wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 4 Packages Projects Releases Wiki Activity

fix(asset_scanner+coverage): host_service→monitoring_target (CHECK violation 修) + log 補 4 維
All checks were successful
CD Pipeline / build-and-deploy (push) Successful in 12m59s
Details

Browse Source 
2 個 bug 修復 + 實證驗證:

1. asset_scanner: host_service 不在 asset_inventory CHECK 允許列表
  ceb61c3 部署後 Pod log: CheckViolationError 'asset_inventory_type_valid'
  詳: '192.168.0.125:32334' 寫入時 asset_type='host_service' 被拒
  allowed list: host/container/k8s_workload/k8s_resource/database/...
               monitoring_target/third_party_service/... (27 種)
  修: host_service → monitoring_target (ADR-090 schema 原為 scrape target 預留)

2. coverage_evaluator logger: 只 log 原 3 維 (monitoring/alerting/km)
  導致誤以為 c1f23cf 4 維新 code 沒生效 (實際 DB 已有 auto_playbook/
  remediation/rule_matching/rule_creation 資料)
  修: logger.info 補 playbook/remediation/rule_matching/rule_creation 4 個 kwarg

實證 coverage 7 維 DB 分佈 (已生效):
  auto_alerting:    22 green / 78 red / 52 unknown
  auto_km_creation:  5 green / 17 yellow / 130 unknown
  auto_monitoring:   1 green / 1 red / 150 unknown
  auto_playbook:     3 green / 19 yellow / 130 unknown  ← 新維度
  auto_remediation:  0 / 0 / 98 red / 54 unknown        ← 新維度
  auto_rule_creation: 0 / 0 / 100 red / 52 unknown       ← 新維度
  auto_rule_matching: 4 green / 96 yellow / 52 unknown   ← 新維度

治理洞察:
  98 red remediation = 大部分 asset 過去 30d 沒修復行動 (修復能力缺口)
  100 red rule_creation = 無 AI rule (全 yaml_hardcoded)
  96 yellow rule_matching = 過去 30d 沒告警觸發 (可能沒問題/沒覆蓋)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
OG T
2026-04-19 20:27:28 +08:00
parent 638053346b
commit 7db8845cbb
2 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
apps/api/src/jobs/asset_scanner_job.py
View File

@@ -548,11 +548,13 @@ async def _collect_prometheus_targets() -> tuple[list[dict[str, Any]], list[dict
})
continue
# IP 形式 target
# IP 形式 target — 用 'monitoring_target' (asset_inventory CHECK 允許列表)
# host_service 不在 ADR-090 asset_type CHECK 內,之前 1 筆 125:32334 scan 拋
# CheckViolationError (constraint asset_inventory_type_valid)
asset_key = f"prometheus_target/{job}/{instance}"
assets.append({
"asset_key": asset_key,
"asset_type": "host_service",
"asset_type": "monitoring_target",
"host": host_ip,
"namespace": None,
"name": f"{job}@{host_ip}",

4
apps/api/src/jobs/coverage_evaluator_job.py
View File

@@ -109,6 +109,10 @@ async def evaluate_once() -> dict[str, int]:
monitoring=stats["monitoring_updated"],
alerting=stats["alerting_updated"],
km=stats["km_updated"],
playbook=stats["playbook_updated"],
remediation=stats["remediation_updated"],
rule_matching=stats["rule_matching_updated"],
rule_creation=stats["rule_creation_updated"],
duration_ms=duration_ms,
)
return stats