wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 2 Packages Projects Releases Wiki Activity

fix(web): 修正 P2-403G 治理頁欄位對齊
Some checks failed
CD Pipeline / tests (push) Successful in 1m27s
Details
Code Review / ai-code-review (push) Successful in 15s
Details
CD Pipeline / post-deploy-checks (push) Has been cancelled
Details
CD Pipeline / build-and-deploy (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Your Name
2026-06-12 01:09:47 +08:00
parent 6ff0c2e526
commit 32fdce4cd9
5 changed files with 63 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
apps/web/messages/en.json
View File

@@ -3228,6 +3228,16 @@
"L1_report_only": "L1 僅報告",
"L2_approval_package_only": "L2 僅批准包",
"L3_draft_change_after_gate": "L3 批准後草案"
},
"approvalGates": {
"read_only_allowed": "只讀允許",
"km_write_owner_review_required": "KM 寫入需 owner 審查",
"secret_value_handling_forbidden": "機密值處理禁止",
"owner_review_required": "需 owner 審查",
"runtime_worker_gate_required": "需 runtime worker 關卡",
"db_migration_required": "需 DB migration 關卡",
"replay_shadow_canary_gate_required": "需 replay / shadow / canary 關卡",
"cost_data_approval_required": "需費用與資料邊界批准"
}
},
"hostStateful": {
@@ -3847,7 +3857,8 @@
},
"labels": {
"requiredFields": "必填欄位 {count}",
"forbiddenFields": "禁止欄位 {count}"
"forbiddenFields": "禁止欄位 {count}",
"reviewOnly": "只讀審查"
}
},
"ownerDryRunPackage": {

13
apps/web/messages/zh-TW.json
View File

@@ -3228,6 +3228,16 @@
"L1_report_only": "L1 僅報告",
"L2_approval_package_only": "L2 僅批准包",
"L3_draft_change_after_gate": "L3 批准後草案"
},
"approvalGates": {
"read_only_allowed": "只讀允許",
"km_write_owner_review_required": "KM 寫入需 owner 審查",
"secret_value_handling_forbidden": "機密值處理禁止",
"owner_review_required": "需 owner 審查",
"runtime_worker_gate_required": "需 runtime worker 關卡",
"db_migration_required": "需 DB migration 關卡",
"replay_shadow_canary_gate_required": "需 replay / shadow / canary 關卡",
"cost_data_approval_required": "需費用與資料邊界批准"
}
},
"hostStateful": {
@@ -3847,7 +3857,8 @@
},
"labels": {
"requiredFields": "必填欄位 {count}",
"forbiddenFields": "禁止欄位 {count}"
"forbiddenFields": "禁止欄位 {count}",
"reviewOnly": "只讀審查"
}
},
"ownerDryRunPackage": {

16
apps/web/src/app/[locale]/governance/tabs/automation-inventory-tab.tsx
View File

@@ -1249,6 +1249,14 @@ export function AutomationInventoryTab() {
}
}
const proactiveApprovalGateLabel = (value: string) => {
try {
return t(`proactiveOperations.approvalGates.${value}` as never)
} catch {
return value
}
}
const proofValueLabel = (group: string, value: string) => {
try {
return t(`interactionProof.${group}.${value}` as never)
@@ -1666,7 +1674,7 @@ export function AutomationInventoryTab() {
<div style={{ display: 'flex', flexWrap: 'wrap', gap: 6 }}>
<Chip value={t('runtimeWriteGateReview.labels.requiredFields', { count: runtimeWriteGateReview.rollups.required_field_count })} />
<Chip value={t('runtimeWriteGateReview.labels.forbiddenFields', { count: runtimeWriteGateReview.rollups.forbidden_field_count })} muted />
<Chip value={redisDryRunValueLabel('agents', runtimeWriteGateReview.write_gate_review.owner_agent)} muted />
<Chip value={t('runtimeWriteGateReview.labels.reviewOnly')} muted />
</div>
</div>
@@ -1708,11 +1716,11 @@ export function AutomationInventoryTab() {
{target.display_name}
</span>
<span style={{ fontFamily: "'DM Mono', monospace", fontSize: 10, color: '#87867f', lineHeight: 1.45, overflowWrap: 'anywhere' }}>
{target.operator_instruction}
{target.required_before_write}
</span>
<div style={{ display: 'flex', flexWrap: 'wrap', gap: 6 }}>
<Chip value={redisDryRunValueLabel('agents', target.owner_agent)} muted />
<Chip value={target.blocked_runtime_action} muted />
<Chip value={target.blocked_write_action} muted />
</div>
</div>
))}
@@ -2583,7 +2591,7 @@ export function AutomationInventoryTab() {
<div style={{ display: 'flex', flexWrap: 'wrap', gap: 6, minWidth: 0 }}>
<Chip value={`${t('proactiveOperations.labels.owner')}: ${proactiveValueLabel('agents', capability.primary_owner)}`} />
<Chip value={`${t('proactiveOperations.labels.level')}: ${proactiveValueLabel('autonomyLevels', capability.automation_level)}`} muted />
<Chip value={`${t('proactiveOperations.labels.gate')}: ${capability.approval_gate}`} muted={capability.approval_gate === 'read_only_allowed'} />
<Chip value={`${t('proactiveOperations.labels.gate')}: ${proactiveApprovalGateLabel(capability.approval_gate)}`} muted={capability.approval_gate === 'read_only_allowed'} />
<Chip value={`${t('proactiveOperations.labels.outputs')}: ${capability.outputs.length}`} muted />
</div>
<SmallLabel>{t('proactiveOperations.labels.telegram')}</SmallLabel>

