wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 4 Packages Projects Releases Wiki Activity

fix(web): refresh IwoooS Kali live evidence
Some checks failed
CD Pipeline / build-and-deploy (push) Has been cancelled
Details
CD Pipeline / post-deploy-checks (push) Has been cancelled
Details
CD Pipeline / tests (push) Has been cancelled
Details
Code Review / ai-code-review (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Your Name
2026-06-03 11:00:08 +08:00
parent 8c1bdcdf70
commit cc5dc2f62c
10 changed files with 314 additions and 96 deletions
Download Patch File Download Diff File Expand all files Collapse all files

90
scripts/security/security-mirror-progress-guard.py
View File

@@ -515,8 +515,10 @@ def validate(root: Path) -> None:
)
for key in [
"readOnlySnapshot",
"scannerHealth",
"upgradablePackages",
"failedSystemdUnits",
"serviceHardening",
"runtimeGate",
]:
assert_contains(
@@ -527,8 +529,15 @@ def validate(root: Path) -> None:
for text in [
"KaliMaintenanceReadinessBoard",
'data-testid="iwooos-kali-maintenance-readiness-board"',
"2026-06-03 10:23",
"kali_112_read_only_observed_at=2026-06-03T10:23:51+08:00",
"kali_112_scanner_health=healthy",
"kali_112_scanner_service_active=active",
"kali_112_scanner_service_enabled=enabled",
"kali_112_upgradable_package_count=1994",
"kali_112_failed_systemd_unit_count=1",
"kali_112_failed_systemd_unit=networking.service",
"kali_112_systemd_hardening_enabled=0/4",
"kali_112_full_upgrade_authorized=false",
"kali_112_reboot_authorized=false",
"kali_112_package_update_executed=false",
@@ -757,6 +766,7 @@ def validate(root: Path) -> None:
"s2_164_iwooos_s49_owner_response_intake_blocker_focus",
"s2_165_iwooos_s49_owner_response_delivery_cards",
"s2_166_iwooos_progress_integrity_ribbon",
"s2_167_iwooos_kali_112_live_read_only_recheck",
]
assert_equal(
"progress_delta_ledger.delta_ids",
@@ -2332,8 +2342,10 @@ def validate(root: Path) -> None:
]
expected_iwooos_kali_maintenance_readiness_item_ids = [
"kali_112_read_only_snapshot",
"kali_112_scanner_health",
"kali_112_upgradable_package_count",
"kali_112_failed_systemd_unit_count",
"kali_112_service_hardening_gap",
"kali_112_full_upgrade_reboot_gate",
]
expected_iwooos_host_action_gate_item_ids = [
@@ -4018,17 +4030,52 @@ def validate(root: Path) -> None:
)
assert_equal(
"iwooos_projection.kali_maintenance_readiness_items.upgradable_package_count",
iwooos_kali_maintenance_readiness[1]["metric_value"],
iwooos_kali_maintenance_readiness[2]["metric_value"],
1994,
)
assert_equal(
"iwooos_projection.kali_maintenance_readiness_items.failed_systemd_unit_count",
iwooos_kali_maintenance_readiness[2]["metric_value"],
iwooos_kali_maintenance_readiness[3]["metric_value"],
1,
)
assert_equal(
"iwooos_projection.kali_maintenance_readiness_items.scanner_health",
iwooos_kali_maintenance_readiness[1]["metric_value"],
"healthy",
)
assert_equal(
"iwooos_projection.kali_maintenance_readiness_items.scanner_service_state",
iwooos_kali_maintenance_readiness[1]["scanner_service_state"],
"active",
)
assert_equal(
"iwooos_projection.kali_maintenance_readiness_items.scanner_service_enabled",
iwooos_kali_maintenance_readiness[1]["scanner_service_enabled"],
"enabled",
)
assert_equal(
"iwooos_projection.kali_maintenance_readiness_items.failed_unit_name",
iwooos_kali_maintenance_readiness[3]["failed_unit_name"],
"networking.service",
)
assert_equal(
"iwooos_projection.kali_maintenance_readiness_items.hardening_enabled_count",
iwooos_kali_maintenance_readiness[4]["enabled_count"],
0,
)
assert_equal(
"iwooos_projection.kali_maintenance_readiness_items.hardening_expected_count",
iwooos_kali_maintenance_readiness[4]["expected_count"],
4,
)
assert_equal(
"iwooos_projection.kali_maintenance_readiness_items.hardening_missing_controls",
iwooos_kali_maintenance_readiness[4]["missing_controls"],
["NoNewPrivileges", "PrivateTmp", "ProtectSystem", "ProtectHome"],
)
assert_equal(
"iwooos_projection.kali_maintenance_readiness_items.reboot_gate_queue_item",
iwooos_kali_maintenance_readiness[3]["source_queue_item_id"],
iwooos_kali_maintenance_readiness[5]["source_queue_item_id"],
"kali-full-upgrade-reboot-approval-20260513",
)
for item in iwooos_kali_maintenance_readiness:
@@ -6814,7 +6861,7 @@ def validate(root: Path) -> None:
assert_equal(
"kali_status.latest_read_only_observation.observed_at_taipei",
latest_kali_observation["observed_at_taipei"],
"2026-05-31T17:22:20+08:00",
"2026-06-03T10:23:51+08:00",
)
assert_equal(
"kali_status.latest_read_only_observation.collection_mode",
@@ -6831,6 +6878,41 @@ def validate(root: Path) -> None:
latest_kali_observation["failed_systemd_unit_count"],
1,
)
assert_equal(
"kali_status.latest_read_only_observation.scanner_api_health_status",
latest_kali_observation["scanner_api_health_status"],
"healthy",
)
assert_equal(
"kali_status.latest_read_only_observation.scanner_service_state",
latest_kali_observation["scanner_service_state"],
"active",
)
assert_equal(
"kali_status.latest_read_only_observation.scanner_service_enabled",
latest_kali_observation["scanner_service_enabled"],
"enabled",
)
assert_equal(
"kali_status.latest_read_only_observation.failed_systemd_unit_names",
latest_kali_observation["failed_systemd_unit_names"],
["networking.service"],
)
assert_equal(
"kali_status.latest_read_only_observation.scanner_systemd_hardening_enabled_count",
latest_kali_observation["scanner_systemd_hardening_enabled_count"],
0,
)
assert_equal(
"kali_status.latest_read_only_observation.scanner_systemd_hardening_expected_count",
latest_kali_observation["scanner_systemd_hardening_expected_count"],
4,
)
assert_equal(
"kali_status.latest_read_only_observation.scanner_systemd_hardening_missing",
latest_kali_observation["scanner_systemd_hardening_missing"],
["NoNewPrivileges", "PrivateTmp", "ProtectSystem", "ProtectHome"],
)
for forbidden_runtime_flag in [
"runtime_actions_executed",
"active_scan_executed",