feat(iwooos): 強化主機服務事故回補 gate
This commit is contained in:
@@ -156,8 +156,8 @@ CONTROL_STATUS_BY_CATEGORY = {
|
||||
"next_owner_action": "補 Prometheus / Alertmanager / Grafana / SigNoz / Sentry / Langfuse / Telegram owner、live drift evidence、reload window、receiver owner、route smoke plan、noise budget、rollback owner 與 no-secret-value evidence。",
|
||||
},
|
||||
"docker_compose_systemd_host_config": {
|
||||
"coverage_status": "owner_response_acceptance_ledger_ready_needs_live_owner_evidence",
|
||||
"coverage_percent": 54,
|
||||
"coverage_status": "incident_recovery_backfill_ready_needs_live_owner_evidence",
|
||||
"coverage_percent": 58,
|
||||
"evidence_refs": [
|
||||
"docs/security/IWOOOS-CONFIG-CONTROL-INVENTORY.md",
|
||||
"docs/security/HOST-SERVICE-CONFIG-INVENTORY.md",
|
||||
@@ -168,8 +168,8 @@ CONTROL_STATUS_BY_CATEGORY = {
|
||||
"docs/security/host-service-owner-response-acceptance.snapshot.json",
|
||||
"docs/security/DEV-HOSTS-112-111-168-OBSERVE-ONLY-MAPPING.md",
|
||||
],
|
||||
"current_gap": "已固定 9 份 Docker / systemd / host service owner response acceptance candidate;仍缺 owner response、110 / 188 live hash、maintenance / restart window、rollback owner、post-check plan、disable switch 與 no-secret-value evidence。",
|
||||
"next_owner_action": "補 owner-provided live hash / disposition、compose / systemd owner、maintenance / restart window、rollback owner、post-check plan 與 disable switch。",
|
||||
"current_gap": "已固定 9 份 Docker / systemd / host service owner response acceptance candidate,並加入事故恢復、依賴圖、port binding、cold-start sequence、source-of-truth 與 daemon / runner 競爭回補欄位;仍缺 owner response、110 / 188 live hash、maintenance / restart window、rollback owner、post-check plan、disable switch 與 no-secret-value evidence。",
|
||||
"next_owner_action": "補 owner-provided live hash / disposition、compose / systemd owner、maintenance / restart window、rollback owner、post-check plan、disable switch、source-of-truth、服務依賴圖、port binding、cold-start sequence、incident recovery evidence 與 daemon / runner contention review。",
|
||||
},
|
||||
"ssh_firewall_network_access": {
|
||||
"coverage_status": "incident_change_evidence_acceptance_ready_needs_network_owner_evidence",
|
||||
@@ -384,6 +384,7 @@ def build_report(root: Path, generated_at: str | None) -> dict[str, Any]:
|
||||
"policy_ready_needs_drift_evidence",
|
||||
"inventory_needed",
|
||||
"repo_only_inventory_ready_needs_live_owner_evidence",
|
||||
"incident_recovery_backfill_ready_needs_live_owner_evidence",
|
||||
"policy_ready_needs_network_matrix",
|
||||
"policy_ready_needs_dry_run_pack",
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user