mosaicstack/stack
1
0
Fork 0
Code Issues 22 Pull Requests 7 Actions Packages Projects Releases 13 Wiki Activity

Compare commits

base: mosaicstack:7e1fb898e363d7ff944a2072e581f6107ec65e49
Branches Tags
mosaicstack:main mosaicstack:fix/git-wrapper-rollup-20260526 mosaicstack:fix/git-wrapper-repo-detection mosaicstack:fix/woodpecker-wrapper-legacy-mosaic mosaicstack:fix/t_301e4e3b-pr-merge-gitea-empty-uid mosaicstack:chore/canonize-vault-secrets-policy mosaicstack:fix/t-a292e96f-gitea-pr-metadata mosaicstack:fix/gitea-pr-metadata-login-t-a292e96f mosaicstack:fix/t_a292e96f-pr-metadata-gitea mosaicstack:fix/t_3a368a52-gitea-usc-login mosaicstack:fix/pr-ci-wait-stdin-collision mosaicstack:docs/mission-control-resilience mosaicstack:fix/bootstrap-hotfix mosaicstack:fix/populate-known-packages-list mosaicstack:fix/idempotent-init
mosaicstack:fed-v0.2.0-m2 mosaicstack:fed-v0.1.0-m1 mosaicstack:mosaic-v0.0.29 mosaicstack:mosaic-v0.0.28 mosaicstack:mosaic-v0.0.27 mosaicstack:mosaic-v0.0.26 mosaicstack:mosaic-v0.0.25 mosaicstack:mosaic-v0.0.24 mosaicstack:v0.2.0 mosaicstack:v0.1.0 mosaicstack:v0.0.8 mosaicstack:v0.0.7 mosaicstack:v0.0.6 mosaicstack:v0.0.5 mosaicstack:v0.0.4
..
compare: mosaicstack:fix/t-a292e96f-gitea-pr-metadata
Branches Tags
mosaicstack:main mosaicstack:fix/git-wrapper-rollup-20260526 mosaicstack:fix/git-wrapper-repo-detection mosaicstack:fix/woodpecker-wrapper-legacy-mosaic mosaicstack:fix/t_301e4e3b-pr-merge-gitea-empty-uid mosaicstack:chore/canonize-vault-secrets-policy mosaicstack:fix/t-a292e96f-gitea-pr-metadata mosaicstack:fix/gitea-pr-metadata-login-t-a292e96f mosaicstack:fix/t_a292e96f-pr-metadata-gitea mosaicstack:fix/t_3a368a52-gitea-usc-login mosaicstack:fix/pr-ci-wait-stdin-collision mosaicstack:docs/mission-control-resilience mosaicstack:fix/bootstrap-hotfix mosaicstack:fix/populate-known-packages-list mosaicstack:fix/idempotent-init
mosaicstack:fed-v0.2.0-m2 mosaicstack:fed-v0.1.0-m1 mosaicstack:mosaic-v0.0.29 mosaicstack:mosaic-v0.0.28 mosaicstack:mosaic-v0.0.27 mosaicstack:mosaic-v0.0.26 mosaicstack:mosaic-v0.0.25 mosaicstack:mosaic-v0.0.24 mosaicstack:v0.2.0 mosaicstack:v0.1.0 mosaicstack:v0.0.8 mosaicstack:v0.0.7 mosaicstack:v0.0.6 mosaicstack:v0.0.5 mosaicstack:v0.0.4

1 Commits
7e1fb898e3 ... fix/t-a292

Author SHA1 Message Date
Hermes Agent
a665c0ac4c fix(git-tools): harden gitea pr metadata wrappers
Some checks failed
ci/woodpecker/push/ci Pipeline failed
Details
ci/woodpecker/pr/ci Pipeline failed
Details
2026-05-22 11:23:36 -05:00
4 changed files with 52 additions and 10 deletions
Expand all files Collapse all files

