feat(smoke): monitor pchome dry-run receipt closeout
Some checks failed
CD Pipeline / deploy (push) Has been cancelled

This commit is contained in:
ogt
2026-07-09 16:22:57 +08:00
parent 0d3eb4d1a2
commit 5d6737599c
6 changed files with 955 additions and 18 deletions

View File

@@ -1,8 +1,8 @@
# PChome 業績成長自動化作戰系統 — AI 競價情報模組 Single Source of Truth
> **最後更新**: 2026-07-03 (台北時間)
> **狀態**: 🟢 四 AI Agent 自動化閉環已落地LLM 路由紅線升級為 Ollama-first 三主機級聯PChome 後台業績匯入韌性已補強產品定位正名為「PChome 業績成長自動化作戰系統」外部市場來源正規化層、自動同步、作戰清單與價格參考表優先讀取、CSV 備援預檢、前台操作入口、高可見頁面繁中化守門、比價/作戰 UI 工作台化、AI 密集工作台文字密度守門、跨平台來源治理、商品身份 UI 契約、sitewide visual QA runtime readback、PChome auto-policy authorization guard monitoring、decision preflight machine evidence monitoring、decision closeout monitoring、authorization issuer gate monitoring、signing decision preflight monitoring、signing decision closeout monitoring、signing issuer guard monitoring、signing issuer closeout monitoring、signing execution preflight monitoring、signing execution closeout monitoring、signed receipt preflight monitoring、signed receipt closeout monitoring、signed receipt evidence intake monitoring、detached verification evidence validation monitoring、verifier receipt closeout monitoring、authorization evidence execution preflight monitoring、authorization evidence execution closeout monitoring、controlled apply final preflight monitoringcontrolled dry-run package monitoring 已建立GCP embedding 熔斷延後處理、110 proxy rescue 與 direct host health skip 已建立
> **適用版本**: V10.744
> **最後更新**: 2026-07-09 (台北時間)
> **狀態**: 🟢 四 AI Agent 自動化閉環已落地LLM 路由紅線升級為 Ollama-first 三主機級聯PChome 後台業績匯入韌性已補強產品定位正名為「PChome 業績成長自動化作戰系統」外部市場來源正規化層、自動同步、作戰清單與價格參考表優先讀取、CSV 備援預檢、前台操作入口、高可見頁面繁中化守門、比價/作戰 UI 工作台化、AI 密集工作台文字密度守門、跨平台來源治理、商品身份 UI 契約、sitewide visual QA runtime readback、PChome auto-policy authorization guard monitoring、decision preflight machine evidence monitoring、decision closeout monitoring、authorization issuer gate monitoring、signing decision preflight monitoring、signing decision closeout monitoring、signing issuer guard monitoring、signing issuer closeout monitoring、signing execution preflight monitoring、signing execution closeout monitoring、signed receipt preflight monitoring、signed receipt closeout monitoring、signed receipt evidence intake monitoring、detached verification evidence validation monitoring、verifier receipt closeout monitoring、authorization evidence execution preflight monitoring、authorization evidence execution closeout monitoring、controlled apply final preflight monitoringcontrolled dry-run package monitoring 與 controlled dry-run receipt closeout monitoring 已建立GCP embedding 熔斷延後處理、110 proxy rescue 與 direct host health skip 已建立
> **適用版本**: V10.745
---
@@ -870,6 +870,7 @@ POSTGRES_HOST=momo-db
| 2026-07-03 | PChome auto-policy authorization evidence execution closeout 必須有 runtime monitoring | V10.742 起 `/api/ai-automation/smoke``/api/ai-automation/scheduled-health-summary``/metrics` 必須輸出 `PChome auto-policy authorization evidence execution closeout` / `pchome_auto_policy_authorization_evidence_execution_closeout`;此 runtime check 自動驗證 future database apply authorization final verifier gate、authorization evidence execution closeout package、12 個 closeout checks、12 個 closeout fields、10 個 closeout acceptance gates、authorization evidence execution preflight carry-forward、verifier receipt closeout carry-forward、same-run production truth requirement 與 post-apply verifier requirement但明確標記 `reads_secret_count=0``executes_script_count=0``executes_sql_count=0``writes_database_count=0``signs_database_apply_authorization_count=0``primary_human_gate_count=0``executes_authorization_evidence=false``executes_database_apply=false``database_apply_authorized=false``requires_detached_signature_verification=true``detached_signature_verification_performed=false``verifier_receipt_persisted=false``external_signed_authorization_receipt_included=false``signed_authorization_receipt_included=false``signature_material_included=false``accepts_plaintext_secret=false``ready_for_database_apply_now=false``issues_database_apply_authorization=false``signs_database_apply_authorization=false``secret_material_included=false``secret_material_required_in_preview=false`,不讀 secret、不執行 authorization evidence、不執行 database apply、不執行 detached verification、不持久化 verifier receipt、不執行 SQL、不寫 DB、不含 signed receipt 或 signature material、不接受 plaintext secret、不簽發 apply authorization。 |
