From 81f763bebd3a4c4e7208970375df2bf6bf0b3f95 Mon Sep 17 00:00:00 2001 From: Your Name Date: Fri, 26 Jun 2026 11:49:04 +0800 Subject: [PATCH] docs(logbook): record repair candidate promotion contract rollout [skip ci] --- docs/LOGBOOK.md | 32 +++++++++++++++++++ ...026-06-04-iwooos-security-governance-p0.md | 6 ++-- ...026-06-25-awoooi-product-uiux-inventory.md | 17 ++++++++++ 3 files changed, 52 insertions(+), 3 deletions(-) diff --git a/docs/LOGBOOK.md b/docs/LOGBOOK.md index ec42280a..c077817d 100644 --- a/docs/LOGBOOK.md +++ b/docs/LOGBOOK.md @@ -1,3 +1,35 @@ +## 2026-06-26|AwoooP 修復候選升級合約正式上線:把草案轉成可追蹤 Gate,不再只剩人工長文 + +**背景**:使用者指出 `node-exporter-110` / `node-exporter-188` 類 Telegram 告警即使已顯示 `DRAFT_READY - REPAIR_CANDIDATE_OWNER_REVIEW_REQUIRED`,仍像把最後責任丟回人工;卡片有 PlayBook 草案與 Work Item,但缺少「這份草案要怎麼升級成可放行候選」的機器可讀欄位。本段把 draft-ready path 補成 `repair_candidate_promotion_contract_v1`,讓 AwoooP / Telegram 能直接顯示 ready / blocked 計數、候選路由、修復模板、rollback、verifier 與仍缺的 owner / window / blast radius / KM / trust 欄位。 + +**完成**: +- `RepairCandidateService` 在 blocked / draft-ready 結果中新增 `candidate_promotion_contract`,並同步寫入 metadata `repair_candidate_promotion_contract` 與 `repair_candidate_promotion_summary`。 +- 合約 schema:`repair_candidate_promotion_contract_v1`;host service 類草案可顯示 `route=host_service_route_after_owner_review`、`repair_command_template=systemctl restart node-exporter-*`、`ready_count=6`、`total_count=11`、`blocked_count=5`。 +- `awooop_repair_candidate_draft_work_item_v1` 同步帶入同一份 `candidate_promotion_contract`,讓 Work Item 不只列草案欄位,而能被後續 owner release / apply gate 流程追蹤。 +- Telegram 卡片 `Owner review 處置包` 新增 `候選升級合約` 行;批准 no-action / draft-ready callback 的 API 回傳也新增 `repair_candidate_promotion_summary` 與完整 `repair_candidate_promotion_contract`。 +- runtime 邊界仍 fail-closed:`runtime_write_allowed=false`、`runtime_execution_authorized=false`、`approval_required_before_execution=true`,並明列 `auto_execute`、`systemctl_restart`、`ssh_write`、`ansible_apply`、`telegram_success_message`、`km_writeback`、`playbook_trust_writeback` 在 promotion 前禁止。 + +**Commit / Deploy**: +- Code commit:`06dd4d0f feat(awooop): expose repair candidate promotion contract`。 +- Deploy marker:`6be83053 chore(cd): deploy 06dd4d0 [skip ci]`。 +- Gitea Actions:`code-review.yaml #3448` 成功;`cd.yaml #3447` 成功。 + +**驗證**: +- 本地目標測試:`DATABASE_URL=sqlite:////tmp/awoooi-repair-promotion-contract-test.db PYTHONPATH=apps/api /Users/ogt/.pyenv/shims/python3.11 -m pytest apps/api/tests/test_repair_candidate_service.py apps/api/tests/test_telegram_ai_automation_block.py apps/api/tests/test_telegram_webhook_execution_handoff.py -q`:`21 passed`。 +- `python3 -m py_compile apps/api/src/services/repair_candidate_service.py apps/api/src/api/v1/webhooks.py apps/api/src/api/v1/telegram.py apps/api/src/services/telegram_gateway.py`:通過。 +- `git diff --check`:通過。 +- `source-control-owner-response-guard.py`、`security-mirror-progress-guard.py`、`doc-secrets-sanity-check.py docs .gitea`:通過。 +- Production health:`https://awoooi.wooo.work/api/v1/health` 回 `healthy / prod / mock_mode=false`,Ollama route order 仍為 `ollama_gcp_a -> ollama_gcp_b -> ollama_local`。 +- Production status-chain 讀回 `INC-20260626-F0C9A7` 與 `INC-20260625-977E5F` 仍維持既有 apply-gate / execution-release contract 語意;舊 incident metadata 不 retroactive 生成新 promotion contract,需等下一筆同類告警或重診重新跑候選生成才會看到 `repair_candidate_promotion_contract_v1`。 + +**完成度同步**: +- P0-9 MCP evidence -> PlayBook 修復候選:D10 `97% -> 98%`。這只代表 draft-ready path 已從「文字草案」升級成可機器追蹤的 promotion contract,不代表已自動修復成功。 +- Telegram 修復候選 operator handoff:`70% -> 78%`。 +- 真正 production autonomous repair verified success 仍不提高;目前仍需 owner release receipt、maintenance window、rollback owner、blast radius、post-apply verifier、KM writeback owner、PlayBook trust owner 與受控執行結果。 +- active runtime gate 仍為 `0`,runtime execution / Ansible apply / service restart / Telegram success send / KM writeback / PlayBook trust writeback 仍全部 `false / 0`。 + +**邊界**:本段只新增候選升級合約、Telegram 顯示與 callback 回傳;不 SSH、不重啟服務、不執行 Ansible apply、不發 Telegram 測試、不寫 KM、不改 PlayBook trust、不讀 secret、不開 runtime gate。 + ## 2026-06-26|AI Agent 自動化成熟度與接管缺口正式上線:從 Sensor 到 Learning 的 Gate 一眼可見 **背景**:使用者要求回答「AI Agent 到底自動化到什麼程度、是否達到業界主流、下一步能接管哪些專業工作」,且前端不得曝光 Codex 工作視窗原始對話。本段接在 `AI Agent 專業判斷矩陣` 後,把 OpenClaw、Hermes、NemoTron、Security / SRE 的自動化成熟度拆成 `Sensor -> Candidate -> Gate -> Verifier -> Learning`,讓目前能做、能準備、仍被阻擋的地方可被看見。 diff --git a/docs/workplans/2026-06-04-iwooos-security-governance-p0.md b/docs/workplans/2026-06-04-iwooos-security-governance-p0.md index ad8b6b8b..eaff4598 100644 --- a/docs/workplans/2026-06-04-iwooos-security-governance-p0.md +++ b/docs/workplans/2026-06-04-iwooos-security-governance-p0.md @@ -9,10 +9,10 @@ | 工作視窗 | IwoooS / AWOOOI 資安治理 P0 | | 本次乾淨 worktree | `/private/tmp/awoooi-owner-release-closure-20260626` | | 本次分支 | `codex/owner-release-closure-20260626`;推送時使用一般 push,不 force push | -| 最新觀察到的 `gitea/main` | `b1a15114 chore(cd): deploy b73ce07 [skip ci]`;本輪 AwoooP 告警自動化卡點總盤由 `94800473` 完成,並隨 final deploy marker `b1a15114` 完成 Work Items desktop / mobile readback;active runtime gate 仍為 `0` | +| 最新觀察到的 `gitea/main` | `6be83053 chore(cd): deploy 06dd4d0 [skip ci]`;本輪 AwoooP 修復候選升級合約由 `06dd4d0f` 完成,並隨 deploy marker `6be83053` 完成 production health / status-chain readback;active runtime gate 仍為 `0` | | 最新 P0 Telegram 告警 / 批准執行真相鏈基準 | code `32e4beca`、deploy marker `717b5870`、code-review `2658`、CD `2657`;no-action approval 不再觸發 executor,可執行修復 approval 會寫入 `auto_repair_executions`、KM 與 verifier | | 最新 P0 Telegram no-action 人工處置包基準 | code `cd928852`、deploy marker `9181cc0e`、code-review `2666`;正式部署 tree 已包含 no-action 人工處置包、`處置包 / 重診 / 歷史 / 靜默 / 真相鏈 / Runs` 鍵盤、production pod render / keyboard smoke | -| 最新 P0 MCP evidence / PlayBook 修復候選基準 | code `cc614023`、D1 blocker clarity `47d677ac`、D2 manual draft package `febe9ecf`、D3 draft work item `e8d5eafb`、D4 work item detail panel `e8a5bac5`、D5 coverage gap contract、D6 PostgreSQL 慢查詢分類 / database owner-review candidate、blocker normalization `4c85db18`、apply candidate 語意 `5ce6fc49` / `ef3ee4c4`、apply gate 閉環準備度 `d798d09e` / deploy marker `e0fbedfd`、Owner 放行閉環任務板 `c67dc92f` / deploy marker `7f204ca7`、受控執行前檢 `7c220fd0` / deploy marker `f068826f`、執行放行合約 `5055d6a4` / final deploy marker `5d41fe26`、告警自動化卡點總盤 `94800473` / final deploy marker `b1a15114`。