feat(smoke): monitor pchome signing issuer closeout
Some checks failed
CD Pipeline / deploy (push) Has been cancelled

This commit is contained in:
ogt
2026-07-03 09:49:00 +08:00
parent a094c6b241
commit 6ee4244079
6 changed files with 689 additions and 18 deletions

View File

@@ -280,6 +280,23 @@ def build_scheduled_automation_health_summary(
auto_policy_signing_issuer_guard_details = (
auto_policy_signing_issuer_guard.get("details") or {}
)
auto_policy_signing_issuer_closeout = _find_check(
source_result,
"PChome auto-policy signing issuer closeout",
)
auto_policy_signing_issuer_closeout_details = (
auto_policy_signing_issuer_closeout.get("details") or {}
)
if (
not auto_policy_signing_issuer_closeout
or not auto_policy_signing_issuer_closeout_details
):
auto_policy_signing_issuer_closeout = (
_pchome_auto_policy_signing_issuer_closeout_check()
)
auto_policy_signing_issuer_closeout_details = (
auto_policy_signing_issuer_closeout.get("details") or {}
)
surface_readback = _find_check(source_result, "AI surface HTML readback")
surface_details = surface_readback.get("details") or {}
sitewide_readback = _find_check(source_result, "Sitewide UI/UX Agent readback")
@@ -1057,6 +1074,178 @@ def build_scheduled_automation_health_summary(
"writes_database": False,
},
},
{
"key": "pchome_auto_policy_signing_issuer_closeout",
"label": "PChome auto-policy signing issuer closeout",
"status": auto_policy_signing_issuer_closeout.get("status") or "warning",
"summary": (
auto_policy_signing_issuer_closeout.get("summary")
or "PChome auto-policy signing issuer closeout has no latest check."
),
"next_machine_action": auto_policy_signing_issuer_closeout_details.get(
"next_machine_action"
)
or (
"continue_pchome_auto_policy_signing_issuer_closeout_monitoring"
if auto_policy_signing_issuer_closeout.get("status") == "ok"
else "refresh_pchome_auto_policy_signing_issuer_closeout"
),
"details": {
"policy": auto_policy_signing_issuer_closeout_details.get("policy"),
"result": auto_policy_signing_issuer_closeout_details.get("result"),
"signing_issuer_closeout_ready_count": int(
auto_policy_signing_issuer_closeout_details.get(
"signing_issuer_closeout_ready_count"
)
or 0
),
"signing_issuer_closeout_check_count": int(
auto_policy_signing_issuer_closeout_details.get(
"signing_issuer_closeout_check_count"
)
or 0
),
"signing_issuer_closeout_pass_count": int(
auto_policy_signing_issuer_closeout_details.get(
"signing_issuer_closeout_pass_count"
)
or 0
),
"signing_issuer_closeout_waiting_count": int(
auto_policy_signing_issuer_closeout_details.get(
"signing_issuer_closeout_waiting_count"
)
or 0
),
"signing_issuer_guard_ready_count": int(
auto_policy_signing_issuer_closeout_details.get(
"signing_issuer_guard_ready_count"
)
or 0
),
"signing_issuer_guard_check_count": int(
auto_policy_signing_issuer_closeout_details.get(
"signing_issuer_guard_check_count"
)
or 0
),
"signing_decision_input_requirement_count": int(
auto_policy_signing_issuer_closeout_details.get(
"signing_decision_input_requirement_count"
)
or 0
),
"signing_decision_rejection_reason_count": int(
auto_policy_signing_issuer_closeout_details.get(
"signing_decision_rejection_reason_count"
)
or 0
),
"required_issuer_evidence_count": int(
auto_policy_signing_issuer_closeout_details.get(
"required_issuer_evidence_count"
)
or 0
),
"nonsecret_authorization_claim_count": int(
auto_policy_signing_issuer_closeout_details.get(
"nonsecret_authorization_claim_count"
)
or 0
),
"post_apply_verifier_required_count": int(
auto_policy_signing_issuer_closeout_details.get(
"post_apply_verifier_required_count"
)
or 0
),
"same_run_truth_required_count": int(
auto_policy_signing_issuer_closeout_details.get(
"same_run_truth_required_count"
)
or 0
),
"reads_secret_count": int(
auto_policy_signing_issuer_closeout_details.get("reads_secret_count")
or 0
),
"executes_sql_count": int(
auto_policy_signing_issuer_closeout_details.get("executes_sql_count")
or 0
),
"writes_database_count": int(
auto_policy_signing_issuer_closeout_details.get(
