wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 2 Packages Projects Releases Wiki Activity
Files
66dbd192c8fde39fa7bf54575cff0f2e7043f030
awoooi/docs/security/github-operator-unblock-governance-closure.snapshot.json

224 lines
8.2 KiB
JSON
Raw Blame History

{
"schema_version": "github_operator_unblock_governance_closure_v1",
"generated_at": "2026-06-28T18:51:11+08:00",
"status": "operator_unblock_governance_writeback_ready_no_github_write",
"summary": {
"governance_writeback_ready": true,
"mcp_evidence_packet_count": 1,
"rag_evidence_ref_count": 5,
"km_writeback_item_count": 1,
"km_writeback_ready_count": 1,
"playbook_writeback_item_count": 1,
"playbook_writeback_ready_count": 1,
"timeline_log_item_count": 1,
"timeline_log_ready_count": 1,
"logbook_entry_count": 1,
"github_account_status": "suspended",
"github_account_suspended": true,
"github_write_channel_ready": false,
"source_preflight_ready_count": 5,
"controlled_apply_ready_count": 0,
"blocked_preflight_target_count": 5,
"secret_value_collection_allowed_count": 0,
"github_write_performed": false,
"gh_cli_called": false,
"github_api_called": false,
"github_repo_creation_performed": false,
"github_refs_sync_performed": false,
"github_visibility_change_performed": false,
"secret_values_collected": false,
"raw_session_or_sqlite_read": false,
"runtime_write_performed": false,
"host_or_k8s_write_performed": false
},
"source_refs": {
"controlled_execution_preflight": "docs/security/github-target-controlled-execution-preflight.snapshot.json",
"missing_source_readiness": "docs/security/github-target-missing-source-readiness.snapshot.json",
"private_backup_gate_service": "apps/api/src/services/github_target_private_backup_evidence_gate.py",
"delivery_workbench_service": "apps/api/src/services/delivery_closure_workbench.py",
"logbook": "docs/LOGBOOK.md"
},
"mcp_evidence_packets": [
{
"packet_id": "github_operator_unblock_external_channel_blocker_mcp_packet_20260628",
"source_id": "github_target_controlled_execution_preflight",
"status": "ready_for_internal_tool_context",
"decision": "external_channel_blocker_not_repo_cd_or_local_governance_blocker",
"evidence_refs": [
"docs/security/github-target-controlled-execution-preflight.snapshot.json",
"docs/security/github-target-missing-source-readiness.snapshot.json",
"apps/api/src/services/github_target_private_backup_evidence_gate.py",
"apps/api/src/services/delivery_closure_workbench.py"
],
"safe_fields": {
"github_account_status": "suspended",
"github_write_channel_ready": false,
"source_preflight_ready_count": 5,
"controlled_apply_ready_count": 0,
"blocked_preflight_target_count": 5
},
"redaction_boundary": "metadata_and_committed_refs_only_no_tokens_no_private_clone_urls_no_raw_sessions"
}
],
"rag_evidence_refs": [
{
"ref_id": "github-operator-unblock-controlled-preflight",
"path": "docs/security/github-target-controlled-execution-preflight.snapshot.json",
"topic": "github_operator_unblock",
"keywords": [
"github_account_suspended",
"write_channel_blocked",
"source_preflight_ready",
"controlled_apply_ready_zero"
]
},
{
"ref_id": "github-missing-source-readiness",
"path": "docs/security/github-target-missing-source-readiness.snapshot.json",
"topic": "source_of_truth_selection",
"keywords": [
"missing_targets",
"gitea_source_candidate",
"internal_remote_source_candidate",
"no_repo_write"
]
},
{
"ref_id": "github-private-backup-gate-service",
"path": "apps/api/src/services/github_target_private_backup_evidence_gate.py",
"topic": "api_projection",
"keywords": [
"controlled_execution_preflight",
"operator_unblock",
"internal_governance_writeback"
]
},
{
"ref_id": "delivery-workbench-github-lane",
"path": "apps/api/src/services/delivery_closure_workbench.py",
"topic": "delivery_workbench_projection",
"keywords": [
