wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 3 Packages Projects Releases Wiki Activity
Files
05e87fa91f98395a3eff77b0e41b21d2813e9b29
awoooi/apps/api/migrations/governance_remediation_dispatch_2026-05-03.sql
Your Name e45b055e0e
Some checks failed
Code Review / ai-code-review (push) Successful in 48s
Details
run-migration / migrate (push) Failing after 45s
Details
CD Pipeline / tests (push) Successful in 3m46s
Details
Type Sync Check / check-type-sync (push) Successful in 2m8s
Details
CD Pipeline / build-and-deploy (push) Failing after 31m14s
Details
CD Pipeline / post-deploy-checks (push) Has been skipped
Details
feat(governance): AI 治理事件處理鏈四軌交付(C/D/B/A) 
【十二人專家團隊全景掃描 + 並行四軌實施】

統帥質疑「有讓 12-agent 一起協作嗎」後,依照團隊規則完成全鏈路交付:
onboarder + critic + db-expert + debugger + frontend-designer 並行掃描,
找到 6 大 Gap,再由 fullstack-engineer × 4、refactor-specialist 協作落地。

【Track C — trust_drift 雙寫整併】

兩條獨立寫 event_type=trust_drift 路徑互不呼叫,下游 consumer 拿到雙份資料
無法判定 source-of-truth。整併保留 governance_agent.check_trust_drift(功能
更全:auto-deprecate + Telegram + PG),TrustDriftDetector 降為純統計 lib,
W-6 watchdog 改呼叫 governance_agent。新增 TestSinglePgWritePerDriftScenario
驗證同一 drift 場景只觸發一次 PG 寫入。

  變更:
    - apps/api/src/services/trust_drift_detector.py(lib only,不再寫 PG)
    - apps/api/tests/test_trust_drift_watchdog.py(W-6 改 mock governance_agent)

【Track D — governance_remediation_dispatch 派遣表】

ai_governance_events 是不可變 Event Sourcing,不能塞執行狀態。新建派遣表
作為投影層:1 event → 0..N dispatches,狀態可變、可重試、可審計。

  - PgEnum 5 種 event_type + 7 階段狀態機(pending → dispatched → executing →
    succeeded/failed/cancelled/skipped)
  - 失敗重試 INSERT 新 row(不改舊 row 的 status,保留審計痕跡)
  - Partial unique index ux_grd_one_active_per_event 強制「同事件唯一活躍」
  - 4 個複合 index 支援 worker poll、去重查詢、觀測面板
  - FK 對應 ai_governance_events / playbooks / incidents / approval_records
    全部 SET NULL(avoid cascade lock,但 governance_event 用 RESTRICT)

  變更:
    - apps/api/src/db/models.py(GovernanceRemediationDispatch ORM class)
    - apps/api/migrations/governance_remediation_dispatch_2026-05-03.sql
    - apps/api/src/repositories/governance_remediation_dispatch_repo.py
      (6 個 async 函式 + 3 個自訂例外:DispatchAlreadyActive /
       InvalidStatusTransition / DispatchNotFound)
    - apps/api/src/models/governance_dispatch.py(DecisionContextV1 等 4 schema)
    - apps/api/tests/test_governance_remediation_dispatch.py(29 tests)

【Track B — /governance 頁面】

後端 PR1 三個 endpoint + 前端 PR2-5 完整三 Tab。

PR1 後端:
  - GET /api/v1/ai/governance/events(events_tab,含 event_type/severity/
    狀態/時間範圍篩選 + 分頁)
  - GET /api/v1/ai/governance/queue(queue_tab,含 graceful fallback:
    dispatch 表不存在時回 table_pending=True 不拋 500)
  - GET /api/v1/ai/governance/summary(slo_tab 30d 違反時序圖)
  - severity 映射規則寫死(critic 建議未來移 settings)

