164 lines
6.3 KiB
JSON
164 lines
6.3 KiB
JSON
{
|
||
"schema_version": "offsite_escrow_readiness_status_v1",
|
||
"generated_at": "2026-06-05T08:40:00+08:00",
|
||
"source_refs": [
|
||
"docs/evaluations/backup_dr_target_inventory_2026-06-04.json",
|
||
"docs/evaluations/backup_dr_readiness_matrix_2026-06-04.json",
|
||
"docs/evaluations/backup_restore_drill_approval_package_template_2026-06-05.json",
|
||
"docs/runbooks/OFFSITE-BACKUP-ESCROW-RUNBOOK.md",
|
||
"docs/HARD_RULES.md"
|
||
],
|
||
"program_status": {
|
||
"overall_completion_percent": 100,
|
||
"current_priority": "P1",
|
||
"current_task_id": "P1-106",
|
||
"next_task_id": "P1-305",
|
||
"read_only_mode": true
|
||
},
|
||
"rollups": {
|
||
"total_cards": 3,
|
||
"by_readiness": {
|
||
"verified": 1,
|
||
"action_required": 1,
|
||
"blocked": 1
|
||
},
|
||
"by_kind": {
|
||
"offsite_mirror": 1,
|
||
"credential_escrow": 1,
|
||
"k8s_resource_offsite": 1
|
||
},
|
||
"verified_offsite_card_ids": [
|
||
"offsite_rclone_full_sync"
|
||
],
|
||
"blocked_escrow_card_ids": [
|
||
"credential_escrow_markers"
|
||
],
|
||
"action_required_card_ids": [
|
||
"velero_k8s_resources"
|
||
],
|
||
"execution_blocked_card_ids": [
|
||
"offsite_rclone_full_sync",
|
||
"credential_escrow_markers",
|
||
"velero_k8s_resources"
|
||
]
|
||
},
|
||
"readiness_cards": [
|
||
{
|
||
"card_id": "offsite_rclone_full_sync",
|
||
"target_id": "offsite_rclone_full_sync",
|
||
"display_name": "Google Drive / rclone offsite mirror",
|
||
"kind": "offsite_mirror",
|
||
"readiness": "verified",
|
||
"offsite_status": "verified",
|
||
"escrow_status": "not_applicable",
|
||
"restore_drill_status": "not_applicable",
|
||
"credential_exposure_status": "not_applicable",
|
||
"automation_gate_status": "read_only_allowed",
|
||
"operator_summary": "latest-only remote mirror 證據已可見且已驗證,但 Agent 觸發異地同步仍維持阻擋。",
|
||
"next_action": "持續顯示 verify freshness;任何新的 sync 執行都需要獨立人工批准。",
|
||
"evidence_refs": [
|
||
"scripts/backup/sync-offsite-backups.sh",
|
||
"scripts/backup/verify-offsite-full-sync.sh",
|
||
"docs/runbooks/BACKUP-STATUS.md"
|
||
],
|
||
"blocked_operations": [
|
||
"offsite_sync_execution",
|
||
"schedule_change",
|
||
"workflow_write",
|
||
"telegram_test_notification"
|
||
]
|
||
},
|
||
{
|
||
"card_id": "credential_escrow_markers",
|
||
"target_id": "credential_escrow_markers",
|
||
"display_name": "Credential escrow evidence markers",
|
||
"kind": "credential_escrow",
|
||
"readiness": "blocked",
|
||
"offsite_status": "not_applicable",
|
||
"escrow_status": "missing_markers",
|
||
"restore_drill_status": "blocked",
|
||
"credential_exposure_status": "redacted_only",
|
||
"automation_gate_status": "credential_approval_required",
|
||
"operator_summary": "5 個 escrow evidence marker 仍缺失;UI 必須維持 blocked,且不得暴露任何 credential value。",
|
||
"next_action": "顯示 blocked 狀態;任何 marker 更新都必須走 P1-105 credential escrow review package 與 HITL。",
|
||
"evidence_refs": [
|
||
"scripts/backup/mark-credential-escrow-verified.sh",
|
||
"scripts/backup/offsite-escrow-evidence-report.sh",
