wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 3 Packages Projects Releases Wiki Activity
Files
main
awoooi/docs/security/public-gateway-rendered-diff-acceptance.snapshot.json
Your Name a4998f915c
All checks were successful
Code Review / ai-code-review (push) Successful in 14s
Details
CD Pipeline / tests (push) Successful in 1m32s
Details
CD Pipeline / build-and-deploy (push) Successful in 4m37s
Details
CD Pipeline / post-deploy-checks (push) Successful in 1m31s
Details
fix(iwooos): 新增 public gateway diff evidence acceptance
2026-06-15 00:12:53 +08:00

677 lines
25 KiB
JSON
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
{
"blocked_actions": [
"read_live_conf_over_ssh",
"store_raw_live_conf",
"store_full_rendered_diff_payload",
"accept_unredacted_live_conf",
"collect_secret_value",
"accept_execution_request_inside_evidence",
"mark_rendered_diff_accepted_without_owner_response",
"mark_rendered_diff_accepted_without_reviewer_record",
"run_nginx_test_from_diff_acceptance",
"run_route_smoke_from_diff_acceptance",
"nginx_reload_from_diff_acceptance",
"dns_probe_from_diff_acceptance",
"tls_probe_from_diff_acceptance",
"certbot_renew_from_diff_acceptance",
"modify_nginx_conf",
"modify_dns_tls_config",
"change_public_route",
"change_admin_route",
"change_websocket_route",
"write_production_host",
"open_runtime_gate",
"add_action_button"
],
"diff_acceptance_candidates": [
{
"acceptance_fields": [
"diff_acceptance_id",
"owner_response_acceptance_id",
"diff_gate_id",
"config_id",
"control_tier",
"host",
"live_path",
"redacted_live_conf_ref",
"rendered_diff_ref",
"rendered_diff_hash_ref",
"diff_scope_summary",
"affected_routes",
"nginx_test_evidence_ref",
"nginx_test_operator",
"nginx_test_result",
"route_smoke_matrix_ref",
"route_smoke_result_ref",
"tls_acme_impact_ref",
"maintenance_window",
"rollback_owner",
"rollback_ref",
"postcheck_evidence_ref",
"reviewer_outcome",
"followup_owner",
"not_approval"
],
"action_buttons_allowed": false,
"affected_routes": [],
"blocked_actions": [
"read_live_conf_over_ssh",
"store_raw_live_conf",
"store_full_rendered_diff_payload",
"accept_unredacted_live_conf",
"collect_secret_value",
"accept_execution_request_inside_evidence",
"mark_rendered_diff_accepted_without_owner_response",
"mark_rendered_diff_accepted_without_reviewer_record",
"run_nginx_test_from_diff_acceptance",
"run_route_smoke_from_diff_acceptance",
"nginx_reload_from_diff_acceptance",
"dns_probe_from_diff_acceptance",
"tls_probe_from_diff_acceptance",
"certbot_renew_from_diff_acceptance",
"modify_nginx_conf",
"modify_dns_tls_config",
"change_public_route",
"change_admin_route",
"change_websocket_route",
"write_production_host",
"open_runtime_gate",
"add_action_button"
],
"certbot_renew_authorized": false,
"config_id": "host188_all_sites",
"control_tier": "C0",
"diff_acceptance_id": "public_gateway_rendered_diff_acceptance:host188_all_sites",
"diff_gate_id": "public_gateway_rendered_diff_gate:host188_all_sites",
"diff_scope_summary": "pending_owner_response_acceptance",
"dns_tls_probe_authorized": false,
"followup_owner": "pending_owner_response_acceptance",
"host": "192.168.0.188",
"live_path": "/etc/nginx/sites-enabled/all-sites.conf",
"maintenance_window": "pending_owner_response_acceptance",
"maintenance_window_accepted": false,
"nginx_reload_authorized": false,
"nginx_reload_executed": false,
"nginx_test_authorized": false,
"nginx_test_evidence_accepted": false,
"nginx_test_evidence_received": false,
"nginx_test_evidence_ref": null,
"nginx_test_executed": false,
