jcjUdZddlmZddlmZddlmZddlmZm Z m Z ddl m Z m Z mZmZmZddlmZmZmZmZmZmZmZmZmZmZmZmZmZmZ ddl!m"Z"m#Z#m$Z$eZ%d e&d <eZ'd e&d <eZ(d e&d <eZ)d e&d <eZ*d e&d<eZ+d e&d<eZ,d e&d<eZ-d e&d<dZ.de&d<dZ/de&d<Gdde0Z1edGddZ2GddZ3gdZ4y )!uanu_v2.owner_gemini_trigger_router — task-2641 신규 상위 layer router. 회장 verbatim 12 (2026-05-23) 1:1 박제 — OWNER_GEMINI_TRIGGER_UI_FALLBACK_MISROUTE 재발 방지 router 신설. spec §2 (회장 verbatim 12 필수 구현) 매핑: §1, §2 PR Review comment ≠ Gemini trigger → ``is_gemini_trigger_comment`` §3 PR-backed issue comment body="/gemini review" 만 trigger 인정 §4, §11 ANU OWNER issue comment 발사 = **1차 nudge** (회장 UI 1차 안내 금지) §5 OWNER_GEMINI_TRIGGER_TOKEN / owner_trigger_only capability 재사용 §6 raw token 출력 금지 (token_hash_prefix 12 hex 만) §7 gh api / 안전한 경로만 (subprocess 직접 호출 0) §8 403 → X-Accepted-GitHub-Permissions header 기록 §9 nudge 1회 hard limit per PR/head §10 fresh review 미도착 → GEMINI_EXTERNAL_TRIGGER_STALE §12 OWNER_GEMINI_TRIGGER_UI_FALLBACK_MISROUTE 재발 방지 fixture 검증 state machine (spec §3.2): 1. ``is_gemini_trigger_comment(observed_comment)`` — PR Review 오인 차단 2. ``check_gemini_evidence_fresh`` — FRESH 면 통과 (action 0) 3. STALE → nudge_count_for_pr_head == 0 이면 nudge 발사 4. 결과 분류: - POSTED → polling timeout 후 재freshness → FRESH 면 통과 / STALE 면 GEMINI_EXTERNAL_TRIGGER_STALE - DEDUPED → nudge_count > 0 (재시도 차단) - FAILED 403 → CHAIR_UI_FALLBACK_REQUIRED + permission_header_diagnostics 기록 - FAILED other → NUDGE_FAILED 본 router 는 ``owner_trigger_only.invoke_from_scheduler`` 호출만 사용 (spec §3.2, token 직접 노출 0). 기존 owner_trigger_only / decision / audit / pat 무수정. one-way isolation: anu_v2/ 외부 import 금지. live cokacdir / gh / merge / push 0. ) annotations) dataclass)Path)AnyCallableFinal) RESULT_FRESHFreshnessCheckerErrorFreshnessResultcheck_gemini_evidence_freshis_gemini_trigger_comment) AUDIT_SCHEMAOwnerGeminiTriggerRouterAuditRouterAuditRedactionError STATE_CHAIR_UI_FALLBACK_REQUIRED STATE_FRESH#STATE_GEMINI_EXTERNAL_TRIGGER_STALESTATE_NOT_GEMINI_TRIGGERSTATE_NUDGE_DEDUPEDSTATE_NUDGE_FAILEDSTATE_NUDGE_PERMISSION_DENIEDSTATE_NUDGE_POSTEDextract_403_headersredact_diagnosticstoken_hash_prefix)RESULT_DEDUPED RESULT_FAILED RESULT_POSTEDz Final[str]ROUTER_RESULT_FRESHROUTER_RESULT_NUDGE_POSTEDROUTER_RESULT_NUDGE_DEDUPED+ROUTER_RESULT_GEMINI_EXTERNAL_TRIGGER_STALE(ROUTER_RESULT_CHAIR_UI_FALLBACK_REQUIRED%ROUTER_RESULT_NUDGE_PERMISSION_DENIEDROUTER_RESULT_NUDGE_FAILED ROUTER_RESULT_NOT_GEMINI_TRIGGERz Final[int]NUDGE_HARD_LIMIT_PER_PR_HEADiXDEFAULT_FRESH_REVIEW_TIMEOUT_SceZdZdZy)RouterContractErroru7router 