wooo/awoooi

Fork 0

Files

Your Name 58e760fae2

CD Pipeline / tests (push) Successful in 1m25s

Details

Code Review / ai-code-review (push) Successful in 13s

Details

CD Pipeline / build-and-deploy (push) Successful in 4m2s

Details

CD Pipeline / post-deploy-checks (push) Successful in 1m48s

Details

feat(security): 擴充 S4.10 target owner response

2026-06-11 20:30:41 +08:00

13 KiB

Raw Blame History

GitHub Primary Readiness Gate

項目	內容
日期	2026-06-11
狀態	草案，blocked by default
Schema	`docs/schemas/source_control_primary_readiness_gate_v1.schema.json`
Snapshot	`docs/security/source-control-primary-readiness-gate.snapshot.json`
Rollback ADR	`docs/security/source-control-primary-rollback-adr.snapshot.json`
GitHub target owner response	`docs/security/GITHUB-TARGET-OWNER-DECISION-RESPONSE.md`
Ref truth owner response	`docs/security/SOURCE-CONTROL-REF-TRUTH-OWNER-RESPONSE.md`
Workflow / secret owner response	`docs/security/SOURCE-CONTROL-WORKFLOW-SECRET-NAME-OWNER-RESPONSE.md`
Owner response validation rollup	`docs/security/SOURCE-CONTROL-OWNER-RESPONSE-VALIDATION-ROLLUP.md`
模式	`primary_readiness_gate_only`
runtime 執行授權	`false`

0. 核心結論

source_control_primary_readiness_gate_v1 是 S4.0 的 GitHub primary readiness gate 草案。

它只回答一件事：如果長期方向要把 Gitea 降成本地 mirror / fallback，並把 GitHub 做成 primary，AwoooP 在任何切換前必須看到哪些 parity、owner、rollback 與人工批准 evidence。

它不是 cutover plan，也不是 refs sync plan。目前 primary_ready_count=0、github_primary_switch_authorized=false。

0.1 2026-06-11 P1 只讀重盤結論

本輪只刷新 evidence，不切 primary、不建立 repo、不同步 refs、不改 workflow、不收 secret value。

證據	2026-06-11 結果	Gate 判讀
`awoooi` Gitea / GitHub refs	Gitea heads `170`、GitHub heads `2`、Gitea tags `2`、GitHub tags `0`、main SHA 不一致：`64490d32c67d24ed123cbd4e2261c69e17913e38` vs `202071f7a8724d5e8c29de441c3f380575a0ea94`	`blocked`；S4.11 current refs truth queue 已重產為 `194` items，但 owner response received / accepted 仍為 0
Gitea repo inventory	user endpoint public-only 仍只看到 `wooo/awoooi`、`wooo/ewoooc`；org endpoint 仍 blocked / 404	`blocked`；不得視為所有 Gitea 專案已盤完
GitHub target probe	既有 8 個候選 probe 中 5 個可讀、3 個 `not_found_or_private`；`nexu-io/open-design` 為 external scope 且 heads 增至 `644`；`VibeWork` 與 `agent-bounty-protocol` 本輪先以本機 evidence 納入 waiting owner decision	`pending_review`；可讀性不是 owner approval，新納入 repo 不代表 target 已批准
Workflow / secret 名稱本機 evidence	10 個候選、9 個本機可見、5 個 local evidence repo、33 個 workflow files、42 個 unique referenced secret names、`secret_value_detected=false`	`missing_evidence`；仍缺 webhook、runner owner、deploy key、branch protection、repository secret parity

本輪規範調整：snapshot 必須標示 refresh date 與可重現路徑；由工具重產的 snapshot 不得覆蓋治理補註後就直接視為完整狀態；external scope / high-churn repo 只可作可見性摘要，不得加入 primary cutover queue。

1. 目前狀態

指標	數量
Candidate repos	10
In-scope repos	9
External scope review	1
Primary ready	0
Blocked in-scope	9
Approval required	9