"nginx_test_operator": "pending_runtime_owner",
"nginx_test_result": "pending_owner_provided_readback",
"not_approval": true,
"outcome_lanes": [
"waiting_owner_response_acceptance",
"waiting_rendered_diff_evidence",
"quarantine_raw_conf_or_payload",
"reject_secret_or_execution_request",
"request_evidence_supplement",
"ready_for_reviewer_acceptance",
"accepted_for_runtime_gate_planning",
"waiting_separate_runtime_approval"
],
"owner_response_acceptance_id": "public_gateway_owner_response_acceptance:host188_all_sites",
"owner_response_accepted": false,
"postcheck_evidence_accepted": false,
"postcheck_evidence_ref": null,
"production_write_authorized": false,
"redacted_export_accepted": false,
"redacted_live_conf_ref": null,
"rendered_diff_accepted": false,
"rendered_diff_hash_ref": null,
"rendered_diff_received": false,
"rendered_diff_ref": null,
"required_evidence_fields": [
"redacted_live_conf_ref",
"rendered_diff_ref",
"rendered_diff_hash_ref",
"diff_scope_summary",
"affected_routes",
"nginx_test_evidence_ref",
"nginx_test_result",
"route_smoke_matrix_ref",
"route_smoke_result_ref",
"tls_acme_impact_ref",
"maintenance_window",
"rollback_owner",
"rollback_ref",
"postcheck_evidence_ref"
],
"reviewer_checks": [
"owner_response_accepted_first",
"redacted_live_conf_ref_only",
"rendered_diff_ref_not_payload",
"diff_scope_matches_config_id",
"nginx_test_evidence_is_readback_only",
"nginx_test_result_has_timestamp",
"route_smoke_matrix_complete",
"tls_acme_impact_separated",
"secret_value_absent",
"maintenance_window_present",
"rollback_owner_and_ref_present",
"postcheck_plan_present",
"no_execution_request_embedded",
"counts_transition_safe",
"action_button_absent"
],
"reviewer_outcome": "waiting_owner_response_acceptance",
"rollback_owner": "pending_owner_response_acceptance",
"rollback_owner_accepted": false,
"rollback_ref": null,
"route_smoke_authorized": false,
"route_smoke_executed": false,
"route_smoke_matrix_accepted": false,
"route_smoke_matrix_received": false,
"route_smoke_matrix_ref": null,
"route_smoke_result_accepted": false,
"route_smoke_result_received": false,
"route_smoke_result_ref": null,
"runtime_gate": false,
"status": "waiting_owner_response_acceptance",
"tls_acme_impact_accepted": false,
"tls_acme_impact_ref": null
},
{
"acceptance_fields": [
"diff_acceptance_id",
"owner_response_acceptance_id",
"diff_gate_id",
"config_id",
"control_tier",
"host",
"live_path",
"redacted_live_conf_ref",
"rendered_diff_ref",
"rendered_diff_hash_ref",
"diff_scope_summary",
"affected_routes",
"nginx_test_evidence_ref",
"nginx_test_operator",
"nginx_test_result",
"route_smoke_matrix_ref",
"route_smoke_result_ref",
"tls_acme_impact_ref",
"maintenance_window",
"rollback_owner",
"rollback_ref",
"postcheck_evidence_ref",
"reviewer_outcome",
"followup_owner",
"not_approval"
],
"action_buttons_allowed": false,
"affected_routes": [],
"blocked_actions": [
"read_live_conf_over_ssh",
"store_raw_live_conf",
"store_full_rendered_diff_payload",
"accept_unredacted_live_conf",
"collect_secret_value",
"accept_execution_request_inside_evidence",
"mark_rendered_diff_accepted_without_owner_response",
"mark_rendered_diff_accepted_without_reviewer_record",
"run_nginx_test_from_diff_acceptance",
"run_route_smoke_from_diff_acceptance",
"nginx_reload_from_diff_acceptance",
"dns_probe_from_diff_acceptance",
"tls_probe_from_diff_acceptance",
"certbot_renew_from_diff_acceptance",
"modify_nginx_conf",
"modify_dns_tls_config",
"change_public_route",
"change_admin_route",
"change_websocket_route",