입력 schema 위반 (PR / head SHA / decision).N)__name__ __module__ __qualname____doc__D/home/jay/workspace/scripts/../anu_v2/owner_gemini_trigger_router.pyr+r+]sAr1r+T)frozenceZdZUdZded<ded<ded<ded<ded <d ed <ded <d ed<d ed<ded<ded<y) RouterResultucOwnerGeminiTriggerRouter.route_for_pr 반환 객체. final_state 는 STATE_* enum 중 하나. caller 는 final_state 로 분기: - FRESH / NUDGE_POSTED / NUDGE_DEDUPED → pass 또는 polling - GEMINI_EXTERNAL_TRIGGER_STALE → 별도 보고 / 회장 escalation (spec §2.9) - CHAIR_UI_FALLBACK_REQUIRED → ANU 가 회장 UI 입력 요청 (최후 수단) - NUDGE_PERMISSION_DENIED → 403 header diagnostics 기록됨 - NUDGE_FAILED → transient, caller retry 정책에 위임 - NOT_GEMINI_TRIGGER → PR Review 등 trigger 오인 차단 (task-2640 사고 박제) str final_stateint pr_numbercurrent_head_shafreshness_statez str | Nonegemini_commit_id_observedboolnudge_attempted nudge_result dict | Nonepermission_header_diagnostics token_presentrreasonN)r,r-r.r/__annotations__r0r1r2r5r5asI N))#.. Kr1r5ceZdZdZedddddd ddZdddded ddZe dd Z dd Z dd Z dd Z dd Z y)OwnerGeminiTriggerRouteru9OWNER_GEMINI_TRIGGER_ROUTER 단일 진입점 (spec §3.2). side-effect 추상화 (test injection 가능): - ``freshness_checker``: ``Callable[**kwargs, FreshnessResult]`` - ``invoke_scheduler``: ``Callable[**kwargs, str]`` — owner_trigger_only ``invoke_from_scheduler`` 시그니처 ("POSTED"/"DEDUPED"/"FAILED"/"PENDING"). - ``permission_diagnostics_provider``: ``Callable[[], dict | None]`` — last invoke 의 403 response headers (없으면 None). spec §2.7 / §3.2-4. - ``token_provider``: ``Callable[[], str]`` — token_hash_prefix 계산용. token 자체는 본 router 가 보관/노출 0 (회장 verbatim §6). spec §3.2 state machine: 1. observed_comment 가 제공된 경우 ``is_gemini_trigger_comment`` 검사 (PR Review 오인 차단 — task-2640 사고 박제) 2. ``check_gemini_evidence_fresh`` → FRESH 면 통과 3. STALE / NO_REVIEW → audit 에서 nudge_count_for_pr_head 조회 · == 0 이면 nudge 발사 · >= 1 이면 NUDGE_DEDUPED (회장 verbatim §9 hard limit) 4. invoke_scheduler 결과 분류: · POSTED → fresh_review_arrived_post_nudge 인자 True 시 FRESH/STALE 재평가 False 시 GEMINI_EXTERNAL_TRIGGER_STALE (timeout 경로) · DEDUPED → NUDGE_DEDUPED · FAILED + permission_diagnostics_provider 가 403 header 회수 → NUDGE_PERMISSION_DENIED + CHAIR_UI_FALLBACK_REQUIRED · FAILED 그 외 → NUDGE_FAILED → CHAIR_UI_FALLBACK_REQUIRED (spec §2.10) N)freshness_checkerinvoke_schedulerpermission_diagnostics_providertoken_provideraudit github_apic | td| tdt|j|_||_||_|xsd|_||_||_|||_ yt|j|_ y)Nu^invoke_scheduler callable must be injected — owner_trigger_only.invoke_from_scheduler 권장u=github_api callable must be injected (regression mock 가능)cy)Nr0r0r1r2z3OwnerGeminiTriggerRouter.