正式站已確認可由 MCP evidence + approved PlayBook trust 產生 medium approval candidate;若只跑 Ansible check-mode,Work Items / Runs 會顯示 `3/8 ready` 閉環矩陣、5 個閉環任務、`2/7 ready` 受控執行前檢、`4/11 ready` 執行放行合約,以及 7 條告警自動化卡點 lane,並把缺失拆成證據、候選、PlayBook / Ansible、安全路由、執行放行、Verifier、KM / Trust 回寫;runtime gate 仍為 `0` | +| 最新 P0 MCP evidence / PlayBook 修復候選基準 | code `cc614023`、D1 blocker clarity `47d677ac`、D2 manual draft package `febe9ecf`、D3 draft work item `e8d5eafb`、D4 work item detail panel `e8a5bac5`、D5 coverage gap contract、D6 PostgreSQL 慢查詢分類 / database owner-review candidate、blocker normalization `4c85db18`、apply candidate 語意 `5ce6fc49` / `ef3ee4c4`、apply gate 閉環準備度 `d798d09e` / deploy marker `e0fbedfd`、Owner 放行閉環任務板 `c67dc92f` / deploy marker `7f204ca7`、受控執行前檢 `7c220fd0` / deploy marker `f068826f`、執行放行合約 `5055d6a4` / final deploy marker `5d41fe26`、告警自動化卡點總盤 `94800473` / final deploy marker `b1a15114`、修復候選升級合約 `06dd4d0f` / deploy marker `6be83053`。正式站已確認可由 MCP evidence + approved PlayBook trust 產生 medium approval candidate;若只跑 Ansible check-mode,Work Items / Runs 會顯示 `3/8 ready` 閉環矩陣、5 個閉環任務、`2/7 ready` 受控執行前檢、`4/11 ready` 執行放行合約,以及 7 條告警自動化卡點 lane;draft-ready path 會在下一次候選生成時帶出 `repair_candidate_promotion_contract_v1`、ready / total / blocked 計數、route、repair template、rollback 與 verifier;runtime gate 仍為 `0` | | 最新 P2-D0 繁中文案基準 | code `cd2275a2`、deploy marker `1920bd08`、code-review `2565`、CD `2564` | | 最新 P2-D1 本地掃描基準 | `VISIBLE_LITERAL_TARGET_SCAN_OK files=221`;全站 TS / TSX 中文 literal 盤點 `35` 檔 / `752` 行;註解語氣 backlog `32` 筆 | | 最新 P2-D1 正式部署基準 | code `f9bf8a28`、deploy marker `879b0a36`、CD `2578`、code-review `2579` | @@ -87,7 +87,7 @@ | P0-6 | Telegram 監控告警 / 通知出口治理 | outbound 主鏈路 100%;靜音 / recurrence slice 88%;通知出口清冊 100%;owner request draft 100%;migration plan draft 100%;防新增旁路 guard 100%;owner response acceptance 100%;告警可讀性防退化 guard 100%;direct Bot API convergence 0% | Alertmanager 缺 project context、既有 approval 收斂告警靜音、AI 分析中重複告警靜音皆已修復並正式 smoke;`TelegramGateway` final-exit formatter 已完成 host / multi-signal 卡片化;direct Bot API egress inventory 固定 workflow 13、ops script 4、API direct 1,並聚成 11 份 owner request 草稿與 3 個遷移波次;no-new-bypass guard 已覆蓋 `sendMessage` / `sendDocument` / `sendPhoto` / `sendMediaGroup` / `editMessageText` 等 9 類 Bot API method;本輪新增 readability guard,鎖住 Prisma / root Node.js / Next build / Wazuh / Kali / Nginx drift 等告警必須轉成脫敏 AI 事件卡,不能把 process list、raw JSON、URL、內網 IP、完整路徑或 token 直接送到 Telegram;owner response acceptance 已補 `message_readability_guard_ref=docs/security/telegram-alert-readability-guard.snapshot.json`,後續 direct egress 遷移審查不得繞過卡片化、脫敏、`runtime_write_gate=0` 與 no-false-green;後續需 owner response 後分批收斂,不得把 API formatter、防新增 guard 或 readability guard 完成誤判成既有旁路已收斂或 delivery receipt 已完成 | API health、Telegram health、API pod Alertmanager smoke、production logs `converged_alert_recurrence_sent`、`telegram-notification-egress-inventory.snapshot.json`、`telegram-notification-egress-owner-request-draft.snapshot.json`、`telegram-notification-egress-migration-plan-draft.snapshot.json`、`telegram-notification-egress-no-new-bypass-guard.snapshot.json`、`telegram-notification-egress-owner-response-acceptance.snapshot.json`、`telegram-alert-readability-guard.snapshot.json` | | P0-7 | Telegram 批准後執行真相鏈止血 | 100% | no-action approval 不再顯示批准 / 執行中;可執行修復 approval 會寫入 `auto_repair_executions`、KM 與 verifier;下一步補 MCP evidence / PlayBook trust 產生真正修復候選 | 目標 pytest `125 passed`、py_compile、guard、production health、API / worker rollout、production pod classifier readback | | P0-8 | Telegram no-action 人工處置包與操作入口 | 100% | no-action 卡片已新增人工處置包、證據補齊清單、AwoooP 修復候選建立步驟、verifier / KM / PlayBook 回寫提醒,並改成 `處置包`、`重診`、`歷史`、`靜默`、`真相鏈`、`Runs` 鍵盤;舊訊息不 retroactive 改寫 | 目標 pytest `64 passed + 44 passed`、py_compile、guard、production health、API / worker rollout、production pod render / keyboard smoke | -| P0-9 | MCP evidence -> PlayBook 修復候選產生 | D10 `97%`;Approvals ledger `100%`;Runs ledger incident focus desktop / mobile `100%`;blocker 語意正確性 `88%`;apply candidate 語意 `100%`;apply gate 閉環準備度 `100%`;Owner 放行閉環任務板 `100%`;受控執行前檢 `100%`;執行放行合約 `100%`;告警自動化卡點總盤 `100%`;Alerts ledger desktop / mobile `100%` | 已補 webhook fallback 先建立 incident,再收 MCP evidence、查 approved PlayBook、檢查 trust / command safety、產生 medium approval candidate 與 verifier plan;D1 追加通用兜底 PlayBook / 診斷型命令不可誤當修復、阻擋理由繁中化;D2 在缺候選時產生 `repair_candidate_draft_package_v1`、`playbook_draft_required`、下一步與必填欄位;D3 新增 `awooop_repair_candidate_draft_work_item_v1` read-only projection 與 Telegram `工作項目` deeplink;D4 讓 AwoooP Work Items 詳細呈現 PlayBook 草案處置板、必填欄位、阻擋原因、下一步、Runs / 審批連結;D5 新增 `repair_candidate_coverage_gap_v1`,讓 blocked result 帶出 coverage key、target kind、blocking stage、必收 MCP evidence refs、PlayBook template fields 與 runtime 0 / false 邊界;D6 新增 PostgreSQL 慢查詢分類與 database target kind,`PostgreSQLSlowQueries` 不再混成 backup / escrow signal,postgres target 不再預填 K8s 重啟,改成 `database_slow_query_owner_review`、read-only DB evidence、rollback / verifier 與禁止 SQL terminate / DB restart / migration / reindex;D7 將 P2-131 Owner release approval gate 與 P2-136 Release verifier preflight gate 接進 AwoooP status-chain,讓 Work Items / Runs 顯示 Owner 放行包、Verifier 放行前檢與 5 個閉環任務;D8 將 allowlisted route 候選、七個受控執行前置條件與 `allowed=false` 接進 status-chain,讓批准後可直接看出目前卡在 owner release / maintenance window / rollback owner / verifier / KM writeback,而不是只顯示需人工判斷;D9 將候選路由轉成 11 欄執行放行合約,明確預填 Incident、route、dry-run、MCP evidence,並把 owner release receipt、maintenance window、rollback owner、blast radius、post-apply verifier、KM owner、PlayBook trust owner 列為阻擋欄位;D10 將 Work Items 的焦點事故拆成 7 條告警自動化 lane,直接顯示卡在證據、候選、PlayBook / Ansible、安全路由、執行放行、Verifier 或 KM / Trust 回寫;下一步要用真實告警驗證 owner release -> controlled execution -> verifier -> KM / PlayBook 回寫 | D8 本地 `76 passed`、py_compile、web typecheck、eslint、i18n mirror、source-control owner response guard、security mirror progress guard、doc secret sanity、diff check 通過;D9 本地 `76 passed`、py_compile、web typecheck、eslint、i18n mirror、source-control owner response guard、security mirror progress guard、doc secret sanity、diff check 通過;D10 web eslint、web typecheck、i18n JSON parse、i18n key mirror、source-control owner response guard、security mirror progress guard、doc secret sanity、diff check 通過。