"write_production_host",
"open_runtime_gate",
"add_action_button"
],
"certbot_renew_authorized": false,
"config_id": "host188_internal_tools_https",
"control_tier": "C0",
"diff_acceptance_id": "public_gateway_rendered_diff_acceptance:host188_internal_tools_https",
"diff_gate_id": "public_gateway_rendered_diff_gate:host188_internal_tools_https",
"diff_scope_summary": "pending_owner_response_acceptance",
"dns_tls_probe_authorized": false,
"followup_owner": "pending_owner_response_acceptance",
"host": "192.168.0.188",
"live_path": "owner_confirmation_required",
"maintenance_window": "pending_owner_response_acceptance",
"maintenance_window_accepted": false,
"nginx_reload_authorized": false,
"nginx_reload_executed": false,
"nginx_test_authorized": false,
"nginx_test_evidence_accepted": false,
"nginx_test_evidence_received": false,
"nginx_test_evidence_ref": null,
"nginx_test_executed": false,
"nginx_test_operator": "pending_runtime_owner",
"nginx_test_result": "pending_owner_provided_readback",
"not_approval": true,
"outcome_lanes": [
"waiting_owner_response_acceptance",
"waiting_rendered_diff_evidence",
"quarantine_raw_conf_or_payload",
"reject_secret_or_execution_request",
"request_evidence_supplement",
"ready_for_reviewer_acceptance",
"accepted_for_runtime_gate_planning",
"waiting_separate_runtime_approval"
],
"owner_response_acceptance_id": "public_gateway_owner_response_acceptance:host188_internal_tools_https",
"owner_response_accepted": false,
"postcheck_evidence_accepted": false,
"postcheck_evidence_ref": null,
"production_write_authorized": false,
"redacted_export_accepted": false,
"redacted_live_conf_ref": null,
"rendered_diff_accepted": false,
"rendered_diff_hash_ref": null,
"rendered_diff_received": false,
"rendered_diff_ref": null,
"required_evidence_fields": [
"redacted_live_conf_ref",
"rendered_diff_ref",
"rendered_diff_hash_ref",
"diff_scope_summary",
"affected_routes",
"nginx_test_evidence_ref",
"nginx_test_result",
"route_smoke_matrix_ref",
"route_smoke_result_ref",
"tls_acme_impact_ref",
"maintenance_window",
"rollback_owner",
"rollback_ref",
"postcheck_evidence_ref"
],
"reviewer_checks": [
"owner_response_accepted_first",
"redacted_live_conf_ref_only",
"rendered_diff_ref_not_payload",
"diff_scope_matches_config_id",
"nginx_test_evidence_is_readback_only",
"nginx_test_result_has_timestamp",
"route_smoke_matrix_complete",
"tls_acme_impact_separated",
"secret_value_absent",
"maintenance_window_present",
"rollback_owner_and_ref_present",
"postcheck_plan_present",
"no_execution_request_embedded",
"counts_transition_safe",
"action_button_absent"
],
"reviewer_outcome": "waiting_owner_response_acceptance",
"rollback_owner": "pending_owner_response_acceptance",
"rollback_owner_accepted": false,
"rollback_ref": null,
"route_smoke_authorized": false,
"route_smoke_executed": false,
"route_smoke_matrix_accepted": false,
"route_smoke_matrix_received": false,
"route_smoke_matrix_ref": null,
"route_smoke_result_accepted": false,
"route_smoke_result_received": false,
"route_smoke_result_ref": null,
"runtime_gate": false,
"status": "waiting_owner_response_acceptance",
"tls_acme_impact_accepted": false,
"tls_acme_impact_ref": null
},
{
"acceptance_fields": [
"diff_acceptance_id",
"owner_response_acceptance_id",
"diff_gate_id",
"config_id",
"control_tier",
"host",
"live_path",
"redacted_live_conf_ref",
"rendered_diff_ref",
"rendered_diff_hash_ref",
"diff_scope_summary",
"affected_routes",
"nginx_test_evidence_ref",
"nginx_test_operator",
"nginx_test_result",
"route_smoke_matrix_ref",