__init__..sr1) NotImplementedErrorrresolve_workspace_root_freshness_checker_invoke_scheduler _permission_diagnostics_provider_token_provider _github_apir_audit)selfworkspace_rootrGrHrIrJrKrLs r2__init__z!OwnerGeminiTriggerRouter.__init__s  #%B   %O  $N3;;="3!1 + =  - .%   /t/C/CD r1F)task_id decision_pathobserved_commentfresh_review_arrived_post_nudgenudge_hard_limitc |j|||||j} |j\} } |r?rArBrrCr]r9r:rLownerrepozfreshness check failed: z????????uGemini fresh evidence 일치 (z... == u...) — nudge 미발사)r9headznudge_count_for_pr_head=z >= hard limit (u#) — DEDUPED (회장 verbatim §9)uwdecision_path required when freshness is STALE/NO_REVIEW — owner_trigger_only.invoke_from_scheduler 호출 시 필수)r^rfrgcurrent_head_actualuTinvoke_scheduler raised + 403 diagnostics 회수 → NUDGE_PERMISSION_DENIED · exc=TuZinvoke_scheduler raised — CHAIR_UI_FALLBACK_REQUIRED (spec §2.10 최후 수단) · exc=) r9 head_norm freshnessrB hash_prefixr`r]rfrguzinvoke_scheduler returned DEDUPED — 이전 trigger 가 active (POSTED|PENDING) — 회장 verbatim §9 hard limit 보호zinvoke_scheduler returned uY + 403 diagnostics 회수 → NUDGE_PERMISSION_DENIED (회장 verbatim §8 header 기록)uO (transient/unknown) — CHAIR_UI_FALLBACK_REQUIRED (spec §2.10 최후 수단))_validate_inputlower_compute_token_hash_prefixr r5r _audit_appendrSrWr r+statusr isinstancer<r6rrXnudge_count_for_pr_headrrrT Exception_safe_permission_diagnosticstyper,rrrr_handle_posted)rYr9r:rfrgr]r^r_r`rarkrBrmrCresultrlexc obs_prefixprior_nudge_count invoke_statuspermission_headersr7s r2 route_for_prz%OwnerGeminiTriggerRouter.route_for_prsH Y(8%F$**, %)%D%D%F" {  '0I 1 ` "4#!* %*. %!.2+"- F   vw  7M //#!*++ 0I   | +iAA3G33BQ7  1 )BQ-(@B "'#!* ) 0 0*3*M*M %!.2+"- F   vw  7M !KK??i@   0 0*+<*=>$%%HJ "/#!* ) 0 0*3*M*M %+.2+"- F   vw  7M  %M  /  22+$- 3Mb M )&&###+'0O'   N *M "/#!* ) 0 0*3*M*M $+.2+"- F   vw  7M">>@ ,]Os):L:L9MO& @'%.$-$4$4.7.Q.Q$(!.26"/&1!    vw  7MQ( s77 J$J8 J5!J00J58 NB;N<NNc^t|trt|ts|dkr tdt|tr t |dk7st d|Dr tdt|tr|rd|vr tdt|tr|rd|vr tdy) Nrz pr_number must be a positive int(c3$K|]}|dv yw)0123456789abcdefABCDEFNr0).0cs r2 z;OwnerGeminiTriggerRouter._validate_input..sO144Osz(current_head_sha must be 40-char hex SHA/z,owner must be a non-empty string without '/'z+repo must be a non-empty string without '/')rsr8r=r+r6lenany)r9r:rfrgs r2rnz(OwnerGeminiTriggerRouter._validate_inputs 9c*)T*A~%&HI I+S1#$*O>NOO%: %%UcUl%> $$DC4K%= 5@r1c|jy |j}t|tr|sy dt |dfS#t$rYywxYw#t$rYywxYw)utoken_provider 가 주입된 경우 raw token → hash prefix 12 hex 계산. spec §3.3 / 회장 verbatim §6: raw token 노출 0. 