Controlled execution preflight code `7c220fd0` 已隨 deploy marker `f068826f` 正式站 API / Work Items desktop / mobile smoke;Execution release contract code `5055d6a4` 已隨 final deploy marker `5d41fe26` 正式站 API / Work Items desktop / mobile smoke;Automation blocker map code `94800473` 已隨 final deploy marker `b1a15114` 正式站 Work Items desktop / mobile smoke;desktop / mobile 均可見告警自動化卡點總盤與 7 條 lane,horizontal overflow `0`、可見錯誤 `0`、可見內部協作片語外露 `0`、區塊內操作入口 `0`;status-chain 後續仍必須看到真實告警 owner release、controlled execution、post-apply verifier 與 KM / PlayBook trust 回寫 | +| P0-9 | MCP evidence -> PlayBook 修復候選產生 | D11 `98%`;repair candidate promotion contract `100%`;Approvals ledger `100%`;Runs ledger incident focus desktop / mobile `100%`;blocker 語意正確性 `88%`;apply candidate 語意 `100%`;apply gate 閉環準備度 `100%`;Owner 放行閉環任務板 `100%`;受控執行前檢 `100%`;執行放行合約 `100%`;告警自動化卡點總盤 `100%`;Alerts ledger desktop / mobile `100%` | 已補 webhook fallback 先建立 incident,再收 MCP evidence、查 approved PlayBook、檢查 trust / command safety、產生 medium approval candidate 與 verifier plan;D1 追加通用兜底 PlayBook / 診斷型命令不可誤當修復、阻擋理由繁中化;D2 在缺候選時產生 `repair_candidate_draft_package_v1`、`playbook_draft_required`、下一步與必填欄位;D3 新增 `awooop_repair_candidate_draft_work_item_v1` read-only projection 與 Telegram `工作項目` deeplink;D4 讓 AwoooP Work Items 詳細呈現 PlayBook 草案處置板、必填欄位、阻擋原因、下一步、Runs / 審批連結;D5 新增 `repair_candidate_coverage_gap_v1`,讓 blocked result 帶出 coverage key、target kind、blocking stage、必收 MCP evidence refs、PlayBook template fields 與 runtime 0 / false 邊界;D6 新增 PostgreSQL 慢查詢分類與 database target kind,`PostgreSQLSlowQueries` 不再混成 backup / escrow signal,postgres target 不再預填 K8s 重啟,改成 `database_slow_query_owner_review`、read-only DB evidence、rollback / verifier 與禁止 SQL terminate / DB restart / migration / reindex;D7 將 P2-131 Owner release approval gate 與 P2-136 Release verifier preflight gate 接進 AwoooP status-chain,讓 Work Items / Runs 顯示 Owner 放行包、Verifier 放行前檢與 5 個閉環任務;D8 將 allowlisted route 候選、七個受控執行前置條件與 `allowed=false` 接進 status-chain,讓批准後可直接看出目前卡在 owner release / maintenance window / rollback owner / verifier / KM writeback,而不是只顯示需人工判斷;D9 將候選路由轉成 11 欄執行放行合約,明確預填 Incident、route、dry-run、MCP evidence,並把 owner release receipt、maintenance window、rollback owner、blast radius、post-apply verifier、KM owner、PlayBook trust owner 列為阻擋欄位;D10 將 Work Items 的焦點事故拆成 7 條告警自動化 lane,直接顯示卡在證據、候選、PlayBook / Ansible、安全路由、執行放行、Verifier 或 KM / Trust 回寫;D11 將 draft-ready path 轉成 `repair_candidate_promotion_contract_v1`,讓 Telegram / callback / Work Item 能直接顯示 route、repair template、rollback、verifier、ready / blocked 計數與仍缺 owner release、maintenance window、blast radius、KM owner、PlayBook trust owner;下一步要用真實告警驗證 owner release -> controlled execution -> verifier -> KM / PlayBook 回寫 | D8 本地 `76 