wooo/awoooi
1
1
Fork 0
Code Issues 2 Pull Requests 1 Actions 4 Packages Projects Releases Wiki Activity
Files
e101931efbf8800a69ac9e22f67939bdf3fcea55
awoooi/docs/schemas/dev_host_scope_handoff_v1.schema.json

253 lines
7.9 KiB
JSON
Raw Blame History

{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "urn:awoooi:dev-host-scope-handoff-v1",
"title": "Dev Host 111 / 168 Scope Handoff v1",
"description": "定義 192.168.0.111 / 192.168.0.168 開發主機 scope、credential handling、owner handoff、rollback 與 validation 指標。此契約不授權 SSH、credentialed scan、active scan、host change、fallback route change 或 runtime execution。",
"type": "object",
"required": [
"schema_version",
"status",
"date",
"mode",
"source_evidence_refs",
"summary",
"hosts",
"owner_response_handoff",
"credential_handling",
"validation_metrics",
"acceptance_rules",
"forbidden_actions"
],
"properties": {
"schema_version": {
"const": "dev_host_scope_handoff_v1"
},
"status": {
"type": "string",
"enum": ["draft_waiting_owner_review"]
},
"date": {
"type": "string"
},
"mode": {
"type": "string",
"enum": ["scope_handoff_only"]
},
"source_evidence_refs": {
"type": "array",
"items": {"type": "string"},
"minItems": 1
},
"summary": {
"type": "object",
"required": [
"hosts",
"asset_keys",
"scope_handoff_package_ready",
"scope_handoff_completion_percent",
"host_execution_completion_percent",
"owner_response_received",
"owner_response_accepted",
"host_change_authorized",
"fallback_route_change_authorized",
"credentialed_scan_authorized",
"active_scan_authorized",
"secret_value_collection_authorized",
"runtime_execution_authorized",
"action_buttons_allowed"
],
"properties": {
"hosts": {
"type": "array",
"items": {"type": "string"},
"minItems": 2
},
"asset_keys": {
"type": "array",
"items": {"type": "string"},
"minItems": 2
},
"scope_handoff_package_ready": {"type": "boolean"},
"scope_handoff_completion_percent": {"type": "integer", "minimum": 0, "maximum": 100},
"host_execution_completion_percent": {"type": "integer", "const": 0},
"owner_response_received": {"type": "boolean", "const": false},
"owner_response_accepted": {"type": "boolean", "const": false},
"host_change_authorized": {"type": "boolean", "const": false},
"fallback_route_change_authorized": {"type": "boolean", "const": false},
"credentialed_scan_authorized": {"type": "boolean", "const": false},
"active_scan_authorized": {"type": "boolean", "const": false},
"secret_value_collection_authorized": {"type": "boolean", "const": false},
"runtime_execution_authorized": {"type": "boolean", "const": false},
"action_buttons_allowed": {"type": "boolean", "const": false}
},
"additionalProperties": false
},
"hosts": {
"type": "array",
"items": {
"type": "object",
"required": [
"host",
"asset_key",
"role",
"mode",
"scope_lanes",
"maintenance_window",
"rollback_plan_draft"
],
"properties": {
"host": {"type": "string"},
"asset_key": {"type": "string"},
"role": {"type": "string"},
"mode": {"type": "string", "enum": ["observe_only"]},
"scope_lanes": {
"type": "array",
"items": {
"type": "object",
"required": ["lane_id", "description", "validation_metrics", "current_authorized"],
"properties": {
"lane_id": {"type": "string"},
"description": {"type": "string"},
"validation_metrics": {
"type": "array",
"items": {"type": "string"},
"minItems": 1
},
"current_authorized": {"type": "boolean", "const": false}
},
"additionalProperties": false
},
"minItems": 1
},
"maintenance_window": {
"type": "object",
"required": ["window_status", "allowed_metadata", "forbidden_actions"],
"properties": {
"window_status": {"type": "string", "enum": ["waiting_owner_selection"]},
"allowed_metadata": {
"type": "array",
"items": {"type": "string"},
"minItems": 1
},
"forbidden_actions": {
"type": "array",
"items": {"type": "string"},
"minItems": 1
}
},
"additionalProperties": false
},
"rollback_plan_draft": {
"type": "array",
"items": {
"type": "object",
"required": ["rollback_item", "required_evidence", "owner_status"],
"properties": {
"rollback_item": {"type": "string"},
"required_evidence": {
"type": "array",
"items": {"type": "string"},
"minItems": 1
},
"owner_status": {"type": "string", "enum": ["waiting_owner_assignment"]}
},
"additionalProperties": false
},
"minItems": 1
}
},
"additionalProperties": false
},
"minItems": 2
},
"owner_response_handoff": {
"type": "object",
"required": [
"status",
"request_dispatch_authorized",
"required_response_fields",
"allowed_decisions",
"forbidden_inputs",
"response_received",
"response_accepted"
],
"properties": {
"status": {"type": "string", "enum": ["ready_not_dispatched"]},
"request_dispatch_authorized": {"type": "boolean", "const": false},
"required_response_fields": {
"type": "array",
"items": {"type": "string"},
"minItems": 1
},
"allowed_decisions": {
"type": "array",
"items": {"type": "string"},
"minItems": 1
},
"forbidden_inputs": {
"type": "array",
"items": {"type": "string"},
"minItems": 1
},
"response_received": {"type": "boolean", "const": false},
"response_accepted": {"type": "boolean", "const": false}
},
"additionalProperties": false
},
"credential_handling": {
"type": "object",
"required": [
"policy",
"allowed_evidence",
"forbidden_evidence",
"quarantine_required_on_plaintext_credential",
"secret_value_collection_authorized"
],
"properties": {
"policy": {"type": "string", "enum": ["metadata_only_no_secret_value"]},
"allowed_evidence": {
"type": "array",
"items": {"type": "string"},
"minItems": 1
},
"forbidden_evidence": {
"type": "array",
"items": {"type": "string"},
"minItems": 1
},
"quarantine_required_on_plaintext_credential": {"type": "boolean"},
"secret_value_collection_authorized": {"type": "boolean", "const": false}
},
"additionalProperties": false
},
"validation_metrics": {
"type": "array",
"items": {
"type": "object",
"required": ["host", "metrics"],
"properties": {
"host": {"type": "string"},
"metrics": {
"type": "array",
"items": {"type": "string"},
"minItems": 1
}
},
"additionalProperties": false
},
"minItems": 2
},
"acceptance_rules": {
"type": "array",
"items": {"type": "string"},
"minItems": 1
},
"forbidden_actions": {
"type": "array",
"items": {"type": "string"},
"minItems": 1
}
},
"additionalProperties": false
}
Reference in New Issue View Git Blame Copy Permalink