2. 全域 Gate

Gate	目前狀態	說明
Gitea authenticated inventory	blocked	private/internal 全量 repo list 尚未完成；S4.9 owner response request packet、template status ledger、audit event templates、redaction examples、display sections 與 collection checks 已可顯示，但 S4.7 owner coverage attestation response 仍未收到，audit events emitted 仍為 0；S4.13 已集中顯示四包 owner response validation、evidence routing、display sections、state transition rules、reviewer checklist、reviewer outcome lanes、reviewer audit event templates、reviewer audit display sections、reviewer audit collection checks、reviewer audit redaction examples、reviewer audit retention rules、reviewer audit retention checks、reviewer audit handoff packets、handoff checks、parallel session sync checks、parallel session conflict lanes、parallel session recovery checks 與 parallel session recovery outcome lanes，但 total accepted response 仍為 0、reviewer audit emitted 仍為 0
refs truth / branch-tag parity	blocked	3 個 mapped repos 仍有 refs drift；`awoooi` 已刷新到 Gitea heads `170` / GitHub heads `2`，S4.11 current classification 為 `194` refs review items；S4.11 owner response received / accepted 仍為 0
workflow / runner / secret name parity	missing evidence	S4.2 本機 evidence 已於 2026-06-11 刷新到 33 個 workflow files / 42 個 unique referenced secret names；仍缺 webhook、runner owner、deploy key、branch protection、repository secret parity；S4.12 owner response received / accepted 仍為 0
owner / visibility / canonical	pending review	既有 GitHub target probe 仍是 5 個可讀、3 個 `not_found_or_private`；9 個 in-scope targets 仍需人工決策；S4.10 owner response received / accepted 仍為 0
rollback ADR	pending review	S4.4 / P1-5 已建立 rollback ADR 與 owner handoff；9 個 in-scope repos 仍需 owner response、owner approval、dry-run 與 validation window 驗收

3. AwoooP 可做

顯示每個 repo 的 readiness state、blockers 與 evidence refs。
顯示 primary_ready_count=0。
將 9 個 in-scope repos 維持在 approval / review lane。
顯示哪些 evidence 仍缺：Gitea authenticated inventory、S4.7 owner coverage attestation、S4.9 owner response request packet / template status ledger / audit event templates / redaction examples / display sections / collection checks / owner response、S4.10 GitHub target owner response request packet / template status ledger / audit event templates / redaction examples / collection checks / intake preflight checks / owner response、S4.11 refs truth owner response request packet / template status ledger / audit event templates / redaction examples / collection checks / intake preflight checks / owner response、S4.12 workflow / secret name owner response request packet / template status ledger / audit event templates / redaction examples / collection checks / intake preflight checks / owner response、S4.13 validation rollup / evidence routing rules / display sections / state transition rules / reviewer checklist / reviewer outcome lanes / reviewer audit event templates / reviewer audit display sections / reviewer audit collection checks / reviewer audit redaction examples / reviewer audit retention rules / reviewer audit retention checks / reviewer audit handoff packets / handoff checks / parallel session sync checks / parallel session conflict lanes / parallel session recovery checks / parallel session recovery outcome lanes、workflow/runner/secret name inventory、rollback ADR。
連到 S4.10 github_target_owner_decision_response_v1 顯示 1 個 owner response request packet、9 個 owner response template statuses、3 個 owner response audit event templates、5 個 owner response redaction examples、6 個 owner response collection checks、6 個 intake preflight checks、9 個 owner decision response templates、8 個 acceptance checks、10 個 rejection rules，且 received / accepted response 皆為 0。
連到 S4.11 source_control_ref_truth_owner_response_v1 顯示 1 個 owner response request packet、5 個 template statuses、3 個 audit event templates、5 個 redaction examples、6 個 collection checks、6 個 intake preflight checks、5 個 refs owner response templates、8 個 acceptance checks、10 個 rejection rules，且 received / accepted response 皆為 0、audit events emitted 仍為 0。
連到 source_control_workflow_secret_name_inventory_v1 與 2026-06-11 S4.2 local evidence，顯示 10 個 candidate repos、33 個 workflow files、42 個 unique referenced secret names 與仍缺的 webhook / runner / deploy key / branch protection / repository secret parity；只保存 secret 名稱與 owner，不保存 value。
連到 S4.12 source_control_workflow_secret_name_owner_response_v1 顯示 1 個 owner response request packet、5 個 template statuses、3 個 audit event templates、5 個 redaction examples、6 個 collection checks、6 個 intake preflight checks、5 個 owner response templates、8 個 acceptance checks、10 個 rejection rules，且 received / accepted response 皆為 0、audit events emitted 仍為 0。
連到 S4.13 source_control_owner_response_validation_rollup_v1 顯示四包 owner response validation 狀態：24 個 templates、10 個 cross-packet checks、6 條 evidence routing rules、8 個 display sections、7 條 state transition rules、9 個 reviewer checklist items、7 條 reviewer outcome lanes、4 個 reviewer audit event templates、5 個 reviewer audit display sections、6 個 reviewer audit collection checks、5 個 reviewer audit redaction examples、5 條 reviewer audit retention rules、6 個 reviewer audit retention checks、6 個 reviewer audit handoff packets、6 個 reviewer audit handoff checks、6 個 parallel session sync checks、6 條 parallel session conflict lanes、6 個 parallel session recovery checks、7 條 parallel session recovery outcome lanes、received / accepted / rejected response 皆為 0、reviewer audit emitted 仍為 0。
連到 source_control_primary_rollback_adr_v1 顯示 9 個 in-scope repos 的 rollback owner handoff、trigger、fallback role 與 pre-cutover / 1h / 24h validation window 草案；P1-5 handoff package ready 但 received / accepted 仍為 0。
把狀態寫入 Audit evidence 與 Operator Console。