| 2026-07-03 | PChome auto-policy controlled apply final preflight 必須有 runtime monitoring | V10.743 起 `/api/ai-automation/smoke``/api/ai-automation/scheduled-health-summary``/metrics` 必須輸出 `PChome auto-policy controlled apply final preflight` / `pchome_auto_policy_controlled_apply_final_preflight`;此 runtime check 自動驗證 authorization evidence execution closeout carry-forward、database apply authorization final verifier gate、controlled apply final preflight package、rollback binding、post-apply verifier binding、12 個 final preflight checks、12 個 preflight fields、10 個 acceptance gates、dry-run-only、check-mode-only、same-run production truth requirement 與 future controlled dry-run package readiness但明確標記 `reads_secret_count=0``executes_script_count=0``executes_sql_count=0``writes_database_count=0``signs_database_apply_authorization_count=0``primary_human_gate_count=0``rollback_execution_authorized=false``rollback_executes_sql=false``rollback_writes_database=false``post_apply_verifier_execution_authorized_in_preview=false``executes_database_apply=false``ready_for_database_apply_now=false``database_apply_authorized=false``issues_database_apply_authorization=false``signs_database_apply_authorization=false`,不讀 secret、不執行 authorization evidence、不執行 database apply、不執行 endpoint/SQL、不寫 DB、不簽發 apply authorization只允許進入下一段 controlled dry-run package lane。 |
| 2026-07-03 | PChome auto-policy controlled dry-run package 必須有 runtime monitoring | V10.744 起 `/api/ai-automation/smoke``/api/ai-automation/scheduled-health-summary``/metrics` 必須輸出 `PChome auto-policy controlled dry-run package` / `pchome_auto_policy_controlled_dry_run_package`;此 runtime check 自動驗證 controlled apply final preflight carry-forward、rollback binding、post-apply verifier binding、12 個 dry-run package checks、12 個 package fields、10 個 acceptance gates、receipt preview、result parser、non-executable command shape、same-run production truth 與 future dry-run receipt closeout readiness但明確標記 `receipt_execution_performed=false``receipt_stdout_included=false``receipt_stderr_included=false``command_shape_execution_allowed=false``database_apply_authorized=false``reads_secret_count=0``executes_script_count=0``executes_sql_count=0``writes_database_count=0``signs_database_apply_authorization_count=0``primary_human_gate_count=0``executes_authorization_evidence=false``executes_database_apply=false``ready_for_database_apply_now=false``issues_database_apply_authorization=false``signs_database_apply_authorization=false`,不讀 secret、不執行 dry-run、不捕捉 stdout/stderr、不執行 authorization evidence、不執行 database apply、不執行 endpoint/SQL、不寫 DB、不簽發 apply authorization只允許進入下一段 dry-run receipt closeout lane。 |
| 2026-07-09 | PChome auto-policy controlled dry-run receipt closeout 必須有 runtime monitoring | V10.745 起 `/api/ai-automation/smoke``/api/ai-automation/scheduled-health-summary``/metrics` 必須輸出 `PChome auto-policy controlled dry-run receipt closeout` / `pchome_auto_policy_controlled_dry_run_receipt_closeout`;此 runtime check 自動驗證 controlled dry-run package carry-forward、dry-run result parser、receipt validation report、command-shape hash、rollback binding、post-apply verifier binding、12 個 receipt closeout checks、12 個 closeout fields、10 個 acceptance gates、same-run production truth 與 future runner readiness但明確標記 `receipt_validation_status=preview_validated_not_executed``validation_execution_performed=false``validation_stdout_included=false``validation_stderr_included=false``validation_database_apply_authorized=false``reads_secret_count=0``executes_script_count=0``executes_sql_count=0``writes_database_count=0``signs_database_apply_authorization_count=0``primary_human_gate_count=0``executes_authorization_evidence=false``executes_database_apply=false``ready_for_database_apply_now=false``database_apply_authorized=false``issues_database_apply_authorization=false``signs_database_apply_authorization=false`,不讀 secret、不執行 dry-run、不捕捉 stdout/stderr、不執行 authorization evidence、不執行 database apply、不執行 endpoint/SQL、不寫 DB、不簽發 apply authorization只允許進入下一段 controlled dry-run runner readiness lane。 |
