OG T
cc42aa0bdb
CD Pipeline / build-and-deploy (push) Has been cancelled
feat(adr-076): Task 2.2 + 2.3 — 規則擴充 + kubectl 注入防護
Task 2.2: alert_rules.yaml 新增 3 類規則 (priority 125-127)
- gitea_down: Gitea CI/CD 下線 → NO_ACTION (priority 125, critical)
- ssl_cert_expiring: SSL 憑證到期 → NO_ACTION (priority 126, medium)
- external_site_down: MoWoooWork/Dev/Blackbox probe → NO_ACTION (priority 127, medium)
規則總數: 21 → 24
Task 2.3: alert_rule_engine.py kubectl 注入防護
- _RULE_ENGINE_DESTRUCTIVE_RE: 阻擋 delete pvc/namespace/statefulset/deployment,
drain/cordon, --replicas=0, rm -rf, DROP TABLE, $() 反引號
- validate_kubectl_command(): 公開 API,SSH 指令/空字串直接通過
- match_rule() 整合: 變數替換後驗證,阻擋時清空 + log warning
- test_alert_rule_engine_validation.py: 34 tests (100% 通過)
測試: 776 passed, 26 skipped, 0 failed
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-14 15:10:10 +08:00
..
2026-04-10 11:40:40 +08:00
2026-03-26 16:06:20 +08:00
2026-04-05 14:45:02 +08:00
2026-03-31 16:25:00 +08:00
2026-04-10 11:22:57 +08:00
2026-04-06 11:49:24 +08:00
2026-04-14 14:39:14 +08:00
2026-04-14 15:10:10 +08:00
2026-03-29 15:27:49 +08:00
2026-04-14 14:39:14 +08:00
2026-03-29 15:27:49 +08:00
2026-04-08 18:17:48 +08:00
2026-03-29 15:48:03 +08:00
2026-04-12 22:50:20 +08:00
2026-04-11 22:05:52 +08:00
2026-03-31 12:16:54 +08:00
2026-04-11 21:33:19 +08:00
2026-04-05 15:40:40 +08:00
2026-04-01 11:11:50 +08:00
2026-04-07 11:17:40 +08:00
2026-03-31 16:16:16 +08:00
2026-03-31 12:20:29 +08:00
2026-03-26 16:06:20 +08:00
2026-04-12 13:32:42 +08:00
2026-03-29 20:49:23 +08:00
2026-04-03 14:00:21 +08:00
2026-04-12 22:22:52 +08:00
2026-04-09 08:55:21 +08:00
2026-04-05 00:14:50 +08:00
2026-04-05 00:14:50 +08:00
2026-03-26 16:06:20 +08:00
2026-03-31 14:17:36 +08:00
2026-03-29 16:23:30 +08:00
2026-03-23 23:51:37 +08:00
2026-04-14 14:39:14 +08:00
2026-04-09 09:01:59 +08:00
2026-04-10 01:12:00 +08:00
2026-04-12 21:08:48 +08:00
2026-04-12 21:20:16 +08:00
2026-03-31 16:16:16 +08:00
2026-04-01 13:12:02 +08:00