4. AwoooP 不可做

不建立 GitHub repo。
不修改 repo visibility。
不 sync refs、不 delete refs、不 force push。
不切 GitHub primary。
不停用、刪除、封存或降級 Gitea repo。
不搬移或保存 secret value。
不顯示 repo、refs、primary switch 類 action button。

5. 階段定位

S4.0 只是把「切換前一定要看見什麼」先定義清楚。

S4.4 已補上 rollback ADR 草案，P1-5 已補上 9 個 in-scope repos 的 rollback owner handoff、fallback role confirmation、trigger review、validation window refs、送件前檢查與交接封套，但它仍只是 owner review 的資料包，不是切換批准。S4.7 已補上 Gitea coverage owner attestation，S4.9 已補上 Gitea owner response request packet、template status ledger、audit event templates、redaction examples、display sections、collection checks、收件包、preflight 與 outcome lanes，S4.10 已補上 GitHub target owner decision response request packet、template status ledger、audit event templates、redaction examples、collection checks、intake preflight checks 與收件包，S4.11 已補上 refs truth owner response request packet、template status ledger、audit event templates、redaction examples、collection checks、intake preflight checks 與收件包，S4.12 已補上 workflow / secret 名稱 owner response request packet、template status ledger、audit event templates、redaction examples、collection checks、intake preflight checks 與收件包，S4.13 已補上四包 owner response validation rollup、evidence routing rules、display sections、state transition rules、reviewer checklist、reviewer outcome lanes、reviewer audit event templates、reviewer audit display sections、reviewer audit collection checks、reviewer audit redaction examples、reviewer audit retention rules、reviewer audit retention checks、reviewer audit handoff packets、handoff checks、parallel session sync checks、parallel session conflict lanes、parallel session recovery checks 與 parallel session recovery outcome lanes；它們只是 scope decision、response 收件提示、metadata audit template、脫敏範例、只讀收件檢查、只讀 preflight、只讀顯示順序、只讀 evidence routing、只讀狀態語義、人工審查提示、結果分類、脫敏稽核格式、稽核顯示邊界、只讀稽核檢查、安全 metadata 顯示範例、metadata retention 邊界、只讀 retention 驗證、跨 Session 只讀交接、交接消費檢查、平行 Session 同步檢查、衝突 lane、復原前檢查、復原結果分類與驗收框架，不是 audit production ingestion、migration approval、repo creation approval、visibility change approval、refs sync approval、delete approval、force-push approval、secret value collection approval、workflow modification approval、rollback execution approval 或 primary approval。rollback_owner_response_received_count=0、rollback_owner_response_accepted_count=0、owner_approved_count=0、dry_run_completed_count=0、active_cutover_count=0。

這讓長期回到 GitHub 的方向可以繼續往前，但仍維持低摩擦：目前只 mirror、只顯示、只留痕，不執行。

13 KiB Raw Blame History Unescape Escape

GitHub Primary Readiness Gate

0. 核心結論

0.1 2026-06-11 P1 只讀重盤結論

1. 目前狀態

2. 全域 Gate

3. AwoooP 可做

4. AwoooP 不可做

5. 階段定位

13 KiB

Raw Blame History