본 router 는 hash prefix 만 보관. token_provider 호출 자체가 실패하면 token_present=False. )Fr\T )length)Tr\)rVrursr6router_token_hash_prefix)rYtokens r2rpz3OwnerGeminiTriggerRouter._compute_token_hash_prefixsv    ' ((*E%%U 1%CC C      s"AA A A AAch |j}|syt|}|sy|S#t$rYywxYw)u3permission_diagnostics_provider 호출 + redaction.N)rUrur)rYheaders extracteds r2rvz5OwnerGeminiTriggerRouter._safe_permission_diagnosticssG ;;=G'0   s % 11c |r |j|||j|| } | jt k(rId} t t||| j| jdtd|||  } |j| || Sd| jd } t t||| j| jdtd|||  } |j| || Sd td } t t|||j|jdtd|||  } |j| || S#t$r} td| | d} ~ wwxYw) uOPOSTED 분류 후 fresh review 도착 여부 확인 (spec §3.2 POSTED 경로).rez#post-nudge freshness check failed: Nu`POSTED + fresh review 도착 + re-check FRESH 일치 — router 통과 (spec §3.2 POSTED-FRESH)Trcrdu=POSTED + fresh_review_arrived 신호 True 였으나 re-check u" — GEMINI_EXTERNAL_TRIGGER_STALEuwOWNER nudge POSTED — fresh review 도착 polling 후 추가 호출 필요 (spec §3.2 POSTED 분기, default timeout=zs))rSrWr r+rrr r5rr<rrqrr)r)rYr9rkrlrBrmr`r]rfrgrefreshrzrCrys r2rxz'OwnerGeminiTriggerRouter._handle_posteds + 11'%.#// 2~~->& +'%.$+NN.5.O.O$(!.26"/&1! ""67"; P>>""DF "?#!* '*1*K*K $*.2+"- F   vw  7M  :-.b 2  *&%,,&/&I&I &*.')   673 E) )9#A s D(( E1EEc|j}t|trt|}t|tr|nd}t|xsd|j |j |j|j|j|j||j|jd|j|jd} |jj!|y#t"$rwxYw)uCRouterResult → audit JSONL record append. redaction guard 적용.Nr\F)schemar]r9r:r;r<r>r?rArBrtoken_value_loggedr7rC)rArsdictrrr9r:r;r<r>r?rBrr7rCrXappendr)rYryr]diagredactedrecords r2rqz&OwnerGeminiTriggerRouter._audit_appendSs33 dD !)$/H)(D98tD#}")) & 7 7%55)/)I)I%55"//-1#11!'!9!9"'!--mm    KK  v &(   s :C C!)rZz str | PathrGzCallable[..., FreshnessResult]rHzCallable[..., str] | NonerIz Callable[[], dict | None] | NonerJzCallable[[], str] | NonerKz$OwnerGeminiTriggerRouterAudit | NonerLz Callable[[str, str], Any] | NonereturnNone)r9r8r:r6rfr6rgr6r]r6r^zstr | Path | Noner_r@r`r=rar8rr5) r9rr:rrfrrgrrr)rztuple[bool, str])rr@)r9r8rkr6rlr rBr=rmr6r`r=r]r6rfr6rgr6rr5)ryr5r]r6rr)r,r-r.r/r r[r(r staticmethodrnrprvrxrqr0r1r2rFrF{s>=X6:LP376:7;  #  :  4  *J  1  4  5     V+/(,05 <|| |  |  ||)|&|*.|| |@*-69AD 4& [[ [ # [  [[*.[[[[ [zr1rF) rr r!r"r#r$r%r&r(r)r+r5rFN)5r/ __future__r dataclassesrpathlibrtypingrrr(anu_v2.gemini_evidence_freshness_checkerr r r r r (anu_v2.owner_gemini_trigger_router_auditrrrrrrrrrrrrrrranu_v2.owner_trigger_auditrrrrrDr r!r"r#r$r%r&r(r) RuntimeErrorr+r5rF__all__r0r1r2rsB#!'' #.Z-);J;*=Z=',Z%)*5R%zQ);J;/G *G,-j, .1 0B,B $2ttn r1