core/go
8
0
Fork 0
generated from lthn/LEM
Code Issues 2 Pull requests 1 Projects Releases Packages Wiki Activity Actions
go/pkg/gitea/meta.go
Snider 4ef698cbe3 Secure SSH, fix CI auto-merge, and resolve merge conflicts 
This commit addresses the OWASP security audit by enforcing strict host key
verification and resolves persistent CI issues.

Security Changes:
- Replaced StrictHostKeyChecking=accept-new with yes in pkg/container and devops.
- Removed insecure host key verification from pkg/ansible.
- Implemented synchronous host key discovery using ssh-keyscan during VM boot.
- Updated Boot lifecycle to wait for host key verification.
- Handled missing known_hosts file in pkg/ansible.
- Refactored hardcoded SSH port to DefaultSSHPort constant.

CI and Maintenance:
- Fixed auto-merge.yml by inlining the script and adding repository context
  to 'gh' command, resolving the "not a git repository" error in CI.
- Resolved merge conflicts in .github/workflows/auto-merge.yml with dev branch.
- Added pkg/ansible/ssh_test.go for SSH client verification.
- Fixed formatting in pkg/io/local/client.go to pass QA checks.
2026-02-05 03:40:28 +00:00

146 lines
3.4 KiB
Go
Raw Blame History

package gitea
import (
"time"
"code.gitea.io/sdk/gitea"
"github.com/host-uk/core/pkg/log"
)
// PRMeta holds structural signals from a pull request,
// used by the pipeline MetaReader for AI-driven workflows.
type PRMeta struct {
Number int64
Title string
State string
Author string
Branch string
BaseBranch string
Labels []string
Assignees []string
IsMerged bool
CreatedAt time.Time
UpdatedAt time.Time
CommentCount int
}
// Comment represents a comment with metadata.
type Comment struct {
ID int64
Author string
Body string
CreatedAt time.Time
UpdatedAt time.Time
}
const commentPageSize = 50
// GetPRMeta returns structural signals for a pull request.
// This is the Gitea side of the dual MetaReader described in the pipeline design.
func (c *Client) GetPRMeta(owner, repo string, pr int64) (*PRMeta, error) {
pull, _, err := c.api.GetPullRequest(owner, repo, pr)
if err != nil {
return nil, log.E("gitea.GetPRMeta", "failed to get PR metadata", err)
}
meta := &PRMeta{
Number: pull.Index,
Title: pull.Title,
State: string(pull.State),
Branch: pull.Head.Ref,
BaseBranch: pull.Base.Ref,
IsMerged: pull.HasMerged,
}
if pull.Created != nil {
meta.CreatedAt = *pull.Created
}
if pull.Updated != nil {
meta.UpdatedAt = *pull.Updated
}
if pull.Poster != nil {
meta.Author = pull.Poster.UserName
}
for _, label := range pull.Labels {
meta.Labels = append(meta.Labels, label.Name)
}
for _, assignee := range pull.Assignees {
meta.Assignees = append(meta.Assignees, assignee.UserName)
}
// Fetch comment count from the issue side (PRs are issues in Gitea).
// Paginate to get an accurate count.
count := 0
page := 1
for {
comments, _, listErr := c.api.ListIssueComments(owner, repo, pr, gitea.ListIssueCommentOptions{
ListOptions: gitea.ListOptions{Page: page, PageSize: commentPageSize},
})
if listErr != nil {
break
}
count += len(comments)
if len(comments) < commentPageSize {
break
}
page++
}
meta.CommentCount = count
return meta, nil
}
// GetCommentBodies returns all comment bodies for a pull request.
// This reads full content, which is safe on the home lab Gitea instance.
func (c *Client) GetCommentBodies(owner, repo string, pr int64) ([]Comment, error) {
var comments []Comment
page := 1
for {
raw, _, err := c.api.ListIssueComments(owner, repo, pr, gitea.ListIssueCommentOptions{
ListOptions: gitea.ListOptions{Page: page, PageSize: commentPageSize},
})
if err != nil {
return nil, log.E("gitea.GetCommentBodies", "failed to get PR comments", err)
}
if len(raw) == 0 {
break
}
for _, rc := range raw {
comment := Comment{
ID: rc.ID,
Body: rc.Body,
CreatedAt: rc.Created,
UpdatedAt: rc.Updated,
}
if rc.Poster != nil {
comment.Author = rc.Poster.UserName
}
comments = append(comments, comment)
}
if len(raw) < commentPageSize {
break
}
page++
}
return comments, nil
}
// GetIssueBody returns the body text of an issue.
// This reads full content, which is safe on the home lab Gitea instance.
func (c *Client) GetIssueBody(owner, repo string, issue int64) (string, error) {
iss, _, err := c.api.GetIssue(owner, repo, issue)
if err != nil {
return "", log.E("gitea.GetIssueBody", "failed to get issue body", err)
}
return iss.Body, nil
}
Reference in a new issue View git blame Copy permalink