Files
awoooi/docs/security/SOURCE-CONTROL-PRIMARY-READINESS-GATE.md

4.5 KiB
Raw Blame History

GitHub Primary Readiness Gate

項目 內容
日期 2026-05-17
狀態 草案blocked by default
Schema docs/schemas/source_control_primary_readiness_gate_v1.schema.json
Snapshot docs/security/source-control-primary-readiness-gate.snapshot.json
Rollback ADR docs/security/source-control-primary-rollback-adr.snapshot.json
GitHub target owner response docs/security/GITHUB-TARGET-OWNER-DECISION-RESPONSE.md
Ref truth owner response docs/security/SOURCE-CONTROL-REF-TRUTH-OWNER-RESPONSE.md
模式 primary_readiness_gate_only
runtime 執行授權 false

0. 核心結論

source_control_primary_readiness_gate_v1 是 S4.0 的 GitHub primary readiness gate 草案。

它只回答一件事:如果長期方向要把 Gitea 降成本地 mirror / fallback並把 GitHub 做成 primaryAwoooP 在任何切換前必須看到哪些 parity、owner、rollback 與人工批准 evidence。

它不是 cutover plan也不是 refs sync plan。目前 primary_ready_count=0github_primary_switch_authorized=false

1. 目前狀態

指標 數量
Candidate repos 8
In-scope repos 7
External scope review 1
Primary ready 0
Blocked in-scope 7
Approval required 7

2. 全域 Gate

Gate 目前狀態 說明
Gitea authenticated inventory blocked private/internal 全量 repo list 尚未完成S4.7 owner coverage attestation 與 S4.9 owner response 仍未收到
refs truth / branch-tag parity blocked 3 個 mapped repos 仍有 refs driftS4.11 已補 refs truth owner response 收件包received / accepted response 皆為 0
workflow / runner / secret name parity missing evidence S4.1 已建立 inventory 契約;尚未有實際 redacted workflow、webhook、runner、secret 名稱 snapshot
owner / visibility / canonical pending review 7 個 in-scope targets 仍需人工決策S4.10 已補 owner response 收件包received / accepted response 皆為 0
rollback ADR pending review S4.4 已建立 rollback ADR 草案7 個 in-scope repos 仍需 owner approval、dry-run 與 validation window

3. AwoooP 可做

  1. 顯示每個 repo 的 readiness state、blockers 與 evidence refs。
  2. 顯示 primary_ready_count=0
  3. 將 7 個 in-scope repos 維持在 approval / review lane。
  4. 顯示哪些 evidence 仍缺Gitea authenticated inventory、S4.7 owner coverage attestation、S4.9 owner response、S4.11 refs truth owner response、workflow/runner/secret name inventory、rollback ADR。
  5. 連到 S4.10 github_target_owner_decision_response_v1 顯示 7 個 owner decision response templates、8 個 acceptance checks、10 個 rejection rules且 received / accepted response 皆為 0。
  6. 連到 S4.11 source_control_ref_truth_owner_response_v1 顯示 5 個 refs owner response templates、8 個 acceptance checks、10 個 rejection rules且 received / accepted response 皆為 0。
  7. 連到 source_control_workflow_secret_name_inventory_v1 顯示 8 個 candidate repos 的 inventory lane 缺口與 S4.2 local evidence只保存 secret 名稱與 owner不保存 value。
  8. 連到 source_control_primary_rollback_adr_v1 顯示 7 個 in-scope repos 的 rollback owner、trigger 與 validation window 草案。
  9. 把狀態寫入 Audit evidence 與 Operator Console。

4. AwoooP 不可做

  1. 不建立 GitHub repo。
  2. 不修改 repo visibility。
  3. 不 sync refs、不 delete refs、不 force push。
  4. 不切 GitHub primary。
  5. 不停用、刪除、封存或降級 Gitea repo。
  6. 不搬移或保存 secret value。
  7. 不顯示 repo、refs、primary switch 類 action button。

5. 階段定位

S4.0 只是把「切換前一定要看見什麼」先定義清楚。

S4.4 已補上 rollback ADR 草案,但它只是 owner review 的資料包不是切換批准。S4.7 已補上 Gitea coverage owner attestationS4.9 已補上 Gitea owner response 收件包S4.10 已補上 GitHub target owner decision response 收件包S4.11 已補上 refs truth owner response 收件包;它們只是 scope decision 與 response 驗收框架,不是 migration approval、repo creation approval、visibility change approval、refs sync approval、delete approval、force-push approval 或 primary approval。owner_approved_count=0dry_run_completed_count=0active_cutover_count=0

這讓長期回到 GitHub 的方向可以繼續往前,但仍維持低摩擦:目前只 mirror、只顯示、只留痕不執行。