|
||
"docs/runbooks/BACKUP-STATUS.md",
|
||
"docs/evaluations/backup_restore_drill_approval_package_template_2026-06-05.json"
|
||
],
|
||
"blocked_operations": [
|
||
"credential_marker_write",
|
||
"credential_read",
|
||
"secret_plaintext_export",
|
||
"restore_execution",
|
||
"telegram_test_notification"
|
||
]
|
||
},
|
||
{
|
||
"card_id": "velero_k8s_resources",
|
||
"target_id": "velero_k8s_resources",
|
||
"display_name": "Velero K8s resource snapshots",
|
||
"kind": "k8s_resource_offsite",
|
||
"readiness": "action_required",
|
||
"offsite_status": "needs_metric_binding",
|
||
"escrow_status": "not_applicable",
|
||
"restore_drill_status": "approval_required",
|
||
"credential_exposure_status": "redacted_only",
|
||
"automation_gate_status": "restore_approval_required",
|
||
"operator_summary": "Velero / MinIO freshness 與 independent offsite evidence 仍需 metric binding,才能進入 restore drill 升級判定。",
|
||
"next_action": "顯示 action-required 狀態;restore drill 仍由 OpenClaw 仲裁與 HITL 批准阻擋。",
|
||
"evidence_refs": [
|
||
"docs/runbooks/BACKUP-STATUS.md",
|
||
"k8s/awoooi-prod/16-cronjob-backup-restore-test.yaml",
|
||
"docs/evaluations/backup_restore_drill_approval_package_template_2026-06-05.json"
|
||
],
|
||
"blocked_operations": [
|
||
"velero_restore",
|
||
"kubectl_apply",
|
||
"secret_restore",
|
||
"offsite_sync_execution",
|
||
"production_routing_change"
|
||
]
|
||
}
|
||
],
|
||
"operator_contract": {
|
||
"display_mode": "read_only_status",
|
||
"success_notification_policy": "已驗證的異地證據可進每日摘要;成功狀態不得觸發即時 Telegram / AwoooP 洗版。",
|
||
"failure_notification_policy": "escrow marker blocked、metric binding gap、verify failure 或 approval-required restore attempt 必須維持 action-required。",
|
||
"credential_display_policy": "只能顯示 redacted marker metadata 與 evidence refs;禁止顯示 token、password、private key、cookie、authorization header、runner token、webhook secret、rclone credential 與 secret payload value。",
|
||
"must_not_interpret_as": [
|
||
"復原批准",
|
||
"異地同步批准",
|
||
"credential marker 寫入批准",
|
||
"secret 讀取批准",
|
||
"完整 DR 綠燈",
|
||
"生產路由批准"
|
||
]
|
||
},
|
||
"operation_boundaries": {
|
||
"read_only_status_allowed": true,
|
||
"backup_execution_allowed": false,
|
||
"restore_execution_allowed": false,
|
||
"offsite_sync_execution_allowed": false,
|
||
"credential_marker_write_allowed": false,
|
||
"credential_read_allowed": false,
|
||
"secret_plaintext_allowed": false,
|
||
"schedule_change_allowed": false,
|
||
"workflow_write_allowed": false,
|
||
"telegram_test_notification_allowed": false,
|
||
"destructive_prune_allowed": false,
|
||
"production_routing_allowed": false
|
||
},
|
||
"approval_boundaries": {
|
||
"sdk_installation_allowed": false,
|
||
"paid_api_call_allowed": false,
|
||
"shadow_or_canary_allowed": false,
|
||
"production_routing_allowed": false,
|
||
"destructive_operation_allowed": false,
|
||
"restore_execution_allowed": false,
|
||
"offsite_sync_execution_allowed": false,
|
||
"credential_marker_write_allowed": false
|
||
}
|
||
}
|