refactor(api): Phase A P1 快速勝利 (3 項)
1. 常數提取: SSE_DELAY_SECONDS, MAX_APPROVAL_DISPLAY 2. 錯誤訊息安全化: sanitize_error_message() 移除敏感資訊 3. CI/CD alertname 配置化: is_cicd_alertname() 函數 首席架構師審查 P1 改進 (非阻塞) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
@@ -43,3 +43,107 @@ APPROVAL_TO_INCIDENT_STATUS = {
|
||||
|
||||
# Incident 狀態 → 是否活躍
|
||||
INCIDENT_ACTIVE_STATUSES = frozenset({"investigating", "mitigating"})
|
||||
|
||||
# =============================================================================
|
||||
# Terminal Service Settings (Phase 19.4 P1)
|
||||
# 2026-03-30 Claude Code: 首席架構師審查 - 常數提取
|
||||
# =============================================================================
|
||||
|
||||
# SSE 事件間隔 (秒) - 避免前端過載
|
||||
SSE_DELAY_SECONDS = 0.3
|
||||
|
||||
# Approval 清單顯示上限
|
||||
MAX_APPROVAL_DISPLAY = 5
|
||||
|
||||
# 錯誤訊息截斷長度 (安全性)
|
||||
ERROR_MESSAGE_MAX_LENGTH = 100
|
||||
ERROR_MESSAGE_DISPLAY_LENGTH = 50
|
||||
|
||||
# =============================================================================
|
||||
# CI/CD Alert Detection (2026-03-30 P1 配置化)
|
||||
# =============================================================================
|
||||
|
||||
# CI/CD 告警 alertname 前綴
|
||||
CICD_ALERT_PREFIXES = (
|
||||
"CD_",
|
||||
"CI_",
|
||||
"E2E_",
|
||||
"SmokeTest",
|
||||
"Build_",
|
||||
"Test_",
|
||||
"Deploy_",
|
||||
)
|
||||
|
||||
# CI/CD 告警 alertname 後綴
|
||||
CICD_ALERT_SUFFIXES = (
|
||||
"_Build",
|
||||
"_Test",
|
||||
"_Deploy",
|
||||
"_E2E",
|
||||
)
|
||||
|
||||
# CI/CD 告警關鍵字 (不區分大小寫)
|
||||
CICD_ALERT_KEYWORDS = ("CI/CD", "cicd")
|
||||
|
||||
|
||||
def is_cicd_alertname(alertname: str) -> bool:
|
||||
"""
|
||||
判斷 alertname 是否為 CI/CD 告警
|
||||
|
||||
Args:
|
||||
alertname: Alertmanager alertname 標籤值
|
||||
|
||||
Returns:
|
||||
True 如果是 CI/CD 告警
|
||||
"""
|
||||
return (
|
||||
alertname.startswith(CICD_ALERT_PREFIXES)
|
||||
or alertname.endswith(CICD_ALERT_SUFFIXES)
|
||||
or any(kw in alertname for kw in CICD_ALERT_KEYWORDS)
|
||||
or "cicd" in alertname.lower()
|
||||
)
|
||||
|
||||
|
||||
def sanitize_error_message(error: str, max_length: int = ERROR_MESSAGE_MAX_LENGTH) -> str:
|
||||
"""
|
||||
安全化錯誤訊息 - 截斷並移除敏感資訊
|
||||
|
||||
2026-03-30 Claude Code: 首席架構師審查 - 錯誤訊息安全化
|
||||
|
||||
Args:
|
||||
error: 原始錯誤訊息
|
||||
max_length: 最大長度 (預設 100)
|
||||
|
||||
Returns:
|
||||
安全化後的錯誤訊息
|
||||
"""
|
||||
if not error:
|
||||
return "Unknown error"
|
||||
|
||||
# 移除可能的敏感資訊模式
|
||||
sensitive_patterns = [
|
||||
"password",
|
||||
"token",
|
||||
"secret",
|
||||
"api_key",
|
||||
"apikey",
|
||||
"credential",
|
||||
"bearer",
|
||||
]
|
||||
|
||||
sanitized = error
|
||||
for pattern in sensitive_patterns:
|
||||
# 不區分大小寫替換
|
||||
import re
|
||||
sanitized = re.sub(
|
||||
rf"({pattern})\s*[:=]\s*\S+",
|
||||
f"{pattern}=[REDACTED]",
|
||||
sanitized,
|
||||
flags=re.IGNORECASE,
|
||||
)
|
||||
|
||||
# 截斷
|
||||
if len(sanitized) > max_length:
|
||||
return sanitized[:max_length - 3] + "..."
|
||||
|
||||
return sanitized
|
||||
|
||||
Reference in New Issue
Block a user