3 Commits

Author	SHA1	Message	Date
OG T	4b24ecd67f	fix(sprint3): 首席架構師 Review C1/C2/C3/M3/m1 修正 ... C1: _ssh_execute 直接接收 key_path 參數，不反查 LAYER_SSH_CONFIG C2: PlaybookService.create() proxy，Router 不再穿透呼叫 _repository C3: CD Step 1b sed 替換 IMAGE_TAG_PLACEHOLDER，消除失敗中斷風險 M3: repair-bot 110/188 regex 統一 [a-z0-9][a-z0-9-]{0,30}，禁止底線 m1: defaultMode 0400 加八進位說明注釋 m2: _ssh_execute 用 deadline 計算剩餘 timeout Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-05 13:07:59 +08:00
OG T	892c5d53a7	k8s(secret): 加入 repair SSH key 建立說明 template ... 實際私鑰透過 kubectl create secret 手動建立，不上 Git 主機 110 (wooo) / 188 (ollama) 已設定 command= 受限 authorized_keys SSH health check 驗證: REPAIR_BOT_HEALTHY:110 / REPAIR_BOT_HEALTHY:188 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-05 11:17:57 +08:00
OG T	77253a5d87	ops(repair-bot): 主機白名單修復腳本 (Sprint 3) ... 110: sentry/harbor/gitea/gitea-runner/langfuse/alertmanager/signoz 188: openclaw/minio/signoz (docker compose) + redis/nginx/ollama (systemd) 安全設計: SSH command= 限制 + 嚴格白名單 + /var/log/awoooi-repair-bot.log 已部署: 110:/home/wooo/bin/ + 188:/home/ollama/bin/ Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-04-05 11:11:55 +08:00