"route_smoke_result_ref",
"tls_acme_impact_ref",
"maintenance_window",
"rollback_owner",
"rollback_ref",
"postcheck_evidence_ref",
"reviewer_outcome",
"followup_owner",
"not_approval"
],
"action_buttons_allowed": false,
"affected_routes": [],
"blocked_actions": [
"read_live_conf_over_ssh",
"store_raw_live_conf",
"store_full_rendered_diff_payload",
"accept_unredacted_live_conf",
"collect_secret_value",
"accept_execution_request_inside_evidence",
"mark_rendered_diff_accepted_without_owner_response",
"mark_rendered_diff_accepted_without_reviewer_record",
"run_nginx_test_from_diff_acceptance",
"run_route_smoke_from_diff_acceptance",
"nginx_reload_from_diff_acceptance",
"dns_probe_from_diff_acceptance",
"tls_probe_from_diff_acceptance",
"certbot_renew_from_diff_acceptance",
"modify_nginx_conf",
"modify_dns_tls_config",
"change_public_route",
"change_admin_route",
"change_websocket_route",
"write_production_host",
"open_runtime_gate",
"add_action_button"
],
"certbot_renew_authorized": false,
"config_id": "host110_ollama_proxy",
"control_tier": "C1",
"diff_acceptance_id": "public_gateway_rendered_diff_acceptance:host110_ollama_proxy",
"diff_gate_id": "public_gateway_rendered_diff_gate:host110_ollama_proxy",
"diff_scope_summary": "pending_owner_response_acceptance",
"dns_tls_probe_authorized": false,
"followup_owner": "pending_owner_response_acceptance",
"host": "192.168.0.110",
"live_path": "/etc/nginx/sites-enabled/110-ollama-proxy.conf",
"maintenance_window": "pending_owner_response_acceptance",
"maintenance_window_accepted": false,
"nginx_reload_authorized": false,
"nginx_reload_executed": false,
"nginx_test_authorized": false,
"nginx_test_evidence_accepted": false,
"nginx_test_evidence_received": false,
"nginx_test_evidence_ref": null,
"nginx_test_executed": false,
"nginx_test_operator": "pending_runtime_owner",
"nginx_test_result": "pending_owner_provided_readback",
"not_approval": true,
"outcome_lanes": [
"waiting_owner_response_acceptance",
"waiting_rendered_diff_evidence",
"quarantine_raw_conf_or_payload",
"reject_secret_or_execution_request",
"request_evidence_supplement",
"ready_for_reviewer_acceptance",
"accepted_for_runtime_gate_planning",
"waiting_separate_runtime_approval"
],
"owner_response_acceptance_id": "public_gateway_owner_response_acceptance:host110_ollama_proxy",
"owner_response_accepted": false,
"postcheck_evidence_accepted": false,
"postcheck_evidence_ref": null,
"production_write_authorized": false,
"redacted_export_accepted": false,
"redacted_live_conf_ref": null,
"rendered_diff_accepted": false,
"rendered_diff_hash_ref": null,
"rendered_diff_received": false,
"rendered_diff_ref": null,
"required_evidence_fields": [
"redacted_live_conf_ref",
"rendered_diff_ref",
"rendered_diff_hash_ref",
"diff_scope_summary",
"affected_routes",
"nginx_test_evidence_ref",
"nginx_test_result",
"route_smoke_matrix_ref",
"route_smoke_result_ref",
"tls_acme_impact_ref",
"maintenance_window",
"rollback_owner",
"rollback_ref",
"postcheck_evidence_ref"
],
"reviewer_checks": [
"owner_response_accepted_first",
"redacted_live_conf_ref_only",
"rendered_diff_ref_not_payload",
"diff_scope_matches_config_id",
"nginx_test_evidence_is_readback_only",
"nginx_test_result_has_timestamp",
"route_smoke_matrix_complete",
"tls_acme_impact_separated",
"secret_value_absent",
"maintenance_window_present",
"rollback_owner_and_ref_present",
"postcheck_plan_present",
"no_execution_request_embedded",
"counts_transition_safe",
"action_button_absent"
],
"reviewer_outcome": "waiting_owner_response_acceptance",
