{ "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "https://awoooi.wooo.work/schemas/high_value_config_control_coverage_v1.schema.json", "title": "IwoooS 高價值配置控管覆蓋矩陣", "type": "object", "additionalProperties": false, "required": [ "schema_version", "generated_at", "git_commit", "source_category_definition", "status", "summary", "execution_boundaries", "coverage_categories", "lowest_coverage_categories", "next_collection_order", "operator_interpretation" ], "properties": { "schema_version": { "const": "high_value_config_control_coverage_v1" }, "generated_at": { "type": "string" }, "git_commit": { "type": "string" }, "source_category_definition": { "const": "scripts/security/high-value-config-change-gate.py" }, "status": { "const": "coverage_matrix_ready" }, "summary": { "type": "object", "additionalProperties": false, "required": [ "category_count", "c0_category_count", "c1_category_count", "c2_category_count", "c3_category_count", "registered_control_count", "owner_response_required_count", "owner_response_received_count", "owner_response_accepted_count", "runtime_gate_count", "action_button_count", "average_coverage_percent", "needs_live_evidence_count", "lowest_coverage_category_count" ], "properties": { "category_count": { "type": "integer", "minimum": 1 }, "c0_category_count": { "type": "integer", "minimum": 0 }, "c1_category_count": { "type": "integer", "minimum": 0 }, "c2_category_count": { "type": "integer", "minimum": 0 }, "c3_category_count": { "type": "integer", "minimum": 0 }, "registered_control_count": { "type": "integer", "minimum": 1 }, "owner_response_required_count": { "type": "integer", "minimum": 0 }, "owner_response_received_count": { "const": 0 }, "owner_response_accepted_count": { "const": 0 }, "runtime_gate_count": { "const": 0 }, "action_button_count": { "const": 0 }, "average_coverage_percent": { "type": "integer", "minimum": 0, "maximum": 100 }, "needs_live_evidence_count": { "type": "integer", "minimum": 0 }, "lowest_coverage_category_count": { "type": "integer", "minimum": 0 } } }, "execution_boundaries": { "type": "object", "additionalProperties": { "const": false }, "required": [ "runtime_execution_authorized", "host_write_authorized", "nginx_reload_authorized", "dns_tls_change_authorized", "certbot_renew_authorized", "argocd_sync_authorized", "kubectl_action_authorized", "backup_run_authorized", "restore_run_authorized", "restore_drill_authorized", "offsite_sync_authorized", "offsite_remote_delete_authorized", "credential_escrow_marker_write_authorized", "retention_change_authorized", "restic_prune_authorized", "rclone_config_authorized", "velero_restore_authorized", "workflow_modification_authorized", "runner_change_authorized", "refs_sync_authorized", "force_push_authorized", "secret_value_collection_allowed", "active_scan_authorized", "agent_bounty_runtime_authorized", "payout_or_withdrawal_authorized", "action_buttons_allowed" ] }, "coverage_categories": { "type": "array", "minItems": 1, "items": { "$ref": "#/$defs/coverage_category" } }, "lowest_coverage_categories": { "type": "array", "items": { "type": "object", "additionalProperties": false, "required": [ "category_id", "label", "coverage_percent", "current_gap", "next_owner_action" ], "properties": { "category_id": { "type": "string" }, "label": { "type": "string" }, "coverage_percent": { "type": "integer", "minimum": 0, "maximum": 100 }, "current_gap": { "type": "string" }, "next_owner_action": { "type": "string" } } } }, "next_collection_order": { "type": "array", "items": { "type": "string" } }, "operator_interpretation": { "type": "array", "items": { "type": "string" } } }, "$defs": { "coverage_category": { "type": "object", "additionalProperties": false, "required": [ "category_id", "label", "priority", "control_tier", "required_gate", "coverage_status", "coverage_percent", "patterns", "required_validation", "evidence_refs", "current_gap", "next_owner_action", "owner_response_required", "owner_response_received", "owner_response_accepted", "runtime_gate_open", "action_buttons_allowed" ], "properties": { "category_id": { "type": "string" }, "label": { "type": "string" }, "priority": { "enum": ["P0", "P1", "P2", "P3"] }, "control_tier": { "enum": ["C0", "C1", "C2", "C3"] }, "required_gate": { "type": "string" }, "coverage_status": { "type": "string" }, "coverage_percent": { "type": "integer", "minimum": 0, "maximum": 100 }, "patterns": { "type": "array", "items": { "type": "string" } }, "required_validation": { "type": "array", "items": { "type": "string" } }, "evidence_refs": { "type": "array", "items": { "type": "string" } }, "current_gap": { "type": "string" }, "next_owner_action": { "type": "string" }, "owner_response_required": { "const": true }, "owner_response_received": { "const": false }, "owner_response_accepted": { "const": false }, "runtime_gate_open": { "const": false }, "action_buttons_allowed": { "const": false } } } } }