wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 5 Packages Projects Releases Wiki Activity

docs(logbook): record wazuh live metadata validator rollout [skip ci]

Browse Source
This commit is contained in:
Your Name
2026-06-28 15:36:25 +08:00
parent aa6b7c2556
commit ecdf135c8c
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docs/LOGBOOK.md
View File

@@ -9,6 +9,9 @@
- `DATABASE_URL=sqlite:///test.db PYTHONPATH=apps/api python3.11 -m pytest apps/api/tests/test_iwooos_runtime_security_readback.py -q``17 passed`
- `DATABASE_URL=sqlite:///test.db PYTHONPATH=apps/api python3.11 -m pytest apps/api/tests/test_iwooos_wazuh_managed_host_coverage.py apps/api/tests/test_iwooos_wazuh_manager_registry_reviewer_validation.py apps/api/tests/test_iwooos_runtime_security_readback.py apps/api/tests/test_iwooos_security_control_coverage.py -q``36 passed`
- `python3 scripts/security/wazuh-readonly-route-boundary-guard.py --root .``python3 scripts/security/security-mirror-progress-guard.py --root .``py_compile``git diff --check`:通過。
- ProductionGitea main `aa6b7c255` / API image `48fa4ee02272284a2b5ed8d2237e79a0ae672e5e` 已由 ArgoCD 讀回 `Synced / Healthy``awoooi-api` `2/2`
- Production `GET /api/v1/iwooos/wazuh-live-metadata-gate` HTTP 200valid redacted POST 回 `accepted_for_live_metadata_owner_review_only`POST 後 GET summary 完全一致sensitive sample 回 `quarantine_sensitive_payload` 且不回顯 raw IP / Bearerruntime-action sample 回 `reject_runtime_action_request`
- P3 release gate`PASS=38 WARN=3 BLOCKED=0`regular / drain cd-lane 皆 `failclosed``BAD_RUNNER_GUARDRAILS 0``NO_ACTIVE_JOB_CONTAINERS`
**邊界**:沒有讀 secret / raw env / raw Wazuh payload / raw session沒有查 live Wazuh沒有 host / Docker / systemd / Nginx / firewall / K8s runtime action沒有打開 runtime gate。