PR2-5 前端:
  - /governance 路由 + AppLayout + Compliance Badge 橫幅 + PageTabs
  - SLO Tab:3 KPI 卡片(Syne 28px + StatusOrb + 7d sparkline)+
    30d 違反 stacked BarChart
  - Events Tab:篩選列 + 表格 + inline 展開行(JSON / 修復建議 / 派遣記錄)
  - Queue Tab:HITL 待辦卡片 + 信任度進度條 + 批准/拒絕按鈕(本 PR console.log)
  - Sidebar 加入「AI 治理」入口(ShieldCheck icon)
  - i18n 雙語完整(governance namespace + nav.governance)
  - 7 個新元件:slo-kpi-card / slo-violation-chart / events-table /
    events-filter-bar / event-detail-drawer / queue-item-card / queue-history-tabs

  變更:
    - apps/api/src/api/v1/ai_governance.py(router)
    - apps/api/src/services/governance_query_service.py
    - apps/api/src/models/governance.py(Pydantic V2 schemas)
    - apps/api/tests/test_ai_governance_endpoints.py(21 tests)
    - apps/web/src/app/[locale]/governance/(page + 3 tabs)
    - apps/web/src/components/governance/(7 元件)
    - apps/web/messages/{zh-TW,en}.json(governance namespace)
    - apps/web/src/components/layout/sidebar.tsx(+1 行)
    - apps/api/src/main.py(router include)

【Track A — GovernanceDispatcher 決策融合】

把治理事件接到 remediation 執行器,走北極星方向決策融合(LLM × Playbook trust
× MCP),符合「禁寫死規則」鐵律。

  - 設計鐵律:DecisionFusionAdapter 是新增 wrapper,**不修改任何 Tier 3 檔**
    (decision_manager / learning_service / trust_engine),只 consume 既有 API
  - 三維融合公式:confidence = 0.4×llm + 0.3×playbook_trust + 0.3×mcp_consistency
    (權重加 TODO 標明未來由 AI 自學調整)
  - 三分支決策路徑:
    confidence ≥ 0.85 → auto_dispatch(status=dispatched)
    0.65 ≤ confidence < 0.85 → pending_approval(HITL)
    confidence < 0.65 → skip + log
  - decision_context JSONB 完整記錄三維輸入快照(給未來 fine-tune 用)
  - poll 30s 掃 unresolved 事件,仿 governance loop 模式
  - 重複事件擋去重(呼叫 get_active_for_event)

  變更:
    - apps/api/src/services/governance_dispatcher.py
    - apps/api/src/services/decision_fusion_adapter.py
    - apps/api/tests/test_governance_dispatcher.py(14 tests)
    - apps/api/src/main.py(lifespan task 接 run_governance_dispatcher_loop)

【驗證】

1836 個 unit test 全過(29 skipped 為既有 PG integration env 問題)

【調度教訓 — 已記入 memory】

- vuln-verifier 應在 fullstack-engineer **之前**跑(避免並行讀到已修代碼誤判)
- critic 雙輪審查不可省(第二輪抓到 NaN sentinel + Prom rule 連鎖)
- 北極星「禁寫死規則」搭配 decision-fusion 確實實施

【未動 Tier 3 — 已驗證】

git diff 確認本 commit 完全沒改 decision_manager.py / learning_service.py /
trust_engine.py,只新增 wrapper service consume 既有 API。

