$jdUdZddlmZddlZddlZddlZddlZddlmZmZddl m Z ddl m Z m Z ddlmZdZd ed <d Zd ed <d Zd ed<dZd ed<dZd ed<dZd ed<dZd ed<dZd ed<eeeeeeehZded<ehdZded<dZd ed<ej:dZd ed!<d"Zd#ed$<Gd%d&e Z!d,d'Z"d-d(Z#Gd)d*Z$gd+Z%y).uutils.ci_watch_handoff_audit — task-2642 CI_WATCH_HANDOFF runner audit JSONL. 회장 verbatim (2026-05-23 19:38 KST) 정책 spec §9 ANU 8 완료 보고 항목 박제: 1. handoff 생성 여부 2. watcher 주체 3. watcher schedule_id 4. terminal state 5. 자동수렴 내역 6. CI/Gemini/phase3 최종 상태 7. merge-ready 여부 8. ANU callback 수신 여부 본 모듈 책임 (runner spec §1.1): - watcher lifecycle 한 행 = 한 record (PR_OPEN → terminal classification) - record 의무 필드: schema / ts_utc / task_id / pr_number / head_sha / watcher_owner / watcher_schedule_id / event / terminal_state / auto_remediation_attempts / loop_iterations / router_final_state / ci_status / callback_prompt_bytes / reason - JSONL append-only · atomic via fcntl.flock(LOCK_EX) · UTF-8 - raw token / Authorization / api_key redact (defense in depth) — PR #144 owner_gemini_trigger_router_audit 의 redaction doctrine 1:1 정합 one-way isolation: utils/ 외부 import 0 (자기 schema 만 의존). live cokacdir / gh 0. frozen anchor: ANCHOR-1: audit lifecycle event 6종 (HANDOFF_RECEIVED / POLL_TICK / AUTO_REMEDIATE / OWNER_NUDGE / TERMINAL_REACHED / CALLBACK_FIRED) ANCHOR-2: TERMINAL_REACHED/CALLBACK_FIRED 에는 terminal_state 필수 — 누락 시 AuditError ANCHOR-3: token sentinel (Bearer / ghp_ / github_pat_ / ghu_ / ghs_ / ghr_) 누출 시 AuditError fail-closed ) annotationsN)datetimetimezone)Path)FinalIterator)ALL_TERMINAL_STATESz1memory/events/ci-watch-handoff-runner-audit.jsonlz Final[str]AUDIT_REL_PATHzutils.ci_watch_handoff_audit.v1 AUDIT_SCHEMAHANDOFF_RECEIVEDEVENT_HANDOFF_RECEIVED POLL_TICKEVENT_POLL_TICKAUTO_REMEDIATEEVENT_AUTO_REMEDIATE OWNER_NUDGEEVENT_OWNER_NUDGETERMINAL_REACHEDEVENT_TERMINAL_REACHEDCALLBACK_FIREDEVENT_CALLBACK_FIREDzFinal[frozenset[str]] ALL_EVENTS>eventreasonschemats_utctask_idhead_sha ci_status pr_number watcher_ownerterminal_stateloop_iterationsrouter_final_statewatcher_schedule_idcallback_prompt_bytesauto_remediation_attemptsALLOWED_AUDIT_KEYSz REDACTED_PLACEHOLDERz5(?i)(token|authorization|api[_-]?key|secret|password)zFinal[re.Pattern[str]]_REDACT_KEY_RE)zBearer ghp_ github_pat_ghu_ghs_ghr_zFinal[tuple[str, ...]]_REDACT_VALUE_SENTINELSceZdZdZy) AuditErroru)audit record contract / redaction 위반.N)__name__ __module__ __qualname____doc__3/home/jay/workspace/utils/ci_watch_handoff_audit.pyr2r2hs3r8r2chtjtjj dS)Nseconds)timespec)rnowrutc isoformatr7r8r9_now_isor@ls# << % / / / CCr8cFt|jtz }|rtdt ||D]/}t j t|s"td|dtj|d}tD]}||vstd|y)uLrecord key 화이트리스트 + raw token / Authorization 값 누출 차단.zdisallowed audit keys: z audit key uX matches token/authorization sentinel — fail-closed (회장 verbatim 안전 불변식)F) ensure_asciiz%audit record contains token sentinel N) setkeysr(r2sortedr*searchstrjsondumpsr0)recordextrakey serialisedsentinels r9_ensure_no_secret_leakrOps  !3 3E 26%=/BCC  S *SG$AA  F7J+ z !7|D r8cJeZdZdZd dZed dZd dZd dZd dZ ddZ y)CiWatchHandoffAudituappend-only JSONL audit for watcher lifecycle. atomic via fcntl.flock. 파일 위치: ``/memory/events/ci-watch-handoff-runner-audit.jsonl``. pytest 회귀는 ``tmp_path`` 를 workspace_root 로 주입하여 격리. c`t|j}||_|tz |_yN)rresolve_workspace_rootr _path)selfworkspace_rootroots r9__init__zCiWatchHandoffAudit.__init__s)N#++-#N* r8c|jSrS)rVrWs r9pathzCiWatchHandoffAudit.paths zzr8cR|jjjddy)NT)parentsexist_ok)rVparentmkdirr\s r9_ensure_parentz"CiWatchHandoffAudit._ensure_parents trs%># '"=Q P< j<%7 7))#3j3 -:-%7 7#3j3$-  % ! -6-)($0j/)3<*& 3/44D&\ \ ~ r8