"rollback_owner": "pending_owner_response_acceptance",
"rollback_owner_accepted": false,
"rollback_ref": null,
"route_smoke_authorized": false,
"route_smoke_executed": false,
"route_smoke_matrix_accepted": false,
"route_smoke_matrix_received": false,
"route_smoke_matrix_ref": null,
"route_smoke_result_accepted": false,
"route_smoke_result_received": false,
"route_smoke_result_ref": null,
"runtime_gate": false,
"status": "waiting_owner_response_acceptance",
"tls_acme_impact_accepted": false,
"tls_acme_impact_ref": null
}
],
"diff_acceptance_fields": [
"diff_acceptance_id",
"owner_response_acceptance_id",
"diff_gate_id",
"config_id",
"control_tier",
"host",
"live_path",
"redacted_live_conf_ref",
"rendered_diff_ref",
"rendered_diff_hash_ref",
"diff_scope_summary",
"affected_routes",
"nginx_test_evidence_ref",
"nginx_test_operator",
"nginx_test_result",
"route_smoke_matrix_ref",
"route_smoke_result_ref",
"tls_acme_impact_ref",
"maintenance_window",
"rollback_owner",
"rollback_ref",
"postcheck_evidence_ref",
"reviewer_outcome",
"followup_owner",
"not_approval"
],
"execution_boundaries": {
"action_buttons_allowed": false,
"certbot_renew_authorized": false,
"dns_tls_probe_authorized": false,
"nginx_reload_authorized": false,
"nginx_reload_executed": false,
"nginx_test_authorized": false,
"nginx_test_executed": false,
"not_authorization": true,
"production_write_authorized": false,
"read_live_conf_over_ssh": false,
"rendered_diff_accepted": false,
"route_smoke_authorized": false,
"route_smoke_executed": false,
"runtime_execution_authorized": false,
"secret_value_collection_allowed": false,
"store_full_rendered_diff_payload": false,
"store_raw_live_conf": false
},
"generated_at": "2026-06-14T23:58:00+08:00",
"git_commit": "22876ee1",
"next_steps": [
"等待 owner response accepted未 accepted 前不得驗收 rendered diff evidence。",
"收到 rendered diff / nginx test / route smoke evidence 後,先做 raw payload、secret、scope 與 route matrix 檢查。",
"evidence accepted 也只能進 runtime gate planning`nginx -t`、reload、route smoke、DNS / TLS probe 與 production write 仍需獨立人工批准。"
],
"outcome_lanes": [
{
"lane_id": "waiting_owner_response_acceptance",
"meaning": "owner response 尚未 acceptedrendered diff evidence 不可驗收。"
},
{
"lane_id": "waiting_rendered_diff_evidence",
"meaning": "等待 owner-provided rendered diff / nginx test / route smoke evidence ref。"
},
{
"lane_id": "quarantine_raw_conf_or_payload",
"meaning": "收到 raw live conf、完整 diff payload 或不可保存內容時只能隔離。"
},
{
"lane_id": "reject_secret_or_execution_request",
"meaning": "出現 secret value 或夾帶執行要求時直接拒收。"
},
{
"lane_id": "request_evidence_supplement",
"meaning": "欄位不足、scope 不清或 route matrix 不完整時要求補件。"
},
{
"lane_id": "ready_for_reviewer_acceptance",
"meaning": "metadata 合格後只進 reviewer acceptance不自動執行。"
},
{
"lane_id": "accepted_for_runtime_gate_planning",
"meaning": "即使 evidence accepted也只可進下一層 runtime gate planning。"
},
{
"lane_id": "waiting_separate_runtime_approval",
"meaning": "nginx -t、reload、route smoke、DNS / TLS probe 仍需獨立人工批准。"
}
],
"required_evidence_fields": [
"redacted_live_conf_ref",
"rendered_diff_ref",
"rendered_diff_hash_ref",
"diff_scope_summary",
"affected_routes",
"nginx_test_evidence_ref",
"nginx_test_result",
"route_smoke_matrix_ref",
"route_smoke_result_ref",
"tls_acme_impact_ref",
"maintenance_window",
"rollback_owner",
"rollback_ref",
"postcheck_evidence_ref"
],
"reviewer_checks": [
{
"check_id": "owner_response_accepted_first",
"instruction": "必須先有 owner response accepted record否則不得驗收 rendered diff evidence。"
},
{
