98 lines
3.2 KiB
YAML
98 lines
3.2 KiB
YAML
name: Agent PR Gate
|
|
'on':
|
|
pull_request:
|
|
branches: [main]
|
|
|
|
jobs:
|
|
gate:
|
|
runs-on: ubuntu-latest
|
|
outputs:
|
|
syntax_status: ${{ steps.syntax.outcome }}
|
|
tests_status: ${{ steps.tests.outcome }}
|
|
criteria_status: ${{ steps.criteria.outcome }}
|
|
risk_level: ${{ steps.risk.outputs.level }}
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- uses: actions/setup-python@v5
|
|
with:
|
|
python-version: '3.11'
|
|
|
|
- name: Install CI dependencies
|
|
run: |
|
|
python3 -m pip install --quiet pyyaml pytest
|
|
|
|
- id: risk
|
|
name: Classify PR risk
|
|
run: |
|
|
BASE_REF="${GITHUB_BASE_REF:-main}"
|
|
git fetch origin "$BASE_REF" --depth 1
|
|
git diff --name-only "origin/$BASE_REF"...HEAD > /tmp/changed_files.txt
|
|
python3 scripts/agent_pr_gate.py classify-risk --files-file /tmp/changed_files.txt > /tmp/risk.json
|
|
python3 - <<'PY'
|
|
import json, os
|
|
with open('/tmp/risk.json', 'r', encoding='utf-8') as fh:
|
|
data = json.load(fh)
|
|
with open(os.environ['GITHUB_OUTPUT'], 'a', encoding='utf-8') as fh:
|
|
fh.write('level=' + data['risk'] + '\n')
|
|
PY
|
|
|
|
- id: syntax
|
|
name: Syntax and parse checks
|
|
continue-on-error: true
|
|
run: |
|
|
find . \( -name '*.yml' -o -name '*.yaml' \) | grep -v .gitea | xargs -r python3 -c "import sys,yaml; [yaml.safe_load(open(f)) for f in sys.argv[1:]]"
|
|
find . -name '*.json' | while read f; do python3 -m json.tool "$f" > /dev/null || exit 1; done
|
|
find . -name '*.py' | xargs -r python3 -m py_compile
|
|
find . -name '*.sh' | xargs -r bash -n
|
|
|
|
- id: tests
|
|
name: Test suite
|
|
continue-on-error: true
|
|
run: |
|
|
pytest -q --ignore=uni-wizard/v2/tests/test_author_whitelist.py
|
|
|
|
- id: criteria
|
|
name: PR criteria verification
|
|
continue-on-error: true
|
|
run: |
|
|
python3 scripts/agent_pr_gate.py validate-pr --event-path "$GITHUB_EVENT_PATH"
|
|
|
|
- name: Fail gate if any required check failed
|
|
if: steps.syntax.outcome != 'success' || steps.tests.outcome != 'success' || steps.criteria.outcome != 'success'
|
|
run: exit 1
|
|
|
|
report:
|
|
needs: gate
|
|
if: always()
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
|
|
- uses: actions/setup-python@v5
|
|
with:
|
|
python-version: '3.11'
|
|
|
|
- name: Post PR gate report
|
|
env:
|
|
GITEA_TOKEN: ${{ github.token }}
|
|
run: |
|
|
python3 scripts/agent_pr_gate.py comment \
|
|
--event-path "$GITHUB_EVENT_PATH" \
|
|
--token "$GITEA_TOKEN" \
|
|
--syntax "${{ needs.gate.outputs.syntax_status }}" \
|
|
--tests "${{ needs.gate.outputs.tests_status }}" \
|
|
--criteria "${{ needs.gate.outputs.criteria_status }}" \
|
|
--risk "${{ needs.gate.outputs.risk_level }}"
|
|
|
|
- name: Auto-merge low-risk clean PRs
|
|
if: needs.gate.result == 'success' && needs.gate.outputs.risk_level == 'low'
|
|
env:
|
|
GITEA_TOKEN: ${{ github.token }}
|
|
run: |
|
|
python3 scripts/agent_pr_gate.py merge \
|
|
--event-path "$GITHUB_EVENT_PATH" \
|
|
--token "$GITEA_TOKEN"
|