12
apps/web/src/lib/api-client.ts
View File

@@ -1630,10 +1630,6 @@ export interface AiAgentRuntimeWriteGateReviewSnapshot {
truth_note: string
}
write_gate_review: {
review_id: string
display_name: string
owner_agent: 'openclaw' | 'hermes' | 'nemotron'
status: string
operator_meaning: string
required_fields: string[]
forbidden_fields: string[]
@@ -1641,12 +1637,10 @@ export interface AiAgentRuntimeWriteGateReviewSnapshot {
write_targets: Array<{
target_id: string
display_name: string
target_surface: string
status: string
owner_agent: 'openclaw' | 'hermes' | 'nemotron'
required_approval: string
blocked_runtime_action: string
operator_instruction: string
required_before_write: string
blocked_write_action: string
}>
approval_gates: Array<{
gate_id: string
@@ -1654,13 +1648,11 @@ export interface AiAgentRuntimeWriteGateReviewSnapshot {
status: string
required_evidence: string
blocked_runtime_action: string
operator_instruction: string
}>
post_write_verification: {
verification_required: true
rollback_required: true
verification_steps: string[]
failure_escalation: string
}
approval_boundaries: Record<string, false>
display_redaction_contract: {

25
docs/LOGBOOK.md
View File

@@ -1,3 +1,28 @@
## 2026-06-12P2-403G Governance UI 欄位對齊與紅線顯示修補
**背景**P2-403G Runtime Write Gate Review 已正式部署後,正式治理頁 live DOM 檢查發現 `write_gate_review.owner_agent` 與 snapshot 實際 schema 不一致,導致前端 i18n 產生 `agents.undefined` console error同時 P2-402 主動營運能力卡仍直接顯示 `secret_value_handling_forbidden` 原始 gate id。這兩者都不影響 runtime gate 真相,但治理頁應顯示可讀狀態與安全標籤,不應讓 operator 看到 undefined 或看似內部欄位名的 raw id。
**完成**
- `AiAgentRuntimeWriteGateReviewSnapshot` 前端型別已對齊 committed snapshot`write_gate_review` 不再宣告不存在的 `owner_agent` / `review_id` / `display_name` / `status``write_targets` 改用實際欄位 `required_before_write``blocked_write_action`
- Governance automation inventory 的 P2-403G review chip 改為 `只讀審查`,不再讀不存在的 agent 欄位。
- P2-403G write target 內容改顯示 `required_before_write``blocked_write_action`,避免空白 / undefined。
- P2-402 proactive approval gate 顯示改走 i18n label`secret_value_handling_forbidden` 顯示為 `機密值處理禁止`
- `zh-TW.json` / `en.json` 維持繁中鏡像,同步新增 proactive approval gate 與 runtime write gate review label。
**本地驗證**
- `python3 -m json.tool apps/web/messages/zh-TW.json` / `apps/web/messages/en.json`:通過。
- zh-TW / en message mirror`True`
- 靜態 grep`write_gate_review.owner_agent``target.operator_instruction``target.blocked_runtime_action``agents.undefined` 命中 `0`
- `pnpm --filter @awoooi/web typecheck`:通過。
- `NEXT_PUBLIC_API_URL=https://awoooi.wooo.work NEXT_PRIVATE_BUILD_WORKER_COUNT=1 SENTRY_SUPPRESS_GLOBAL_ERROR_HANDLER_FILE_WARNING=1 pnpm --filter @awoooi/web build`:通過;`92/92` static pages`/zh-TW/governance` First Load JS `397 kB`
- 本機 `next start` 可載入治理 route但 local origin 對正式 API / SSE 仍停在 `無法載入自動化盤點快照`;正式 DOM 驗證需 deploy 後以 `https://awoooi.wooo.work` 重跑。
**正式站驗證**:待 code commit 觸發 Gitea CD 後補。
**邊界**:本段未寫 KM、未更新 PlayBook trust、未寫 timeline learning、未寫 replay score、未發 Telegram、未寫 Gateway queue、未啟動 runtime worker、未讀 secret value、未 SSH、未 kubectl、未 active scan、未新增任何前端執行按鈕。
## 2026-06-12IwoooS P1-4 Monitoring / alerting / observability repo-only 清冊
**背景**統帥要求所有重要配置都要被資安控管Prometheus / Alertmanager / Grafana / SigNoz / Sentry / Langfuse / OTEL / Telegram notification route 會直接影響即時資安事件是否能被發現、路由、降噪與送達。本段延續「先建立框架、只讀證據、低摩擦流程,再階段性收攏」原則,只做 repo-only 清冊,不碰 live monitoring stack、不 reload、不發 Telegram、不建立 silence。