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-03 12:42:40 +08:00

117 lines
4.7 KiB
SQL
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
-- governance_remediation_dispatch_2026-05-03.sql
-- Wave 2 D: 治理事件修復派遣表
-- 2026-05-03 ogt + Claude Sonnet 4.6(亞太)
--
-- 用途:
-- 將 5 種治理事件trust_drift / knowledge_degradation / llm_hallucination /
-- execution_blast_radius / governance_slo_data_gap接到修復執行器。
-- 每個事件同一時間最多 1 筆活躍 dispatchpartial unique index
-- 失敗重試採 INSERT 新 row保留完整審計痕跡舊 row 永久保留 failed。
--
-- 依賴(必須先存在):
-- - ai_governance_eventsgovernance_event_id FK
-- - playbooksplaybook_id FK
-- - incidentsincident_id FK
-- - approval_recordsapproval_id FK
--
-- 回滾路徑:
-- DROP TABLE IF EXISTS governance_remediation_dispatch;
-- DROP TYPE IF EXISTS governance_event_type;
-- DROP TYPE IF EXISTS governance_dispatch_status;
-- ---------------------------------------------------------------------------
-- Step 1: 建立 ENUM 類型create_type=False 的 ORM 需要 migration 預先建立)
DO $$
BEGIN
IF NOT EXISTS (
SELECT 1 FROM pg_type WHERE typname = 'governance_event_type'
) THEN
CREATE TYPE governance_event_type AS ENUM (
'trust_drift',
'knowledge_degradation',
'llm_hallucination',
'execution_blast_radius',
'governance_slo_data_gap'
);
END IF;
END
$$;
DO $$
BEGIN
IF NOT EXISTS (
SELECT 1 FROM pg_type WHERE typname = 'governance_dispatch_status'
) THEN
CREATE TYPE governance_dispatch_status AS ENUM (
'pending',
'dispatched',
'executing',
'succeeded',
'failed',
'skipped',
'cancelled'
);
END IF;
END
$$;
-- Step 2: 建立主表
CREATE TABLE IF NOT EXISTS governance_remediation_dispatch (
id VARCHAR(36) NOT NULL PRIMARY KEY,
governance_event_id VARCHAR(36) NOT NULL
REFERENCES ai_governance_events(id) ON DELETE RESTRICT,
event_type governance_event_type NOT NULL,
dispatch_status governance_dispatch_status NOT NULL DEFAULT 'pending',
playbook_id VARCHAR(36)
REFERENCES playbooks(playbook_id) ON DELETE SET NULL,
incident_id VARCHAR(30)
REFERENCES incidents(incident_id) ON DELETE SET NULL,
approval_id VARCHAR(36)
REFERENCES approval_records(id) ON DELETE SET NULL,
decision_context JSONB NOT NULL DEFAULT '{}',
executor_type VARCHAR(80) NOT NULL,
attempt_count INTEGER NOT NULL DEFAULT 0,
max_attempts INTEGER NOT NULL DEFAULT 3,
last_error TEXT,
dispatched_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
started_at TIMESTAMPTZ,
completed_at TIMESTAMPTZ,
created_by VARCHAR(100) DEFAULT 'governance_dispatcher',
CONSTRAINT ck_grd_attempts
CHECK (attempt_count >= 0 AND attempt_count <= max_attempts),
CONSTRAINT ck_grd_max_attempts_positive
CHECK (max_attempts > 0)
);
COMMENT ON TABLE governance_remediation_dispatch IS
'Wave 2 D: 治理事件修復派遣記錄(失敗重試採 INSERT 新 row 審計策略)';
-- Step 3: 一般索引
CREATE INDEX IF NOT EXISTS ix_grd_status_dispatched
ON governance_remediation_dispatch (dispatch_status, dispatched_at);
CREATE INDEX IF NOT EXISTS ix_grd_event_status
ON governance_remediation_dispatch (governance_event_id, dispatch_status);
CREATE INDEX IF NOT EXISTS ix_grd_playbook_id
ON governance_remediation_dispatch (playbook_id);
CREATE INDEX IF NOT EXISTS ix_grd_event_type_status
ON governance_remediation_dispatch (event_type, dispatch_status);
CREATE INDEX IF NOT EXISTS ix_grd_governance_event_id
ON governance_remediation_dispatch (governance_event_id);
-- Step 4: Partial unique index同 event_id 不可同時有 2 筆活躍 dispatch
-- 注意ORM 層 __table_args__ 無法宣告 partial unique此為唯一來源
CREATE UNIQUE INDEX IF NOT EXISTS ux_grd_one_active_per_event
ON governance_remediation_dispatch (governance_event_id)
WHERE dispatch_status IN ('pending', 'dispatched', 'executing');
-- Step 5: 權限授予(對齊 adr094 模式)
GRANT SELECT, INSERT, UPDATE ON governance_remediation_dispatch TO awoooi;
COMMENT ON INDEX ux_grd_one_active_per_event IS
'Partial unique: 同一治理事件同一時間最多 1 筆活躍 dispatchpending/dispatched/executing';
Reference in New Issue View Git Blame Copy Permalink