wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 4 Packages Projects Releases Wiki Activity
Files
2a2cb16c135fd7e5b159d94de9b5ff04f6cf31f5
awoooi/docs/security/HIGH-VALUE-CONFIG-OWNER-PACKET.md

86 lines
3.7 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# IwoooS 高價值配置 Owner Response Packet
| 項目 | 內容 |
|------|------|
| 日期 | 2026-06-11 |
| 狀態 | `owner_packet_draft_ready` |
| 工具 | `scripts/security/high-value-config-owner-packet.py` |
| 輸入 | `docs/security/high-value-config-change-gate.snapshot.json` |
| Snapshot | `docs/security/high-value-config-owner-packet.snapshot.json` |
| runtime gate | `0` |
## 1. 目的
P0.2 已能將變更分類成 C0 / C1 / C2 / C3。本文件與工具負責下一步把分類結果轉成 owner response packet 草案,讓 Nginx、DNS / TLS、K8s、secret、workflow、runner、backup、monitoring、host service、network、AI provider、agent-bounty-protocol 等高價值配置變更有一致補件欄位。
本階段仍是只讀草案,不送 request、不收 owner response、不標記 received / accepted、不建立 action button、不接 blocking CI、不執行 runtime。
## 2. Canonical 欄位
高價值配置 packet 對齊 S4.9 canonical owner response envelope使用以下欄位
1. `owner_role_or_team`
2. `decision`
3. `decision_reason`
4. `affected_scope`
5. `redacted_evidence_refs`
6. `followup_owner`
7. `rollback_owner`
8. `maintenance_window`
9. `validation_plan`
`decision` 只能是 `confirm``defer``reject``request_more_evidence``confirm` 只代表 owner 對該分類補件方向確認,不代表 reload、deploy、sync、scan、payout 或 host write。
## 3. 指令
使用 committed gate snapshot 產生 owner packet
```bash
python3 scripts/security/high-value-config-owner-packet.py \
--root . \
--gate-report docs/security/high-value-config-change-gate.snapshot.json \
--output docs/security/high-value-config-owner-packet.snapshot.json
```
查看即時分類結果的 packet
```bash
python3 scripts/security/high-value-config-change-gate.py \
--root . \
--changed-file infra/ansible/roles/nginx/templates/188-all-sites.conf.j2 \
--output /tmp/high-value-config-gate-nginx.json
python3 scripts/security/high-value-config-owner-packet.py \
--root . \
--gate-report /tmp/high-value-config-gate-nginx.json
```
## 4. Packet 狀態
| 狀態 | 意義 | Gate 影響 |
|------|------|-----------|
| `draft_waiting_owner_response` | 只是草案,尚未送件或收件 | request / received / accepted 全部維持 0 |
| `request_more_evidence` | owner 欄位缺漏或 scope 不清 | 不增加 accepted |
| `quarantine_sensitive_payload` | 疑似含 secret、token、cookie、private key、未脫敏 evidence | 不保存 raw payload |
| `reject_execution_request` | 夾帶 reload、deploy、sync、host write、scan、payout 等執行要求 | 不建立 action button |
| `ready_for_reviewer_validation` | 欄位完整且無敏感 payload / 執行要求 | 只進 reviewer checklist仍非 accepted |
## 5. 絕對禁止
1. 不把 packet 草案當成 request sent。
2. 不把 owner 口頭同意當成 response received。
3. 不把 `confirm` 當成 runtime reload / deploy / scan / payout 授權。
4. 不收 secret value、partial token、private key、cookie、session、authorization header、runner token 或 webhook secret。
5. 不把內部工作視窗對話、抱怨或 Session 指令放入前端產品文案。
6. 不用 packet 產生器修改 `.gitea/workflows`、K8s、Nginx、DNS、TLS、主機或 agent-bounty runtime。
## 6. 完成度
| 工作 | 完成度 | 說明 |
|------|--------|------|
| Gate → owner packet 草案 | `100%` | 可從 gate JSON 產生 impacted category packet |
| Canonical 欄位對齊 | `100%` | 已對齊 S4.9 `owner_role_or_team` 等欄位P0.2 gate 也接受 alias |
| owner response 收件 | `0%` | 尚未送 request、尚未收到 owner response |
| reviewer accepted | `0%` | 尚未進 reviewer checklist |
| runtime gate | `0%` | 未授權且未開啟 |
Reference in New Issue View Git Blame Copy Permalink