| 2026-06-29 | PChome DB apply 授權 lane 必須先通過 no-write guard / decision preflight / decision closeout / issuer gate / signing-decision preflight / signing-decision closeout / signing-issuer guard | V10.725 的 PChome mapping backlog auto-policy 已新增 `/api/ai/pchome-growth/mapping-backlog/auto-policy-db-apply-authorization-lane-guard``/api/ai/pchome-growth/mapping-backlog/auto-policy-db-apply-authorization-decision-preflight``/api/ai/pchome-growth/mapping-backlog/auto-policy-db-apply-authorization-decision-closeout``/api/ai/pchome-growth/mapping-backlog/auto-policy-db-apply-authorization-issuer-gate``/api/ai/pchome-growth/mapping-backlog/auto-policy-db-apply-authorization-signing-decision-preflight``/api/ai/pchome-growth/mapping-backlog/auto-policy-db-apply-authorization-signing-decision-closeout``/api/ai/pchome-growth/mapping-backlog/auto-policy-db-apply-authorization-signing-issuer-guard`;這些 endpoint 只驗證 final exact request package、same-run production truth requirement、secret rejection、rollback boundary、lane entry requirements、decision input requirements、rejection policy、post-apply verifier、future authorization decision package、final nonsecret authorization envelope、signing decision preflight inputs、unsigned signing decision package 與 signable request boundary不讀 secret、不執行 shell/SQL、不寫 DB也不簽發 database apply authorization。 |
| 2026-06-29 | PChome DB apply 授權簽署發行者 lane 必須先產出 final signable request package | V10.725 的 PChome mapping backlog auto-policy 新增 `/api/ai/pchome-growth/mapping-backlog/auto-policy-db-apply-authorization-signing-issuer-closeout`;此 endpoint 只把 signing-issuer guard 的 signable request boundary 收斂成 final signable request package 與 closeout contract確認 fresh production truth、post-apply verifier、migration hash、secret boundary 與 no-side-effect checks不讀 secret、不簽發 authorization、不執行 shell/SQL、不寫 DB也不代表正式 DB apply 已授權。 |
| 2026-06-29 | PChome DB apply 授權簽署執行 lane 必須先通過 operator-held secret boundary preflight | V10.725 的 PChome mapping backlog auto-policy 新增 `/api/ai/pchome-growth/mapping-backlog/auto-policy-db-apply-authorization-signing-execution-preflight`;此 endpoint 只把 final signable request package 轉成 future signing execution preflight package、operator-held secret boundary contract、nonsecret signing inputs、command-shape preview、rollback boundary 與 abort conditions不讀 secret、不接受 plaintext secret、不簽發 authorization、不執行 shell/SQL、不寫 DB也不代表正式 DB apply 已授權。 |

View File

@@ -1,6 +1,6 @@
# PChome AI 自動化優先工作清單
> 最後更新: 2026-07-03 Asia/Taipei
> 最後更新: 2026-07-09 Asia/Taipei
> 範圍: PChome growth / MOMO mapping AI 自動化主線
> 真相來源: Gitea `dev` / `main`、正式環境 `/health`、正式 DB readback、machine-verifiable artifacts
@@ -9,7 +9,7 @@
以下是使用者在主線推進期間插入、且必須保留在完整工作項目裡的要求。後續不得再把這些需求漏掉或變成口頭提醒。
1. 正式環境才是最新版本真相;不得用本機檔案、舊筆記、舊分支蓋過 production truth。
2. 版本不得搞錯;目前正式環境 `/health` 版本推進目標為 `V10.744`,完成條件必須包含明確版本 bump、部署與 readback。
2. 版本不得搞錯;目前正式環境 `/health` 版本推進目標為 `V10.745`,完成條件必須包含明確版本 bump、部署與 readback。
3. GitHub 全面 freeze不得使用 GitHub、`gh`、GitHub API、GitHub Actions、PR、issue、mirror 或 read-only GitHub 流程。
4. 實作結果必須推到 Gitea `dev``main`;若改到 runtime 行為,還必須部署到正式環境並回讀。
5. 主方向是 AI 自動化,不是人工審核;人工欄位只能當 evidence / ledger / UI truth不得阻擋低爆炸半徑、可驗證、可回滾的 controlled apply。
@@ -41,7 +41,7 @@
已完成:
- 正式環境版本真相 guard`/health` 是最高真相,本輪推進目標為 `V10.744`
- 正式環境版本真相 guard`/health` 是最高真相,本輪推進目標為 `V10.745`
- Gitea `dev` / `main` source truth 對齊。
- Retry exception controlled apply executor 已落地,目標表為 `pchome_product_matches`
- 正式 DB 已 controlled apply 4 個 selectors:
@@ -218,10 +218,17 @@
- `/api/ai-automation/scheduled-health-summary` 已輸出 `pchome_auto_policy_controlled_dry_run_package` family
- `/metrics` 已輸出 `momo_ai_automation_scheduled_health_family_status{family="pchome_auto_policy_controlled_dry_run_package",...}`
- 不執行 dry-run、不捕捉 stdout/stderr、不執行 authorization evidence、不執行 database apply、不執行 endpoint/SQL、不寫 DB、不讀 secret、不簽發 apply authorization下一個機器動作是 controlled dry-run receipt closeout lane
- PChome auto-policy controlled dry-run receipt closeout runtime monitoring 已完成:
