_tls_certbot_owner_response_acceptance_v1` 已把 4 份 DNS / TLS / certbot owner confirmation request 轉成 owner response acceptance 只讀帳本。四份候選全部為 `C0`,固定 `acceptance_candidate_count=4``required_owner_response_field_count=13``reviewer_check_count=13``outcome_lane_count=7``blocked_action_count=20`,讓 `dns_tls_certbot``74%` 推進到 `78%`
此更新只補齊 SAN / wildcard / 共用憑證覆蓋關係、certificate expiry metadata ref、renewal owner、ACME route owner、maintenance window、rollback owner 與 validation plan 的收件驗收規則owner response received / accepted、certificate coverage confirmed、DNS query、live TLS probe、certbot renew、Nginx reload、route smoke、DNS record 修改、certificate path 修改、ACME challenge route 修改、host write、runtime gate 與 action button 仍全部為 `0 / false`