docs(logbook): record p2-409 controlled apply rollout [skip ci]
This commit is contained in:
Your Name
@@ -118,6 +118,52 @@
|
||||
- 真正 AI 自動化 runtime 閉環:仍需新 incident / 重診驗證 controlled apply worker、post-apply verifier、KM / PlayBook trust writeback。
|
||||
- 本段沒有開啟 runtime gate、沒有執行 Ansible apply、沒有 SSH、沒有 service restart、沒有 Telegram live send、沒有 secret read、沒有 provider switch。
|
||||
|
||||
## 2026-06-26|D1G P2-409:高風險 Owner Review Queue 退役為受控執行 / Break-glass 佇列
|
||||
|
||||
**背景**:D1F 已把 low / medium / high 的 active report / runtime readiness 契約改成受控自動化,但舊 P2-409 仍以 `high-risk owner review queue` 命名並回傳 `pause_to_owner_review_queue`、`all_high_risk_actions_paused=true`、`high_risk_owner_review_required=true`。這會讓治理頁與 API 讀回跟使用者最新指令衝突。
|
||||
|
||||
**完成內容**:
|
||||
- P2-409 committed snapshot / Schema / service / API 測試 / 前端型別 / 治理頁文案同步改成 `controlled apply / critical break-glass`。
|
||||
- high 風險項目改為 `controlled_apply_packet_ready`,`owner_response_required=false`。
|
||||
- critical 項目改為 `critical_break_glass_required`,`owner_response_required=true`。
|
||||
- routing policy 改為 `high_risk_default_route=controlled_apply_queue`、`critical_risk_default_route=critical_break_glass_queue`、`owner_response_required=false`。
|
||||
- rollups 新增 `controlled_apply_queue_count`、`critical_break_glass_queue_count`、`owner_response_required_count`、`high_risk_owner_review_required_count`。
|
||||
- 前端 `/zh-TW/governance?tab=automation-inventory` 的 P2-409 卡片文案改為「高風險受控執行 / Break-glass 佇列」,不再把 high 風險顯示為全停人工。
|
||||
|
||||
**Commit / deploy**:
|
||||
- Code commit:`b7045a412 fix(agents): route p2-409 through controlled apply`。
|
||||
- Deploy marker:`bfecd87c0 chore(cd): deploy b7045a4 [skip ci]`。
|
||||
- 最新主線 CD run:`5816`,`tests` / `build-and-deploy` / `post-deploy-checks` 全部 `success`;該 run 部署最新 main `10a925bab`,且包含 `b7045a412`。
|
||||
|
||||
**正式 API 讀回**:
|
||||
- `/api/v1/health`:`status=healthy`、`environment=prod`、`mock_mode=false`。
|
||||
- `/api/v1/agents/agent-high-risk-owner-review-queue`:
|
||||
- `runtime_authority=controlled_apply_break_glass_queue_readback_no_live_execution`
|
||||
- `all_high_risk_actions_paused=false`
|
||||
- `high_risk_owner_review_required=false`
|
||||
- `high_risk_controlled_apply_enabled=true`
|
||||
- `critical_break_glass_required=true`
|
||||
- `high_risk_default_route=controlled_apply_queue`
|
||||
- `critical_risk_default_route=critical_break_glass_queue`
|
||||
- `controlled_apply_queue_count=5`
|
||||
- `critical_break_glass_queue_count=2`
|
||||
- `owner_response_required_count=2`
|
||||
- `high_risk_owner_review_required_count=0`
|
||||
- high 風險 items 的 `owner_response_required=[false]`;critical items 的 `owner_response_required=[true]`。
|
||||
- `/api/v1/agents/agent-report-runtime-readiness`:`medium_low_auto_worker_enabled=true`、`high_risk_auto_execution_enabled=true`、`current_enabled_count=3`、`approval_required_decision_ids=[]`。
|
||||
|
||||
**驗證**:
|
||||
- P2-409 Schema validation:通過。
|
||||
- P2-409 API/service tests:`15 passed`。
|
||||
- P2-409 + P2-410 + P2-411 regression:`37 passed`。
|
||||
- controlled autonomy regression:`43 passed`。
|
||||
- `pnpm --filter @awoooi/web typecheck`:通過。
|
||||
- i18n mirror / JSON parse / redaction scan / `git diff --check`:通過。
|
||||
|
||||
**邊界**:
|
||||
- P2-409 仍是 readback / queue / packet 契約,不是 executor 本體;正式 live execution、Telegram live send、Gateway queue write、secret read、paid API、provider switch、force-push、destructive operation 仍由獨立 executor / break-glass gate 控制。
|
||||
- 這次已消除 active P2-409 的「high 風險全停人工」語意;接續工作要把 executor handoff、Ansible / PlayBook apply、post-action verifier、KM / PlayBook trust 回寫接成真實閉環。
|
||||
|
||||
## 2026-06-26|D1F AI Agent 受控自動化契約:低 / 中 / 高風險不再停在人工審核
|
||||
|
||||
**背景**:使用者明確修正方向:低、中、高風險都必須由 AI Agent 走受控自動化處理,高風險不再預設等待人工審核;只有 critical / secret / destructive / paid / force-push 等 break-glass 邊界需保留。盤點後確認部分報表、Schema、API 型別與 AI 技術雷達日週月報仍殘留 `high risk owner review`、`current_execution_enabled=false` 或「高風險必須人工」語意。
|
||||
|
||||
Reference in New Issue
Block a user