- `/api/ai-automation/smoke` 已加入 `PChome auto-policy controlled dry-run receipt closeout`
- 以本機 contract fixture + machine evidence adapter 自動推進 controlled dry-run runner readiness path
- 明確標記 `controlled_dry_run_receipt_closeout_check_count=12``controlled_dry_run_receipt_closeout_pass_count=12``controlled_dry_run_receipt_closeout_field_count=12``controlled_dry_run_receipt_closeout_acceptance_gate_count=10``dry_run_result_parser_count=1``dry_run_result_parser_field_count=10``receipt_validation_report_count=1``receipt_validation_field_count=8``receipt_validation_status=preview_validated_not_executed``validation_execution_performed=false``validation_stdout_included=false``validation_stderr_included=false``validation_database_apply_authorized=false``writes_database_count=0``signs_database_apply_authorization_count=0``reads_secret_count=0``primary_human_gate_count=0`
- `/api/ai-automation/scheduled-health-summary` 已輸出 `pchome_auto_policy_controlled_dry_run_receipt_closeout` family
- `/metrics` 已輸出 `momo_ai_automation_scheduled_health_family_status{family="pchome_auto_policy_controlled_dry_run_receipt_closeout",...}`
- 不執行 dry-run、不捕捉 stdout/stderr、不執行 authorization evidence、不執行 database apply、不執行 endpoint/SQL、不寫 DB、不讀 secret、不簽發 apply authorization下一個機器動作是 controlled dry-run runner readiness lane
進行中 / 下一步,必須照順序:
1. 將 auto-policy controlled dry-run package 往 controlled dry-run receipt closeout lane 推進。
1. 將 auto-policy controlled dry-run receipt closeout 往 controlled dry-run runner readiness lane 推進。
完成標準:
@@ -388,7 +395,7 @@
進行中 / 下一步,必須照順序:
1. 將 auto-policy controlled dry-run package 推進到 controlled dry-run receipt closeout lane。
1. 將 auto-policy controlled dry-run receipt closeout 推進到 controlled dry-run runner readiness lane。
2. 對其他 safe mapping backlog lanes 套用 receipt / replay / drift verifier 模式。
3. 為每一類 controlled apply 自動產生 rollback evidence package。
4. 把 AI automation metrics 持續整合進既有 observability surfaces。
@@ -479,6 +486,7 @@
| P3.21 | PChome auto-policy authorization evidence execution closeout monitoring | 已完成 | AI smoke + scheduled family + metrics family prove database apply authorization final verifier gate, 12 closeout fields, 10 closeout acceptance gates, no authorization evidence execution, no database apply, no detached verification execution, no verifier receipt persist, no signed receipt, no signature material, no plaintext secret, no secret read, no DB write, no signing | P3.22 controlled-apply final preflight monitoring |
| P3.22 | PChome auto-policy controlled-apply final preflight monitoring | 已完成 | AI smoke + scheduled family + metrics family prove rollback binding, post-apply verifier binding, 12 final preflight fields, 10 acceptance gates, dry-run-only/check-mode-only, no authorization evidence execution, no database apply, no endpoint/SQL, no secret read, no DB write, no signing | P3.23 controlled dry-run package monitoring |
| P3.23 | PChome auto-policy controlled dry-run package monitoring | 已完成 | AI smoke + scheduled family + metrics family prove receipt preview, result parser, non-executable command shape, 12 package fields, 10 acceptance gates, no dry-run execution, no stdout/stderr, no authorization evidence execution, no database apply, no endpoint/SQL, no secret read, no DB write, no signing | P3.24 controlled dry-run receipt closeout monitoring |
| P3.24 | PChome auto-policy controlled dry-run receipt closeout monitoring | 已完成 | AI smoke + scheduled family + metrics family prove parser closeout, receipt validation report, 12 closeout fields, 10 acceptance gates, no dry-run execution, no stdout/stderr, no authorization evidence execution, no database apply, no endpoint/SQL, no secret read, no DB write, no signing | P3.25 controlled dry-run runner readiness monitoring |
| P4.1 | Source / deployment / runtime truth package | 已完成 | `scripts/ops/report_source_deploy_runtime_truth.py` + focused tests | 每次 Gitea push / production deploy 後執行 P4 report |
| P2.2 | Benchmark guardrails applied to core AI surfaces | 已完成 | `/ai_intelligence` + `/observability/overview` golden-signal strips + focused tests | 後續 safe automation lanes 套同樣 first-viewport summary |