14
docs/scratchpads/t-a292e96f-gitea-pr-metadata.md
View File

@@ -30,7 +30,7 @@ Repair Mosaic git wrappers so Gitea PR metadata and merge preflight work for U-C
- Falls back to authenticated Gitea merge API when no matching `tea` login exists, avoiding the wrong `mosaicstack` login for USC repos. - Falls back to authenticated Gitea merge API when no matching `tea` login exists, avoiding the wrong `mosaicstack` login for USC repos.
- Keeps squash-only and main-only merge policy. - Keeps squash-only and main-only merge policy.
- `packages/mosaic/framework/tools/git/test-pr-metadata-gitea.sh` - `packages/mosaic/framework/tools/git/test-pr-metadata-gitea.sh`
- Added fixture-based regression harness for standard Gitea fields, fallback branch fields, and API error payloads. - Added fixture-based regression harness for standard Gitea fields, fallback branch fields, `refs/pull/<n>/head` plus `head.label` normalization, and API error payloads.
## Documentation / changelog note ## Documentation / changelog note
@@ -38,12 +38,16 @@ This repository currently has no root `CHANGELOG.md`; the scratchpad and `docs/T
## Verification log ## Verification log
- Red regression check: copied the new `test-pr-metadata-gitea.sh` harness next to `origin/main` wrapper scripts and ran it with `MOSAIC_TEST_WORK_DIR=$PWD/.mosaic-test-work/pr-metadata-gitea-red`; it failed as expected with `headRefName=''` and `baseRefName=''` on the fixture API-error path.
- `bash -n packages/mosaic/framework/tools/git/{detect-platform.sh,pr-metadata.sh,pr-merge.sh,test-pr-metadata-gitea.sh}`: passed. - `bash -n packages/mosaic/framework/tools/git/{detect-platform.sh,pr-metadata.sh,pr-merge.sh,test-pr-metadata-gitea.sh}`: passed.
- `shellcheck -x -P . -e SC1090 packages/mosaic/framework/tools/git/{detect-platform.sh,pr-metadata.sh,pr-merge.sh,test-pr-metadata-gitea.sh}`: passed. - `shellcheck -x -P . -e SC1090 packages/mosaic/framework/tools/git/{detect-platform.sh,pr-metadata.sh,pr-merge.sh,test-pr-metadata-gitea.sh}`: passed.
- `packages/mosaic/framework/tools/git/test-pr-metadata-gitea.sh`: passed; verifies standard Gitea fields, fallback branch fields, and nonzero API-error handling. - `MOSAIC_TEST_WORK_DIR=$PWD/.mosaic-test-work/pr-metadata-gitea packages/mosaic/framework/tools/git/test-pr-metadata-gitea.sh`: passed; verifies standard Gitea fields, fallback branch fields, `refs/pull/<n>/head` label normalization, and nonzero API-error handling.
- Live sanitized U-Connect metadata from `/src/uconnect-worktrees/t_39ce717c-authentik-smoke-gate` with `MOSAIC_CREDENTIALS_FILE=/src/jarvis-brain/credentials.json`: - Installed wrapper parity: `/home/hermes/.config/mosaic/tools/git/{detect-platform.sh,pr-metadata.sh,pr-merge.sh}` byte-match the PR source copies after validation, so active U-Connect wrapper invocations use the same fix while source PR review runs.
- Live sanitized U-Connect metadata from `/src/uconnect` with `MOSAIC_CREDENTIALS_FILE=/src/jarvis-brain/credentials.json`:
- PR #1905: `number=1905`, `baseRefName=main`, `headRefName=edith/t_39ce717c-authentik-smoke-gate`, `state=open`, `host=git.uscllc.com`. - PR #1905: `number=1905`, `baseRefName=main`, `headRefName=edith/t_39ce717c-authentik-smoke-gate`, `state=open`, `host=git.uscllc.com`.
- PR #1908: `number=1908`, `baseRefName=main`, `headRefName=fix/t_23fa9e1d-portal-health-backend`, `state=open`, `host=git.uscllc.com`. - PR #1908: `number=1908`, `baseRefName=main`, `headRefName=fix/t_23fa9e1d-portal-health-backend`, `state=closed`, `host=git.uscllc.com`.
- Merge preflight dry runs: - Merge preflight dry runs from installed wrappers:
- PR #1905: `Dry run: would merge PR #1905 on git.uscllc.com with authenticated Gitea API fallback (base=main, method=squash).` - PR #1905: `Dry run: would merge PR #1905 on git.uscllc.com with authenticated Gitea API fallback (base=main, method=squash).`
- PR #1908: `Dry run: would merge PR #1908 on git.uscllc.com with authenticated Gitea API fallback (base=main, method=squash).` - PR #1908: `Dry run: would merge PR #1908 on git.uscllc.com with authenticated Gitea API fallback (base=main, method=squash).`
- PR: `https://git.mosaicstack.dev/mosaicstack/stack/pulls/518`, branch `fix/t-a292e96f-gitea-pr-metadata`.
- CI: Recent PR/push pipelines failed before clone/test execution due Woodpecker/Kubernetes PVC API timeout: `dial tcp 10.43.0.1:443: i/o timeout`. No repository test step executed in CI; local targeted verification above remains clean.

