docs(awooop): record t4 drift fingerprint deployment
This commit is contained in:
Your Name
@@ -1,3 +1,65 @@
|
||||
## 2026-05-13 | T4 Config Drift fingerprint repeat-state 已推版
|
||||
|
||||
**背景**:Config Drift Telegram 卡片只顯示單次 `report_id` 與 HIGH/MEDIUM/INFO 計數,Operator 無法判斷是否同一漂移一直重複、已跑到哪個流程階段、是否需要人工。舊 truth-chain repeat 只用 namespace/status/counts 分組,會把「剛好同計數但 items 不同」誤認為同一漂移。
|
||||
|
||||
**修正**:
|
||||
- 新增 `drift_repeat_state.py`:
|
||||
- 以 namespace + sorted drift items 建立 stable fingerprint。
|
||||
- fingerprint 只看 drift 的實際 identity,不看 report_id / 掃描時間。
|
||||
- repeat-state schema:`drift_repeat_state_v1`。
|
||||
- `awooop_truth_chain_service`:
|
||||
- drift report 查詢納入 `items`。
|
||||
- repeat-state 改用 stable fingerprint,比對 24h 內候選並回傳 12h repeat window。
|
||||
- 回傳 `fingerprint`、`matching_strategy=namespace_and_stable_items_v1`、`operator_stage`、matching reports。
|
||||
- `drift_narrator_service`:
|
||||
- Telegram drift card body 會追加:
|
||||
- `流程: drift_scanned → ai_analyzed → pending_human`
|
||||
- `重複: 12h 內第 N 次同指紋`
|
||||
- `指紋: dfp_xxxxx`
|
||||
- 這仍只揭露真相鏈狀態,不自動採納 / 回滾 / 忽略。
|
||||
|
||||
**驗證與推版**:
|
||||
- Local:
|
||||
- `py_compile`:pass。
|
||||
- `ruff --select F,E9`:pass。
|
||||
- `pytest tests/test_awooop_truth_chain_service.py tests/test_phase25_drift_detection.py tests/test_drift_interpreter_ollama_first.py tests/test_platform_router_order.py tests/test_awooop_operator_auth.py -q`:37 passed。
|
||||
- `git diff --check`:pass。
|
||||
- Gitea:
|
||||
- `5b348774 feat(awooop): expose drift repeat fingerprint` 已推 `gitea main`。
|
||||
- Code Review run `1938`:success。
|
||||
- CD run `1937`:success。
|
||||
- Deploy marker:`3d38039b chore(cd): deploy 5b34877 [skip ci]`。
|
||||
- Production:
|
||||
- API/Web/Worker image 均為 `5b34877429c16c42f0f894eb4d7f0484711fde9b`。
|
||||
- K3s rollout status:API/Web/Worker success。
|
||||
- `/api/v1/health`:healthy,mock_mode=false。
|
||||
- Truth-chain smoke `7f858956`:
|
||||
- `source_type=drift_report`
|
||||
- `current_stage=dedup_or_repeat_updated`
|
||||
- `stage_status=pending`
|
||||
- `needs_human=true`
|
||||
- `repeat_schema=drift_repeat_state_v1`
|
||||
- `fingerprint=dfp_02dc625b64784b24`
|
||||
- `matching_strategy=namespace_and_stable_items_v1`
|
||||
- `operator_stage=pending_human`
|
||||
- `repeat_12h=2`
|
||||
- `outbound_visible=2`
|
||||
- Production narrator render smoke:
|
||||
- `流程: drift_scanned → ai_analyzed → pending_human | 重複: 12h 內第 2 次同指紋 | 指紋: dfp_smoke1234`
|
||||
|
||||
**重要校正**:
|
||||
- 舊 count-based repeat 會把 `7f858956` 算成 12 次。
|
||||
- 新 stable fingerprint 顯示同一 items fingerprint 12h 內是 2 次;這代表之前的 12 次是「同計數重複候選」,不是已證明同一漂移。
|
||||
|
||||
**整體進度**:
|
||||
- Wave 0:MOMO PostgreSQL backup → AwoooP 失敗通知接線完成並已推版。
|
||||
- T0:Truth-chain read-only API 完成、部署、production smoke 完成。
|
||||
- T1:Channel Event hardening 完成、部署、production smoke 完成。
|
||||
- T2:legacy MCP audit bridge / backfill / truth-chain visibility 完成、部署、production smoke 完成;first-class Gateway enforced path 仍待後續 wave。
|
||||
- T3:Ansible audit contract + decision candidate dry-run audit 完成、部署、production smoke 完成。
|
||||
- T4:Config Drift stable fingerprint / repeat-state / Telegram stage visibility 完成、部署、production smoke 完成。
|
||||
- 仍未完成:T5 incident / approval / execution reconciliation、Ansible 真正 check-mode executor / diff / apply / rollback、first-class MCP Gateway enforcement。
|
||||
|
||||
## 2026-05-13 | T3 Ansible decision candidate audit 已推版
|
||||
|
||||
**背景**:T3 第一段只讓 truth-chain 看得到 Ansible audit contract 與 repo playbook catalog;但 AI decision path 還不會留下「曾考慮 Ansible、但尚未進 check-mode/apply」的 first-class record。這會讓 Telegram / Operator Console 仍看不出 Ansible 是否真的被 AI 修復鏈評估過。
|
||||
|
||||
@@ -1945,6 +1945,19 @@ Phase 6 完成後
|
||||
- `7f858956` → `dedup_or_repeat_updated/pending`,`repeat_12h=12`,`outbound_visible=2`。
|
||||
- 邊界:仍未執行 Ansible check-mode / apply / rollback;T3 目前完成的是 first-class candidate audit,而不是修復執行器。
|
||||
|
||||
**T4 Config Drift fingerprint repeat-state production verified(2026-05-13 台北)**:
|
||||
- `5b348774 feat(awooop): expose drift repeat fingerprint` 已推 Gitea main,Code Review run `1938` success,CD run `1937` success。
|
||||
- Deploy marker:`3d38039b chore(cd): deploy 5b34877 [skip ci]`。
|
||||
- 新增 `drift_repeat_state_v1`:以 namespace + sorted drift items 建 stable fingerprint,不再只靠 HIGH/MEDIUM/INFO counts。
|
||||
- Truth-chain drift repeat-state 現在回傳 `fingerprint`、`matching_strategy=namespace_and_stable_items_v1`、`operator_stage`、matching reports。
|
||||
- Telegram drift narrator 會在 card body 補:
|
||||
- `流程: drift_scanned → ai_analyzed → pending_human`
|
||||
- `重複: 12h 內第 N 次同指紋`
|
||||
- `指紋: dfp_xxxxx`
|
||||
- Production `7f858956` smoke:`repeat_schema=drift_repeat_state_v1`、`fingerprint=dfp_02dc625b64784b24`、`operator_stage=pending_human`、`repeat_12h=2`、`outbound_visible=2`。
|
||||
- 重要校正:舊 count-based repeat 看到 12 次,新 stable item fingerprint 證實同一漂移 fingerprint 只有 2 次;12 次只能稱為同計數候選,不能稱為同一漂移。
|
||||
- 邊界:T4 只補可觀測與重複判定,不做 auto-adopt / rollback / ignore。
|
||||
|
||||
---
|
||||
|
||||
### 2026-04-20 晚 (台北) — C1-C4 全流程串接 — Playbook 鏈路保護(commit de2d34d)
|
||||
|
||||
Reference in New Issue
Block a user