"check_id": "redacted_live_conf_ref_only",
"instruction": "只能接受脫敏 live conf ref、hash 或 artifact pointer不得收 raw conf。"
},
{
"check_id": "rendered_diff_ref_not_payload",
"instruction": "rendered diff 必須是 ref / hash不得把完整 diff payload 寫入 repo 或 LOGBOOK。"
},
{
"check_id": "diff_scope_matches_config_id",
"instruction": "diff scope 必須對回 public gateway config_id 與 affected route 清冊。"
},
{
"check_id": "nginx_test_evidence_is_readback_only",
"instruction": "nginx test evidence 只能是 owner 提供的 readback ref不得由本工具執行 nginx -t。"
},
{
"check_id": "nginx_test_result_has_timestamp",
"instruction": "nginx test result 需有時間、環境、操作者角色與結果摘要,但不得含 secret。"
},
{
"check_id": "route_smoke_matrix_complete",
"instruction": "route smoke matrix 必須列 affected routes、預期 status、TLS / WebSocket / ACME checks。"
},
{
"check_id": "tls_acme_impact_separated",
"instruction": "TLS / ACME 影響必須與 reload 決策分離,不能用 route smoke 取代 cert ownership。"
},
{
"check_id": "secret_value_absent",
"instruction": "不得出現 token、cookie、private key、完整憑證內容或 secret derivative。"
},
{
"check_id": "maintenance_window_present",
"instruction": "任何未來 runtime action 前都必須有維護窗口或明確禁止窗口。"
},
{
"check_id": "rollback_owner_and_ref_present",
"instruction": "rollback owner 與 rollback ref 必須存在,且不可指向 raw secret。"
},
{
"check_id": "postcheck_plan_present",
"instruction": "postcheck evidence ref 需描述 API、Web、WebSocket、ACME 或 affected route 的驗證結果。"
},
{
"check_id": "no_execution_request_embedded",
"instruction": "payload 不得夾帶 reload、route change、DNS / TLS probe 或 certbot renew 要求。"
},
{
"check_id": "counts_transition_safe",
"instruction": "只有 reviewer record 可更新 accepted / rejected不得同時開 runtime gate。"
},
{
"check_id": "action_button_absent",
"instruction": "前台與 AwoooP 只能顯示只讀狀態,不得新增執行按鈕。"
}
],
"schema_version": "public_gateway_rendered_diff_acceptance_v1",
"source_owner_response_acceptance_schema_version": "public_gateway_owner_response_acceptance_v1",
"source_owner_response_acceptance_status": "owner_response_acceptance_ledger_ready_no_runtime_action",
"source_rendered_diff_gate_schema_version": "public_gateway_rendered_diff_gate_draft_v1",
"source_rendered_diff_gate_status": "rendered_diff_gate_draft_ready_no_runtime_action",
"status": "rendered_diff_acceptance_ledger_ready_no_runtime_action",
"summary": {
"action_button_count": 0,
"blocked_action_count": 22,
"c0_diff_acceptance_candidate_count": 2,
"c1_diff_acceptance_candidate_count": 1,
"certbot_renew_authorized_count": 0,
"diff_acceptance_candidate_count": 3,
"diff_acceptance_field_count": 25,
"dns_tls_probe_authorized_count": 0,
"maintenance_window_accepted_count": 0,
"nginx_reload_authorized_count": 0,
"nginx_reload_executed_count": 0,
"nginx_test_authorized_count": 0,
"nginx_test_evidence_accepted_count": 0,
"nginx_test_evidence_received_count": 0,
"nginx_test_executed_count": 0,
"outcome_lane_count": 8,
"owner_response_accepted_count": 0,
"postcheck_evidence_accepted_count": 0,
"redacted_export_accepted_count": 0,
"rendered_diff_accepted_count": 0,
"rendered_diff_received_count": 0,
"required_evidence_field_count": 14,
"reviewer_check_count": 15,
"rollback_owner_accepted_count": 0,
"route_smoke_authorized_count": 0,
"route_smoke_executed_count": 0,
"route_smoke_matrix_accepted_count": 0,
"route_smoke_matrix_received_count": 0,
"route_smoke_result_accepted_count": 0,
"route_smoke_result_received_count": 0,
"runtime_gate_count": 0,
"source_diff_gate_candidate_count": 3,
"source_owner_response_acceptance_candidate_count": 3,
"tls_acme_impact_accepted_count": 0
}
}
Reference in New Issue View Git Blame Copy Permalink