passed`、py_compile、web typecheck、eslint、i18n mirror、source-control owner response guard、security mirror progress guard、doc secret sanity、diff check 通過;D9 本地 `76 passed`、py_compile、web typecheck、eslint、i18n mirror、source-control owner response guard、security mirror progress guard、doc secret sanity、diff check 通過;D10 web eslint、web typecheck、i18n JSON parse、i18n key mirror、source-control owner response guard、security mirror progress guard、doc secret sanity、diff check 通過;D11 API / TG 目標測試 `21 passed`、py_compile、source-control owner response guard、security mirror progress guard、doc secret sanity、diff check 通過。Controlled execution preflight code `7c220fd0` 已隨 deploy marker `f068826f` 正式站 API / Work Items desktop / mobile smoke;Execution release contract code `5055d6a4` 已隨 final deploy marker `5d41fe26` 正式站 API / Work Items desktop / mobile smoke;Automation blocker map code `94800473` 已隨 final deploy marker `b1a15114` 正式站 Work Items desktop / mobile smoke;Repair candidate promotion contract code `06dd4d0f` 已隨 deploy marker `6be83053` 正式站 production health 與現有 status-chain readback;舊 incident metadata 不 retroactive 生成 promotion contract,後續仍必須看到新告警或重診產生 `repair_candidate_promotion_contract_v1`,再走 owner release、controlled execution、post-apply verifier 與 KM / PlayBook trust 回寫 | | P0-9a | 日報 / 週報 / 月報資料鏈路 truthfulness | 94% | Weekly report 已修正 Git 活動讀取失敗時假性全 0 的問題;Reports 頁已前移資料可信度、資料源健康矩陣、日週月報 cadence、告警到 AI 接手漏斗、自動化資產沉澱與 Agent 工作量;P2-109 已建立 `agent-report-source-health` / no-send preview read model;P2-110 已讓 weekly preview API 回傳 formatted Telegram HTML、source `2/5`、三個 source gap 與 KM / PlayBook / 腳本 / 排程 / Verifier 沉澱;P2-110B 已讓 daily / monthly preview API 也回傳同一 source health、formatted preview 與 no-send 邊界;P2-110C 已新增 SRE digest preview;P2-110D 已讓 source gap 具備 PlayBook 草案、Verifier 計畫、腳本 readback、排程 no-send 與 owner review 處置板;P2-110E 已把同一批 source gap 接進 AwoooP Work Items owner review;P2-410 production API 已把 report gap 與 SRE digest no-send preview 轉成 audit event template 與 verifier receipt gate;下一步是 P2-410 governance projection 與 P2-411 Event Bus | Feature commit `ac325852`、Reports commits `6d4fa7bf` / `5e849225` / `63a75f77`、P2-109 commit `27d9f394`、P2-110 commits `a46e31ba` / `48e06c6a`、P2-110B commit `77fe2a85`、P2-110C commit `7e03b923`、P2-110D commit `6ab640e4`、P2-110E commit `ca04b49d`、P2-410 commit `e13f716c`、deploy markers `a4b30964` / `4d4c6da3` / `cd1c4407` / `d8862123` / `c922bc1a` / `3057342a` / `29fe6ec8` / `c7c0d874` / `049dc0a8` / `c33dd9a6` / `38e60192`;production `/api/v1/agents/agent-report-source-health`、`/api/v1/stats/daily/preview`、`/api/v1/stats/weekly/preview`、`/api/v1/stats/monthly/preview`、`/api/v1/stats/sre-digest/preview`、`/api/v1/agents/agent-action-audit-ledger`、`/zh-TW/reports` desktop / mobile、`/zh-TW/awooop/work-items` desktop / mobile readback OK;未 live send Telegram、未改排程、未開 runtime gate | | P0-10 | 高價值配置 Gate path coverage、工作樹 preflight、owner packet / coverage snapshot 補強 | 100% | 已將 `k8s/nginx/**`、`scripts/ops/**/*cert*`、`scripts/ops/**/*tls*` 納入 `high-value-config-change-gate.py`,讓 