24
packages/mosaic/framework/tools/git/detect-platform.sh
View File

@@ -103,16 +103,28 @@ get_gitea_token() {
if [[ -f "$cred_loader" ]]; then if [[ -f "$cred_loader" ]]; then
local token local token
token=$( token=$(
# shellcheck source=/dev/null
source "$cred_loader" source "$cred_loader"
# Host-specific wrapper resolution must not inherit caller/global GITEA_*.
# load_credentials intentionally preserves existing env vars for interactive use,
# but metadata/merge wrappers need credentials matching the remote host.
unset GITEA_TOKEN GITEA_URL
case "$host" in case "$host" in
git.mosaicstack.dev) load_credentials gitea-mosaicstack 2>/dev/null ;; git.mosaicstack.dev) load_credentials gitea-mosaicstack 2>/dev/null ;;
git.uscllc.com) load_credentials gitea-usc 2>/dev/null ;; git.uscllc.com) load_credentials gitea-usc 2>/dev/null ;;
*) *)
local matched=false
for svc in gitea-mosaicstack gitea-usc; do for svc in gitea-mosaicstack gitea-usc; do
load_credentials "$svc" 2>/dev/null || continue
[[ "${GITEA_URL:-}" == *"$host"* ]] && break
unset GITEA_TOKEN GITEA_URL unset GITEA_TOKEN GITEA_URL
load_credentials "$svc" 2>/dev/null || continue
if [[ "${GITEA_URL:-}" == "https://$host" || "${GITEA_URL:-}" == "http://$host" || "${GITEA_URL:-}" == *"//$host" ]]; then
matched=true
break
fi
done done
if [[ "$matched" != true ]]; then
unset GITEA_TOKEN GITEA_URL
fi
;; ;;
esac esac
echo "${GITEA_TOKEN:-}" echo "${GITEA_TOKEN:-}"
@@ -123,10 +135,12 @@ get_gitea_token() {
fi fi
fi fi
# 2. GITEA_TOKEN env var (may be set by caller) # 2. GITEA_TOKEN env var (only when GITEA_URL, if present, matches the remote host)
if [[ -n "${GITEA_TOKEN:-}" ]]; then if [[ -n "${GITEA_TOKEN:-}" ]]; then
echo "$GITEA_TOKEN" if [[ -z "${GITEA_URL:-}" || "${GITEA_URL:-}" == "https://$host" || "${GITEA_URL:-}" == "http://$host" || "${GITEA_URL:-}" == *"//$host" ]]; then
return 0 echo "$GITEA_TOKEN"
return 0
fi
fi fi
# 3. ~/.git-credentials file # 3. ~/.git-credentials file

11
packages/mosaic/framework/tools/git/pr-metadata.sh
View File

@@ -163,8 +163,19 @@ head_ref = first_non_empty(
nested(data, 'head', 'branch'), nested(data, 'head', 'branch'),
data.get('head_branch'), data.get('head_branch'),
data.get('head_ref'), data.get('head_ref'),
nested(data, 'head', 'label'),
data.get('head_label'), data.get('head_label'),
) )
if isinstance(head_ref, str) and head_ref.startswith('refs/pull/'):
head_ref = first_non_empty(
nested(data, 'head', 'label'),
data.get('head_label'),
nested(data, 'head', 'name'),
nested(data, 'head', 'branch'),
data.get('head_branch'),
data.get('head_ref'),
head_ref,
)
base_ref = first_non_empty( base_ref = first_non_empty(
nested(data, 'base', 'ref'), nested(data, 'base', 'ref'),
nested(data, 'base', 'name'), nested(data, 'base', 'name'),

13
packages/mosaic/framework/tools/git/test-pr-metadata-gitea.sh
View File

@@ -40,6 +40,18 @@ cat > "$FIXTURE_DIR/gitea-fallback.json" <<'JSON'
} }
JSON JSON
cat > "$FIXTURE_DIR/gitea-refs-pull-label.json" <<'JSON'
{
"number": 1908,
"title": "Closed merged PR with synthetic pull ref",
"state": "closed",
"user": {"login": "edith"},
"head": {"ref": "refs/pull/1908/head", "label": "fix/t_23fa9e1d-portal-health-backend"},
"base": {"ref": "main"},
"html_url": "https://git.uscllc.com/USC/uconnect/pulls/1908"
}
JSON
cat > "$FIXTURE_DIR/gitea-error.json" <<'JSON' cat > "$FIXTURE_DIR/gitea-error.json" <<'JSON'
{"message": "user does not exist [uid: 0, name: ]", "url": "https://git.uscllc.com/api/swagger"} {"message": "user does not exist [uid: 0, name: ]", "url": "https://git.uscllc.com/api/swagger"}
JSON JSON
@@ -64,6 +76,7 @@ PY
run_case "$FIXTURE_DIR/gitea-standard.json" 1905 edith/t_39ce717c-authentik-smoke-gate run_case "$FIXTURE_DIR/gitea-standard.json" 1905 edith/t_39ce717c-authentik-smoke-gate
run_case "$FIXTURE_DIR/gitea-fallback.json" 1908 fix/fallback-head run_case "$FIXTURE_DIR/gitea-fallback.json" 1908 fix/fallback-head
run_case "$FIXTURE_DIR/gitea-refs-pull-label.json" 1908 fix/t_23fa9e1d-portal-health-backend
if cd "$REPO_DIR" && MOSAIC_GITEA_PR_METADATA_RAW_FILE="$FIXTURE_DIR/gitea-error.json" "$SCRIPT_DIR/pr-metadata.sh" -n 1909 >/dev/null 2>"$WORK_DIR/error.log"; then if cd "$REPO_DIR" && MOSAIC_GITEA_PR_METADATA_RAW_FILE="$FIXTURE_DIR/gitea-error.json" "$SCRIPT_DIR/pr-metadata.sh" -n 1909 >/dev/null 2>"$WORK_DIR/error.log"; then
echo "Expected API error fixture to fail" >&2 echo "Expected API error fixture to fail" >&2