{ "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "https://awoooi.wooo.work/schemas/ssh_network_access_inventory_v1.schema.json", "title": "IwoooS SSH / network access repo-only 清冊", "type": "object", "additionalProperties": false, "required": [ "schema_version", "generated_at", "git_commit", "status", "source_scope", "summary", "execution_boundaries", "expected_scopes", "access_surfaces", "write_capable_surfaces", "next_collection_order", "operator_interpretation" ], "properties": { "schema_version": { "const": "ssh_network_access_inventory_v1" }, "generated_at": { "type": "string" }, "git_commit": { "type": "string" }, "status": { "const": "repo_only_inventory_ready" }, "source_scope": { "const": "committed_repo_files_only" }, "summary": { "type": "object", "additionalProperties": false, "required": [ "surface_count", "source_exists_count", "expected_scope_count", "ssh_source_surface_count", "network_policy_surface_count", "nodeport_surface_count", "sudoers_surface_count", "wireguard_surface_count", "write_capable_surface_count", "surfaces_requiring_owner_response_count", "surfaces_requiring_live_evidence_count", "owner_response_received_count", "owner_response_accepted_count", "live_evidence_received_count", "maintenance_window_accepted_count", "rollback_owner_accepted_count", "runtime_gate_count", "action_button_count", "coverage_percent_after_inventory", "coverage_percent_before_inventory" ], "properties": { "surface_count": { "const": 16 }, "source_exists_count": { "const": 16 }, "expected_scope_count": { "const": 16 }, "ssh_source_surface_count": { "const": 11 }, "network_policy_surface_count": { "const": 2 }, "nodeport_surface_count": { "const": 2 }, "sudoers_surface_count": { "const": 1 }, "wireguard_surface_count": { "const": 1 }, "write_capable_surface_count": { "const": 6 }, "surfaces_requiring_owner_response_count": { "const": 16 }, "surfaces_requiring_live_evidence_count": { "const": 16 }, "owner_response_received_count": { "const": 0 }, "owner_response_accepted_count": { "const": 0 }, "live_evidence_received_count": { "const": 0 }, "maintenance_window_accepted_count": { "const": 0 }, "rollback_owner_accepted_count": { "const": 0 }, "runtime_gate_count": { "const": 0 }, "action_button_count": { "const": 0 }, "coverage_percent_after_inventory": { "const": 54 }, "coverage_percent_before_inventory": { "const": 48 } } }, "execution_boundaries": { "type": "object", "additionalProperties": { "const": false }, "required": [ "runtime_execution_authorized", "host_write_authorized", "ssh_read_authorized", "ssh_write_authorized", "sudo_action_authorized", "firewall_change_authorized", "network_policy_apply_authorized", "nodeport_change_authorized", "wireguard_change_authorized", "known_hosts_patch_authorized", "host_keyscan_authorized", "live_host_read_authorized", "secret_value_collection_allowed", "ssh_key_collection_allowed", "active_scan_authorized", "action_buttons_allowed" ] }, "expected_scopes": { "type": "array", "minItems": 16, "maxItems": 16, "items": { "type": "string" } }, "access_surfaces": { "type": "array", "minItems": 16, "maxItems": 16, "items": { "$ref": "#/$defs/access_surface" } }, "write_capable_surfaces": { "type": "array", "minItems": 6, "maxItems": 6, "items": { "type": "object", "additionalProperties": false, "required": [ "surface_id", "label", "config_kind", "expected_scope", "required_gate" ], "properties": { "surface_id": { "type": "string" }, "label": { "type": "string" }, "config_kind": { "type": "string" }, "expected_scope": { "type": "string" }, "required_gate": { "const": "owner_response_plus_maintenance_window_plus_rollback_owner" } } } }, "next_collection_order": { "type": "array", "minItems": 10, "items": { "type": "string" } }, "operator_interpretation": { "type": "array", "items": { "type": "string" } } }, "$defs": { "access_surface": { "type": "object", "additionalProperties": false, "required": [ "surface_id", "label", "source_path", "expected_scope", "config_kind", "control_tier", "current_state", "access_scope", "requires_live_evidence", "requires_owner_response", "next_owner_action", "source_exists", "line_count", "sha256", "owner_response_received", "owner_response_accepted", "live_evidence_received", "maintenance_window_accepted", "rollback_owner_accepted", "runtime_gate_open", "action_buttons_allowed" ], "properties": { "surface_id": { "type": "string" }, "label": { "type": "string" }, "source_path": { "type": "string" }, "expected_scope": { "type": "string" }, "config_kind": { "type": "string" }, "control_tier": { "const": "C1" }, "current_state": { "type": "string" }, "access_scope": { "type": "array", "items": { "type": "string" } }, "requires_live_evidence": { "const": true }, "requires_owner_response": { "const": true }, "next_owner_action": { "type": "string" }, "source_exists": { "const": true }, "line_count": { "type": "integer", "minimum": 1 }, "sha256": { "type": "string", "minLength": 64, "maxLength": 64 }, "owner_response_received": { "const": false }, "owner_response_accepted": { "const": false }, "live_evidence_received": { "const": false }, "maintenance_window_accepted": { "const": false }, "rollback_owner_accepted": { "const": false }, "runtime_gate_open": { "const": false }, "action_buttons_allowed": { "const": false } } } } }