"writes_database_count"
)
or 0
),
"signs_database_apply_authorization_count": int(
auto_policy_signing_issuer_closeout_details.get(
"signs_database_apply_authorization_count"
)
or 0
),
"primary_human_gate_count": int(
auto_policy_signing_issuer_closeout_details.get(
"primary_human_gate_count"
)
or 0
),
"manual_review_mode": auto_policy_signing_issuer_closeout_details.get(
"manual_review_mode"
),
"payload_source": auto_policy_signing_issuer_closeout_details.get(
"payload_source"
),
"execute_fetch": bool(
auto_policy_signing_issuer_closeout_details.get("execute_fetch")
),
"outbound_network": bool(
auto_policy_signing_issuer_closeout_details.get("outbound_network")
),
"business_data_source": bool(
auto_policy_signing_issuer_closeout_details.get(
"business_data_source"
)
),
"ready_for_database_apply_now": bool(
auto_policy_signing_issuer_closeout_details.get(
"ready_for_database_apply_now"
)
),
"issues_database_apply_authorization": bool(
auto_policy_signing_issuer_closeout_details.get(
"issues_database_apply_authorization"
)
),
"signs_database_apply_authorization": bool(
auto_policy_signing_issuer_closeout_details.get(
"signs_database_apply_authorization"
)
),
"secret_material_included": bool(
auto_policy_signing_issuer_closeout_details.get(
"secret_material_included"
)
),
"secret_material_required_in_preview": bool(
auto_policy_signing_issuer_closeout_details.get(
"secret_material_required_in_preview"
)
),
"ready_for_future_final_signable_request_package": bool(
auto_policy_signing_issuer_closeout_details.get(
"ready_for_future_final_signable_request_package"
)
),
"permits_future_final_signable_request_package_lane": bool(
auto_policy_signing_issuer_closeout_details.get(
"permits_future_final_signable_request_package_lane"
)
),
"writes_database": False,
},
},
{
"key": "ai_surface_html_readback",
"label": "AI surface HTML readback",
@@ -3048,6 +3237,241 @@ def _pchome_auto_policy_signing_issuer_guard_check() -> Dict[str, Any]:
)
def _pchome_auto_policy_signing_issuer_closeout_check() -> Dict[str, Any]:
"""Read-only monitor for the final signable request closeout package."""
try:
from services import pchome_mapping_backlog_service as backlog
from services.ai_exception_contract import (
LEGACY_REVIEW_REQUIRED_COUNT_KEY,
PRIMARY_HUMAN_GATE_COUNT_KEY,
)
payload = _pchome_auto_policy_decision_preflight_contract_payload()
closeout = (
backlog.build_pchome_auto_policy_db_apply_authorization_signing_issuer_closeout(
payload,
batch_size=max(1, min(_PCHOME_AUTO_POLICY_DECISION_PREFLIGHT_BATCH_SIZE, 50)),
execute_fetch=True,
timeout_seconds=max(
1,
min(_PCHOME_AUTO_POLICY_DECISION_PREFLIGHT_TIMEOUT_SECONDS, 30),
),
http_get=_pchome_auto_policy_machine_fetch_evidence_get,
)
)
summary = closeout.get("summary") or {}
issuer_closeout = closeout.get("future_authorization_signing_issuer_closeout") or {}
package = closeout.get("final_signable_request_package") or {}
contract = closeout.get("signing_issuer_closeout_contract") or {}
safety = closeout.get("safety") or {}
result = str(closeout.get("result") or "UNKNOWN")
closeout_ready_count = int(
summary.get("authorization_signing_issuer_closeout_ready_count") or 0
)
check_count = int(summary.get("signing_issuer_closeout_check_count") or 0)
pass_count = int(summary.get("signing_issuer_closeout_pass_count") or 0)
waiting_count = int(summary.get("signing_issuer_closeout_waiting_count") or 0)
guard_ready_count = int(
summary.get("authorization_signing_issuer_guard_ready_count") or 0
)
guard_check_count = int(summary.get("signing_issuer_guard_check_count") or 0)
input_requirement_count = int(
summary.get("signing_decision_input_requirement_count") or 0
)
rejection_reason_count = int(
summary.get("signing_decision_rejection_reason_count") or 0
)
required_evidence_count = int(summary.get("required_issuer_evidence_count") or 0)
nonsecret_claim_count = int(summary.get("nonsecret_authorization_claim_count") or 0)
verifier_required_count = int(summary.get("post_apply_verifier_required_count") or 0)
