de8bbd8ab9
Some checks failed
CD Pipeline / build-and-deploy (push) Has been cancelled
插入點: _handle_callback_query Step 1.9 (nonce 驗證後, Step 2 approve/reject 前) 邏輯: 1. 從 spec registry 查 action 是否為註冊的寫類動作 2. 若 action in (approve/reject/silence/tune/log_manual_fix) → skip 走既有流程 3. 若 spec.requires_multi_sig=True 且 current_signatures < 2 → 提示「需 2 人簽核」 4. Audit log (category_write_action_audit_start) 含 user/risk/provider/tool 5. Ack Telegram (emoji + label + 執行中...) 6. 從 incident 取 labels 供模板替換 7. dispatch_action() → MCP 執行 8. Reply 結果到原告警卡片(Redis tg_msg lookup) 9. Audit log (category_write_action_audit_complete) 含 success/error/duration 支援的寫類 action: - k8s_restart/scale_up/scale_down/rollback (kubernetes) - host_restart_service/clear_log (host_resource) - docker_restart/minio_restart (devops_tool/storage) - reload_nginx/renew_cert (network/ssl_cert) - kill_slow_query/clear_conn_pool (database) - pause_1h/trigger_diagnose (business/flywheel) Multi-Sig 支援 (Sprint 5.4 預留): - secops_isolate/block_ip/evict → requires_multi_sig=True - 簽核數未達 2 → 提示 + 不執行 回歸: 129/129 Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>