feat(web): add IwoooS host evidence readiness

scripts/security/security-mirror-progress-guard.py

@@ -167,6 +167,7 @@ def validate(root: Path) -> None:
         "s2_13_iwooos_owner_evidence_readiness_board",
         "s2_14_iwooos_host_coverage_view",
         "s2_15_iwooos_host_action_gate_matrix",
+        "s2_16_iwooos_host_evidence_readiness_board",
     ]
     assert_equal(
         "progress_delta_ledger.delta_ids",
@@ -348,6 +349,15 @@ def validate(root: Path) -> None:
         "kali_host_update_gate",
         "runtime_blocking_control_gate",
     ]
+    expected_iwooos_host_evidence_readiness_item_ids = [
+        "host_scope_boundary_evidence",
+        "host_owner_decision_record_evidence",
+        "host_credential_handling_evidence",
+        "host_maintenance_window_evidence",
+        "host_rollback_plan_evidence",
+        "host_validation_metrics_evidence",
+        "host_redacted_ingestion_evidence",
+    ]
     assert_equal(
         "iwooos_projection.summary.frontend_surface_coverage_group_count",
         iwooos_projection["summary"]["frontend_surface_coverage_group_count"],
@@ -378,6 +388,11 @@ def validate(root: Path) -> None:
         iwooos_projection["summary"]["host_action_gate_item_count"],
         len(expected_iwooos_host_action_gate_item_ids),
     )
+    assert_equal(
+        "iwooos_projection.summary.host_evidence_readiness_item_count",
+        iwooos_projection["summary"]["host_evidence_readiness_item_count"],
+        len(expected_iwooos_host_evidence_readiness_item_ids),
+    )
     iwooos_progress = iwooos_projection["progress"]
     assert_equal("iwooos_projection.progress.overall_percent", iwooos_progress["overall_percent"], progress["overall_percent"])
     assert_equal(
@@ -662,6 +677,61 @@ def validate(root: Path) -> None:
             f"iwooos_projection.host_action_gate_items.{item['action_id']}.not_authorization",
             item["not_authorization"],
         )
+    iwooos_host_evidence_readiness = iwooos_projection["host_evidence_readiness_items"]
+    assert_equal(
+        "iwooos_projection.host_evidence_readiness_items.ids",
+        [item["item_id"] for item in iwooos_host_evidence_readiness],
+        expected_iwooos_host_evidence_readiness_item_ids,
+    )
+    assert_equal(
+        "iwooos_projection.host_evidence_readiness_items.display_order",
+        [item["display_order"] for item in iwooos_host_evidence_readiness],
+        list(range(1, len(expected_iwooos_host_evidence_readiness_item_ids) + 1)),
+    )
+    for item in iwooos_host_evidence_readiness:
+        assert_equal(
+            f"iwooos_projection.host_evidence_readiness_items.{item['item_id']}.display_mode",
+            item["display_mode"],
+            "evidence_readiness_only",
+        )
+        assert_equal(
+            f"iwooos_projection.host_evidence_readiness_items.{item['item_id']}.received_count",
+            item["received_count"],
+            0,
+        )
+        assert_equal(
+            f"iwooos_projection.host_evidence_readiness_items.{item['item_id']}.accepted_count",
+            item["accepted_count"],
+            0,
+        )
+        assert_false(
+            f"iwooos_projection.host_evidence_readiness_items.{item['item_id']}.active_scan_authorized",
+            item["active_scan_authorized"],
+        )
+        assert_false(
+            f"iwooos_projection.host_evidence_readiness_items.{item['item_id']}.credentialed_scan_authorized",
+            item["credentialed_scan_authorized"],
+        )
+        assert_false(
+            f"iwooos_projection.host_evidence_readiness_items.{item['item_id']}.ssh_change_authorized",
+            item["ssh_change_authorized"],
+        )
+        assert_false(
+            f"iwooos_projection.host_evidence_readiness_items.{item['item_id']}.host_update_authorized",
+            item["host_update_authorized"],
+        )
+        assert_false(
+            f"iwooos_projection.host_evidence_readiness_items.{item['item_id']}.runtime_execution_authorized",
+            item["runtime_execution_authorized"],
+        )
+        assert_false(
+            f"iwooos_projection.host_evidence_readiness_items.{item['item_id']}.action_buttons_allowed",
+            item["action_buttons_allowed"],
+        )
+        assert_true(
+            f"iwooos_projection.host_evidence_readiness_items.{item['item_id']}.not_authorization",
+            item["not_authorization"],
+        )
     assert_equal(
         "iwooos_projection.non_blocking_lane_ids",
         iwooos_projection["non_blocking_lane_ids"],
@@ -686,6 +756,7 @@ def validate(root: Path) -> None:
         "display_owner_evidence_readiness_board",
         "display_host_coverage_view",
         "display_host_action_gate_matrix",
+        "display_host_evidence_readiness_board",
         "display_evidence_refs",
         "display_forbidden_actions",
     ]:
@@ -706,6 +777,9 @@ def validate(root: Path) -> None:
         "auto_update_host",
         "run_host_package_upgrade",
         "credentialed_scan_host",
+        "mark_host_evidence_received",
+        "mark_host_evidence_accepted",
+        "ingest_raw_host_evidence",
         "apply_runtime_blocking_control",
         "switch_github_primary",
         "production_deploy",