fix(ci): open controlled guard gates
Some checks failed
Ansible / Reboot Recovery Contract / validate (push) Successful in 1m15s
CD Pipeline / tests (push) Failing after 1m8s
CD Pipeline / build-and-deploy (push) Has been skipped
CD Pipeline / post-deploy-checks (push) Has been skipped
Code Review / ai-code-review (push) Successful in 27s

This commit is contained in:
Your Name
2026-06-28 03:10:43 +08:00
parent afb7138a8c
commit 7fcfc0b24b
7 changed files with 121 additions and 43 deletions

View File

@@ -29,9 +29,13 @@ FORBIDDEN_FRAGMENTS = [
"人工接手",
"人工決策佇列",
"人工關卡",
"人工 Gate",
"人工 gate",
"人工閘門",
"人工升級",
"待 owner 複核",
"未批准不會執行",
"等 負責人審查",
"owner review",
"owner packet",
"manual gate",
@@ -119,6 +123,16 @@ def _collect_awooop_message_violations(path: Path, root: Path) -> list[str]:
return violations
def _collect_forbidden_line_violations(path: Path, root: Path, text: str) -> list[str]:
violations: list[str] = []
for line_number, line in enumerate(text.splitlines(), start=1):
for fragment in FORBIDDEN_FRAGMENTS:
if fragment in line:
relative = path.relative_to(root)
violations.append(f"{relative}:{line_number}: forbidden {fragment!r}")
return violations
def validate(root: Path) -> None:
root = root.resolve()
violations: list[str] = []
@@ -132,11 +146,7 @@ def validate(root: Path) -> None:
guarded_text.append(text)
if path.name.endswith(".json"):
violations.extend(_collect_awooop_message_violations(path, root))
for line_number, line in enumerate(text.splitlines(), start=1):
for fragment in FORBIDDEN_FRAGMENTS:
if fragment in line:
relative = path.relative_to(root)
violations.append(f"{relative}:{line_number}: forbidden {fragment!r}")
violations.extend(_collect_forbidden_line_violations(path, root, text))
alerts_route = root / ALERTS_ROUTE
if not alerts_route.exists():