Merge remote-tracking branch 'gitea/main' into codex/github-backup-missing-targets-20260627
# Conflicts: # docs/LOGBOOK.md
This commit is contained in:
@@ -148,7 +148,7 @@ def load_latest_iwooos_wazuh_manager_registry_reviewer_validation(
|
||||
"schema_version": "iwooos_wazuh_manager_registry_reviewer_validation_readback_v1",
|
||||
"source_schema_version": snapshot["schema_version"],
|
||||
"status": snapshot.get("status", "waiting_owner_registry_export_for_reviewer_validation"),
|
||||
"mode": "committed_validation_contract_readback_no_runtime_no_secret_collection",
|
||||
"mode": snapshot.get("mode", "committed_validation_contract_readback_no_runtime_no_secret_collection"),
|
||||
"source_refs": [
|
||||
f"docs/security/{_SNAPSHOT_FILE}",
|
||||
"scripts/security/wazuh-manager-registry-reviewer-validation.py",
|
||||
@@ -283,12 +283,6 @@ def _boundary_markers(summary: dict[str, int]) -> list[str]:
|
||||
def _require_boundaries(payload: dict[str, Any]) -> None:
|
||||
summary = _summary(payload)
|
||||
for key in (
|
||||
"owner_registry_export_received_count",
|
||||
"owner_registry_export_accepted_count",
|
||||
"reviewer_validation_ready_count",
|
||||
"reviewer_validation_passed_count",
|
||||
"reviewer_validation_failed_count",
|
||||
"reviewer_validation_quarantined_count",
|
||||
"manager_registry_accepted_count",
|
||||
"post_enable_readback_passed_count",
|
||||
"runtime_gate_count",
|
||||
@@ -299,6 +293,25 @@ def _require_boundaries(payload: dict[str, Any]) -> None:
|
||||
if _int(summary.get(key)) != 0:
|
||||
raise ValueError(f"Wazuh manager registry reviewer validation summary.{key} 必須維持 0")
|
||||
|
||||
received = _int(summary.get("owner_registry_export_received_count"))
|
||||
accepted = _int(summary.get("owner_registry_export_accepted_count"))
|
||||
ready = _int(summary.get("reviewer_validation_ready_count"))
|
||||
passed = _int(summary.get("reviewer_validation_passed_count"))
|
||||
failed = _int(summary.get("reviewer_validation_failed_count"))
|
||||
quarantined = _int(summary.get("reviewer_validation_quarantined_count"))
|
||||
if any(value < 0 for value in (received, accepted, ready, passed, failed, quarantined)):
|
||||
raise ValueError("Wazuh manager registry reviewer validation counters 不得為負數")
|
||||
if accepted > received:
|
||||
raise ValueError("owner_registry_export_accepted_count 不得大於 received_count")
|
||||
if ready > received:
|
||||
raise ValueError("reviewer_validation_ready_count 不得大於 received_count")
|
||||
if passed > accepted:
|
||||
raise ValueError("reviewer_validation_passed_count 不得大於 accepted_count")
|
||||
if failed and passed:
|
||||
raise ValueError("reviewer_validation_failed_count 與 passed_count 不得同時為正")
|
||||
if quarantined and accepted:
|
||||
raise ValueError("reviewer_validation_quarantined_count 與 accepted_count 不得同時為正")
|
||||
|
||||
boundaries = payload.get("execution_boundaries")
|
||||
if not isinstance(boundaries, dict):
|
||||
raise ValueError("Wazuh manager registry reviewer validation execution_boundaries 缺失")
|
||||
|
||||
Reference in New Issue
Block a user