Nginx public gateway 與 DNS / TLS / certbot 既有路徑命中 P0 / C0;預設模式可讀取 staged / unstaged / untracked,避免本地 preflight 漏掉未提交配置;owner packet 與 coverage snapshot 已同步最新 pattern;owner evidence 仍未提供,runtime execution 仍 false | Gate sample:`changed_files=6 matched=6 categories=3 c0=2 c1=0`;工作樹 smoke:臨時 `k8s/nginx/*` 檔命中 C0;owner packet:`packets=3 c0=2 runtime_gate=0`;coverage:`categories=14 c0=8 avg=67 runtime_gate=0`;`py_compile`、snapshot JSON parse、progress guard、owner response guard、doc secret sanity、diff check | | P0-11 | 高價值配置 Owner Packet 前台同步 | local 100%;production 100% | `/zh-TW/iwooos` 與 `/zh-TW/awooop` 已同步 latest owner packet snapshot,顯示 `packet=3 / c0=2`、Nginx public gateway、DNS / TLS / certbot 與 security tooling 影響範圍;request sent、received、accepted、runtime gate 與 action buttons 仍全部為 `0` | Feature commit `e999c16b`、deploy marker `16c6b983`、Gitea code-review `2973` / CD `2972` success;本地與正式 desktop / mobile / in-app browser smoke:IwoooS 與 AwoooP 均 HTTP `200`、必要文字與 boundary keys 可見、水平溢位 `0`、卡片內操作控制 `0`、危險連結 `0`、工作溝通片語命中 `0`;headline 不提高 | diff --git a/docs/workplans/2026-06-25-awoooi-product-uiux-inventory.md b/docs/workplans/2026-06-25-awoooi-product-uiux-inventory.md index 2cda7806..b6b02a31 100644 --- a/docs/workplans/2026-06-25-awoooi-product-uiux-inventory.md +++ b/docs/workplans/2026-06-25-awoooi-product-uiux-inventory.md @@ -377,6 +377,23 @@ Tenants 目前已讀到: 完成度同步:Telegram 修復候選 operator handoff `64% -> 70%`;AwoooP AI 自動化可判讀性 `64% -> 66%`;全站 UI/UX 專業化 `57% -> 58%`。真正 production autonomous repair verified success 仍約 `3-5%`。 +### 2.5.16 Telegram / Work Item 修復候選升級合約 + +2026-06-26 已完成 API / Telegram 小切片,讓 `DRAFT_READY - REPAIR_CANDIDATE_OWNER_REVIEW_REQUIRED` 不再只是一段 owner review 長文,而是能產生 `repair_candidate_promotion_contract_v1`:明確列出候選路由、修復模板、rollback、verifier、ready / blocked 計數,以及仍缺的 owner release、維護窗口、blast radius、KM owner 與 PlayBook trust owner。 + +| 項目 | 結果 | +|---|---| +| Code commit | `06dd4d0f feat(awooop): expose repair candidate promotion contract` | +| Deploy marker | `6be83053 chore(cd): deploy 06dd4d0 [skip ci]` | +| 合約 | `repair_candidate_promotion_contract_v1`,host-service 草案可顯示 `route=host_service_route_after_owner_review`、`ready=6/11`、`blocked=5` | +| Telegram | `Owner review 處置包` 會新增 `候選升級合約` 摘要;callback payload 也會回傳完整 promotion contract | +| Work Item | `awooop_repair_candidate_draft_work_item_v1` 帶入同一份 `candidate_promotion_contract`,後續可接 owner release / apply gate | +| 驗證 | API / TG 目標測試 `21 passed`;py_compile、source-control guard、security mirror guard、doc secret sanity、diff check 通過;Gitea code-review `#3448` 與 CD `#3447` 成功 | +| Production readback | health `healthy / prod / mock_mode=false`;舊 incident 不會 retroactive 生成新 contract,需下一筆同類告警或重診重新跑候選生成 | +| 邊界 | 不發 Telegram 測試、不執行 Ansible apply、不重啟、不 SSH、不寫 KM、不提升 PlayBook trust、不開 runtime gate | + +完成度同步:Telegram 修復候選 operator handoff `70% -> 78%`;AwoooP AI 自動化可判讀性 `66% -> 68%`;全站 UI/UX 專業化維持 `58%`。真正 production autonomous repair verified success 仍約 `3-5%`。 + ## 3. 頁面 UI/UX 現況盤點 2026-06-25 對正式站桌機 / mobile 抽查: