325 lines
8.3 KiB
JSON
325 lines
8.3 KiB
JSON
{
|
|
"$schema": "https://json-schema.org/draft/2020-12/schema",
|
|
"$id": "urn:awoooi:offsite-escrow-readiness-status-v1",
|
|
"title": "AWOOOI 異地 / Escrow 準備度狀態 v1",
|
|
"description": "異地備份、credential escrow 與 K8s resource offsite readiness 的只讀狀態。此 schema 不授權 offsite sync、credential marker 寫入、secret 讀取、restore、workflow 寫入、Telegram 測試通知或任何生產操作。",
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"schema_version",
|
|
"generated_at",
|
|
"source_refs",
|
|
"program_status",
|
|
"rollups",
|
|
"readiness_cards",
|
|
"operator_contract",
|
|
"operation_boundaries",
|
|
"approval_boundaries"
|
|
],
|
|
"properties": {
|
|
"schema_version": {
|
|
"const": "offsite_escrow_readiness_status_v1"
|
|
},
|
|
"generated_at": {
|
|
"type": "string"
|
|
},
|
|
"source_refs": {
|
|
"type": "array",
|
|
"minItems": 1,
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"program_status": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"overall_completion_percent",
|
|
"current_priority",
|
|
"current_task_id",
|
|
"next_task_id",
|
|
"read_only_mode"
|
|
],
|
|
"properties": {
|
|
"overall_completion_percent": {
|
|
"type": "integer",
|
|
"minimum": 0,
|
|
"maximum": 100
|
|
},
|
|
"current_priority": {
|
|
"enum": ["P0", "P1", "P2", "P3"]
|
|
},
|
|
"current_task_id": {
|
|
"const": "P1-106"
|
|
},
|
|
"next_task_id": {
|
|
"type": "string"
|
|
},
|
|
"read_only_mode": {
|
|
"const": true
|
|
}
|
|
}
|
|
},
|
|
"rollups": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"total_cards",
|
|
"by_readiness",
|
|
"by_kind",
|
|
"verified_offsite_card_ids",
|
|
"blocked_escrow_card_ids",
|
|
"action_required_card_ids",
|
|
"execution_blocked_card_ids"
|
|
],
|
|
"properties": {
|
|
"total_cards": {
|
|
"type": "integer",
|
|
"minimum": 0
|
|
},
|
|
"by_readiness": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "integer",
|
|
"minimum": 0
|
|
}
|
|
},
|
|
"by_kind": {
|
|
"type": "object",
|
|
"additionalProperties": {
|
|
"type": "integer",
|
|
"minimum": 0
|
|
}
|
|
},
|
|
"verified_offsite_card_ids": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"blocked_escrow_card_ids": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"action_required_card_ids": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"execution_blocked_card_ids": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"readiness_cards": {
|
|
"type": "array",
|
|
"minItems": 1,
|
|
"items": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"card_id",
|
|
"target_id",
|
|
"display_name",
|
|
"kind",
|
|
"readiness",
|
|
"offsite_status",
|
|
"escrow_status",
|
|
"restore_drill_status",
|
|
"credential_exposure_status",
|
|
"automation_gate_status",
|
|
"operator_summary",
|
|
"next_action",
|
|
"evidence_refs",
|
|
"blocked_operations"
|
|
],
|
|
"properties": {
|
|
"card_id": {
|
|
"type": "string"
|
|
},
|
|
"target_id": {
|
|
"type": "string"
|
|
},
|
|
"display_name": {
|
|
"type": "string"
|
|
},
|
|
"kind": {
|
|
"enum": ["offsite_mirror", "credential_escrow", "k8s_resource_offsite"]
|
|
},
|
|
"readiness": {
|
|
"enum": ["verified", "action_required", "blocked"]
|
|
},
|
|
"offsite_status": {
|
|
"enum": ["verified", "needs_metric_binding", "blocked", "not_applicable"]
|
|
},
|
|
"escrow_status": {
|
|
"enum": ["verified", "missing_markers", "blocked", "not_applicable"]
|
|
},
|
|
"restore_drill_status": {
|
|
"enum": ["approval_required", "blocked", "not_applicable"]
|
|
},
|
|
"credential_exposure_status": {
|
|
"enum": ["redacted_only", "not_applicable"]
|
|
},
|
|
"automation_gate_status": {
|
|
"type": "string"
|
|
},
|
|
"operator_summary": {
|
|
"type": "string"
|
|
},
|
|
"next_action": {
|
|
"type": "string"
|
|
},
|
|
"evidence_refs": {
|
|
"type": "array",
|
|
"minItems": 1,
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
},
|
|
"blocked_operations": {
|
|
"type": "array",
|
|
"minItems": 1,
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"operator_contract": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"display_mode",
|
|
"success_notification_policy",
|
|
"failure_notification_policy",
|
|
"credential_display_policy",
|
|
"must_not_interpret_as"
|
|
],
|
|
"properties": {
|
|
"display_mode": {
|
|
"const": "read_only_status"
|
|
},
|
|
"success_notification_policy": {
|
|
"type": "string"
|
|
},
|
|
"failure_notification_policy": {
|
|
"type": "string"
|
|
},
|
|
"credential_display_policy": {
|
|
"type": "string"
|
|
},
|
|
"must_not_interpret_as": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
},
|
|
"operation_boundaries": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"read_only_status_allowed",
|
|
"backup_execution_allowed",
|
|
"restore_execution_allowed",
|
|
"offsite_sync_execution_allowed",
|
|
"credential_marker_write_allowed",
|
|
"credential_read_allowed",
|
|
"secret_plaintext_allowed",
|
|
"schedule_change_allowed",
|
|
"workflow_write_allowed",
|
|
"telegram_test_notification_allowed",
|
|
"destructive_prune_allowed",
|
|
"production_routing_allowed"
|
|
],
|
|
"properties": {
|
|
"read_only_status_allowed": {
|
|
"const": true
|
|
},
|
|
"backup_execution_allowed": {
|
|
"const": false
|
|
},
|
|
"restore_execution_allowed": {
|
|
"const": false
|
|
},
|
|
"offsite_sync_execution_allowed": {
|
|
"const": false
|
|
},
|
|
"credential_marker_write_allowed": {
|
|
"const": false
|
|
},
|
|
"credential_read_allowed": {
|
|
"const": false
|
|
},
|
|
"secret_plaintext_allowed": {
|
|
"const": false
|
|
},
|
|
"schedule_change_allowed": {
|
|
"const": false
|
|
},
|
|
"workflow_write_allowed": {
|
|
"const": false
|
|
},
|
|
"telegram_test_notification_allowed": {
|
|
"const": false
|
|
},
|
|
"destructive_prune_allowed": {
|
|
"const": false
|
|
},
|
|
"production_routing_allowed": {
|
|
"const": false
|
|
}
|
|
}
|
|
},
|
|
"approval_boundaries": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": [
|
|
"sdk_installation_allowed",
|
|
"paid_api_call_allowed",
|
|
"shadow_or_canary_allowed",
|
|
"production_routing_allowed",
|
|
"destructive_operation_allowed",
|
|
"restore_execution_allowed",
|
|
"offsite_sync_execution_allowed",
|
|
"credential_marker_write_allowed"
|
|
],
|
|
"properties": {
|
|
"sdk_installation_allowed": {
|
|
"const": false
|
|
},
|
|
"paid_api_call_allowed": {
|
|
"const": false
|
|
},
|
|
"shadow_or_canary_allowed": {
|
|
"const": false
|
|
},
|
|
"production_routing_allowed": {
|
|
"const": false
|
|
},
|
|
"destructive_operation_allowed": {
|
|
"const": false
|
|
},
|
|
"restore_execution_allowed": {
|
|
"const": false
|
|
},
|
|
"offsite_sync_execution_allowed": {
|
|
"const": false
|
|
},
|
|
"credential_marker_write_allowed": {
|
|
"const": false
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|