"github_lane",
"operator_unblock",
"km_playbook_writeback"
]
},
{
"ref_id": "github-operator-unblock-logbook-entry",
"path": "docs/LOGBOOK.md",
"topic": "operator_unblock_timeline",
"keywords": [
"github_freeze",
"mcp",
"rag",
"km",
"playbook",
"log"
]
}
],
"km_writeback_items": [
{
"item_id": "km-github-operator-unblock-external-channel-blocker",
"title": "GitHub account suspension is an external write-channel blocker",
"status": "ready_for_km_trust_writeback",
"ready_for_writeback": true,
"category": "source_control_governance",
"safe_summary": "Five missing GitHub backup targets have source preflight evidence, but controlled apply remains blocked because the GitHub account/write channel is suspended. Treat this as an external channel blocker, not as a repo/CD/local-governance blocker.",
"trust_signal": "negative_channel_availability_evidence",
"writeback_allowed": true,
"runtime_write_performed": false
}
],
"playbook_writeback_items": [
{
"playbook_id": "playbook-github-operator-unblock-external-channel-blocker",
"trigger": "github_account_suspended_external_action_required",
"status": "ready_for_playbook_draft",
"ready_for_writeback": true,
"controlled_actions": [
"record_external_channel_blocker_in_delivery_workbench",
"keep_source_preflight_and_rollback_plan_attached",
"rerun_local_and_gitea_focused_tests_after_source_changes"
],
"blocked_actions": [
"github_app_connector_mcp",
"gh_cli",
"github_api",
"github_actions",
"repo_creation",
"refs_sync",
"visibility_change",
"force_push",
"delete_refs",
"secret_or_session_collection"
],
"rollback_plan_ref": "docs/security/github-target-controlled-execution-preflight.snapshot.json#rollback_plan",
"post_apply_verifier_refs": [
"apps/api/tests/test_github_target_private_backup_evidence_gate.py",
"apps/api/tests/test_github_target_private_backup_evidence_gate_api.py",
"apps/api/tests/test_delivery_closure_workbench_api.py"
]
}
],
"timeline_log_items": [
{
"event_id": "timeline-github-operator-unblock-governance-closure-20260628",
"event_type": "source_control_governance",
"status": "ready_for_log_projection",
"ready_for_writeback": true,
"message": "GitHub operator unblock is captured as an internal governance evidence packet while GitHub executable channels remain disabled.",
"evidence_refs": [
"docs/security/github-operator-unblock-governance-closure.snapshot.json",
"docs/security/github-target-controlled-execution-preflight.snapshot.json",
"docs/LOGBOOK.md"
]
}
],
"logbook_entries": [
{
"entry_id": "logbook-github-operator-unblock-governance-closure-20260628",
"path": "docs/LOGBOOK.md",
"status": "ready_and_written",
"entry_written": true
}
],
"operation_boundaries": {
"local_source_snapshot_allowed": true,
"github_app_connector_mcp_allowed": false,
"gh_cli_allowed": false,
"github_api_allowed": false,
"github_actions_allowed": false,
"github_repo_creation_allowed": false,
"github_refs_sync_allowed": false,
"github_visibility_change_allowed": false,
"github_primary_switch_allowed": false,
"force_push_allowed": false,
"delete_refs_allowed": false,
"secret_value_collection_allowed": false,
"private_clone_url_collection_allowed": false,
"raw_session_read_allowed": false,
"sqlite_read_allowed": false,
"runtime_write_allowed": false,
"host_or_k8s_write_allowed": false
},
"still_forbidden": [
"github_app_connector_mcp",
"gh_cli",
"github_api",
"github_actions",
"repo_creation",
"refs_sync",
"visibility_change",
"force_push",
"delete_refs",
"public_visibility",
"github_primary_switch",
"token_or_secret_value_collection",
"private_clone_url_collection",
"raw_session_or_sqlite_read",
"runtime_or_host_write"
],
"next_action": "Keep GitHub as an external operator-unblock item and continue Gitea/local governance work only."
}
Reference in New Issue View Git Blame Copy Permalink