same_run_truth_count = int(summary.get("same_run_truth_required_count") or 0)
reads_secret_count = int(summary.get("reads_secret_count") or 0)
executes_script_count = int(summary.get("executes_script_count") or 0)
executes_sql_count = int(summary.get("executes_sql_count") or 0)
writes_database_count = int(summary.get("writes_database_count") or 0)
signs_database_apply_authorization_count = int(
summary.get("signs_database_apply_authorization_count") or 0
)
primary_human_gate_count = int(summary.get(PRIMARY_HUMAN_GATE_COUNT_KEY) or 0)
manual_review_required_count = int(summary.get(LEGACY_REVIEW_REQUIRED_COUNT_KEY) or 0)
side_effect_count = (
reads_secret_count
+ executes_script_count
+ executes_sql_count
+ writes_database_count
+ signs_database_apply_authorization_count
)
risk_detected = any(
[
side_effect_count,
primary_human_gate_count,
manual_review_required_count,
safety.get("reads_secret_in_preview") is not False,
safety.get("executes_script") is not False,
safety.get("executes_endpoint") is not False,
safety.get("executes_migration") is not False,
safety.get("executes_sql") is not False,
safety.get("writes_database") is not False,
safety.get("signs_database_apply_authorization") is not False,
issuer_closeout.get("ready_for_database_apply_now") is not False,
issuer_closeout.get("issues_database_apply_authorization") is not False,
issuer_closeout.get("signs_database_apply_authorization") is not False,
package.get("ready_for_database_apply_now") is not False,
package.get("issues_database_apply_authorization") is not False,
package.get("signs_database_apply_authorization") is not False,
package.get("secret_material_included") is not False,
package.get("secret_material_required_in_preview") is not False,
package.get("reads_secret_in_preview") is not False,
package.get("executes_sql_in_preview") is not False,
package.get("writes_database_in_preview") is not False,
contract.get("issues_database_apply_authorization") is not False,
contract.get("ready_for_database_apply_now") is not False,
contract.get("signs_database_apply_authorization") is not False,
contract.get("writes_database") is not False,
contract.get("secret_material_required_in_preview") is not False,
]
)
closeout_contract_present = (
closeout_ready_count == 1
and guard_ready_count == 1
and check_count >= 12
and pass_count == check_count
and waiting_count == 0
and guard_check_count == 12
and input_requirement_count == 10
and rejection_reason_count == 11
and required_evidence_count == 9
and nonsecret_claim_count == 8
and verifier_required_count == 1
and same_run_truth_count == 1
and issuer_closeout.get("ready_for_future_signing_issuer_closeout") is True
and (
issuer_closeout.get("can_enter_future_final_signable_request_package_lane")
is True
)
and package.get("authorization_material_type") == "final_signable_request_package"
and package.get("ready_for_future_final_signable_request_package") is True
and package.get("hash_matches") is True
and package.get("requires_post_apply_verifier") is True
and package.get("requires_fresh_production_truth_in_same_run") is True
and contract.get("machine_verifiable") is True
and contract.get("permits_future_final_signable_request_package_lane") is True
and safety.get("manual_review_mode") == "exception_only"
)
if risk_detected:
status = "critical"
summary_text = (
"PChome auto-policy signing issuer closeout 偵測到 secret、SQL、DB write、"
"簽發授權或人工主 gate 風險"
)
next_machine_action = (
"halt_pchome_auto_policy_signing_issuer_closeout_and_inspect_risk"
)
elif closeout_contract_present:
status = "ok"
summary_text = (
"PChome auto-policy signing issuer closeout 已自動完成 "
f"{pass_count}/{check_count} checksfinal signable package 已綁定authorization signing=0"
)
next_machine_action = "continue_to_pchome_auto_policy_signing_execution_preflight_lane"
else:
status = "warning"
summary_text = "PChome auto-policy signing issuer closeout 尚未達自動監控契約"
next_machine_action = "refresh_pchome_auto_policy_signing_issuer_closeout"
return _check(
"PChome auto-policy signing issuer closeout",
status,
summary_text,
{
"policy": closeout.get("policy"),
"result": result,
"source_policy": closeout.get("source_policy"),
"signing_issuer_closeout_ready_count": closeout_ready_count,
"signing_issuer_closeout_check_count": check_count,
"signing_issuer_closeout_pass_count": pass_count,
"signing_issuer_closeout_waiting_count": waiting_count,
"signing_issuer_guard_ready_count": guard_ready_count,
"signing_issuer_guard_check_count": guard_check_count,
"signing_decision_input_requirement_count": input_requirement_count,
"signing_decision_rejection_reason_count": rejection_reason_count,
"required_issuer_evidence_count": required_evidence_count,
"nonsecret_authorization_claim_count": nonsecret_claim_count,
"post_apply_verifier_required_count": verifier_required_count,
"same_run_truth_required_count": same_run_truth_count,
"reads_secret_count": reads_secret_count,
"executes_script_count": executes_script_count,
"executes_sql_count": executes_sql_count,
"writes_database_count": writes_database_count,
"signs_database_apply_authorization_count": (
signs_database_apply_authorization_count
),
"primary_human_gate_count": primary_human_gate_count,
"manual_review_required_count": manual_review_required_count,
"manual_review_mode": safety.get("manual_review_mode"),
"payload_source": "local_contract_fixture",
"machine_fetch_evidence_source": "local_schema_fixture",
"http_get_adapter": "_pchome_auto_policy_machine_fetch_evidence_get",
"execute_fetch": True,
"outbound_network": False,
"business_data_source": False,
"ready_for_database_apply_now": bool(
issuer_closeout.get("ready_for_database_apply_now")
or package.get("ready_for_database_apply_now")
or contract.get("ready_for_database_apply_now")
),
"issues_database_apply_authorization": bool(
issuer_closeout.get("issues_database_apply_authorization")
or package.get("issues_database_apply_authorization")
or contract.get("issues_database_apply_authorization")
),
"signs_database_apply_authorization": bool(
issuer_closeout.get("signs_database_apply_authorization")
or package.get("signs_database_apply_authorization")
or contract.get("signs_database_apply_authorization")
),
"secret_material_included": bool(package.get("secret_material_included")),
"secret_material_required_in_preview": bool(
package.get("secret_material_required_in_preview")
or contract.get("secret_material_required_in_preview")
),
"ready_for_future_final_signable_request_package": bool(
package.get("ready_for_future_final_signable_request_package")
),
"permits_future_final_signable_request_package_lane": bool(
contract.get("permits_future_final_signable_request_package_lane")
),
"requires_post_apply_verifier": bool(
package.get("requires_post_apply_verifier")
),
"requires_fresh_production_truth": bool(
package.get("requires_fresh_production_truth_in_same_run")
),
"writes_database": False,
"next_machine_action": next_machine_action,
},
)
except Exception as exc:
return _check(
"PChome auto-policy signing issuer closeout",
"warning",
f"PChome auto-policy signing issuer closeout 例行監控暫時無法讀取:{exc}",
{
"writes_database": False,
"writes_database_count": 0,
"signs_database_apply_authorization_count": 0,
"primary_human_gate_count": 0,
"execute_fetch": True,
"outbound_network": False,
"business_data_source": False,
"payload_source": "local_contract_fixture",
"next_machine_action": "refresh_pchome_auto_policy_signing_issuer_closeout",
},
)
def _ai_surface_html_readback_check() -> Dict[str, Any]:
"""Read-only AI product surface guardrail readback."""
try:
@@ -3282,6 +3706,7 @@ def collect_ai_automation_smoke(*, record_history: bool = True, history_limit: i
_pchome_auto_policy_signing_decision_preflight_check(),
_pchome_auto_policy_signing_decision_closeout_check(),
_pchome_auto_policy_signing_issuer_guard_check(),
_pchome_auto_policy_signing_issuer_closeout_check(),
_ai_surface_html_readback_check(),
_sitewide_ui_ux_agent_check(),
_sitewide_visual_qa_check(),