Merge pull request 'fix(gate-check): map infra-sre Gitea login to core-devops agent' (#896) from sre/fix-gate-check-infra-sre-devops-mapping into main
Some checks failed
Block internal-flavored paths / Block forbidden paths (push) Waiting to run
CI / Detect changes (push) Waiting to run
CI / Platform (Go) (push) Blocked by required conditions
CI / Canvas (Next.js) (push) Blocked by required conditions
CI / Shellcheck (E2E scripts) (push) Blocked by required conditions
CI / Canvas Deploy Reminder (push) Blocked by required conditions
CI / Python Lint & Test (push) Blocked by required conditions
CI / all-required (push) Blocked by required conditions
E2E API Smoke Test / detect-changes (push) Waiting to run
E2E API Smoke Test / E2E API Smoke Test (push) Blocked by required conditions
E2E Staging Canvas (Playwright) / detect-changes (push) Waiting to run
E2E Staging Canvas (Playwright) / Canvas tabs E2E (push) Blocked by required conditions
Handlers Postgres Integration / detect-changes (push) Waiting to run
Handlers Postgres Integration / Handlers Postgres Integration (push) Blocked by required conditions
Runtime PR-Built Compatibility / detect-changes (push) Waiting to run
Runtime PR-Built Compatibility / PR-built wheel + import smoke (push) Blocked by required conditions
Secret scan / Scan diff for credential-shaped strings (push) Waiting to run
sop-checklist / all-items-acked (pull_request) [info tier:low] acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4 — body-unfilled: comprehensive-testing, l
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 29s
Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 16s
Harness Replays / detect-changes (pull_request) Successful in 44s
E2E API Smoke Test / detect-changes (pull_request) Successful in 57s
Handlers Postgres Integration / detect-changes (pull_request) Successful in 54s
publish-runtime-autobump / bump-and-tag (pull_request) Has been skipped
review-check-tests / review-check.sh regression tests (pull_request) Successful in 19s
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 38s
publish-runtime-autobump / pr-validate (pull_request) Successful in 54s
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 33s
lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m20s
gate-check-v3 / gate-check (pull_request) Successful in 14s
qa-review / approved (pull_request) Successful in 9s
security-review / approved (pull_request) Successful in 9s
sop-checklist-gate / gate (pull_request) Successful in 8s
lint-continue-on-error-tracking / lint-continue-on-error-tracking (pull_request) Successful in 1m57s
sop-tier-check / tier-check (pull_request) Successful in 8s
Lint workflow YAML (Gitea-1.22.6-hostile shapes) / Lint workflow YAML for Gitea-1.22.6-hostile shapes (pull_request) Failing after 1m26s
lint-required-context-exists-in-bp / lint-required-context-exists-in-bp (pull_request) Failing after 2m1s
Lint pre-flip continue-on-error / Verify continue-on-error flips have run-log proof (pull_request) Successful in 2m5s
lint-mask-pr-atomicity / lint-mask-pr-atomicity (pull_request) Successful in 2m24s
Ops Scripts Tests / Ops scripts (unittest) (pull_request) Successful in 1m20s
Continuous synthetic E2E (staging) / Synthetic E2E against staging (push) Has started running
Harness Replays / Harness Replays (pull_request) Successful in 6s
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Failing after 1m21s
E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 1m59s
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 2m52s
Some checks failed
Block internal-flavored paths / Block forbidden paths (push) Waiting to run
CI / Detect changes (push) Waiting to run
CI / Platform (Go) (push) Blocked by required conditions
CI / Canvas (Next.js) (push) Blocked by required conditions
CI / Shellcheck (E2E scripts) (push) Blocked by required conditions
CI / Canvas Deploy Reminder (push) Blocked by required conditions
CI / Python Lint & Test (push) Blocked by required conditions
CI / all-required (push) Blocked by required conditions
E2E API Smoke Test / detect-changes (push) Waiting to run
E2E API Smoke Test / E2E API Smoke Test (push) Blocked by required conditions
E2E Staging Canvas (Playwright) / detect-changes (push) Waiting to run
E2E Staging Canvas (Playwright) / Canvas tabs E2E (push) Blocked by required conditions
Handlers Postgres Integration / detect-changes (push) Waiting to run
Handlers Postgres Integration / Handlers Postgres Integration (push) Blocked by required conditions
Runtime PR-Built Compatibility / detect-changes (push) Waiting to run
Runtime PR-Built Compatibility / PR-built wheel + import smoke (push) Blocked by required conditions
Secret scan / Scan diff for credential-shaped strings (push) Waiting to run
sop-checklist / all-items-acked (pull_request) [info tier:low] acked: 0/7 — missing: comprehensive-testing, local-postgres-e2e, staging-smoke, +4 — body-unfilled: comprehensive-testing, l
Block internal-flavored paths / Block forbidden paths (pull_request) Successful in 29s
Lint curl status-code capture / Scan workflows for curl status-capture pollution (pull_request) Successful in 16s
Harness Replays / detect-changes (pull_request) Successful in 44s
E2E API Smoke Test / detect-changes (pull_request) Successful in 57s
Handlers Postgres Integration / detect-changes (pull_request) Successful in 54s
publish-runtime-autobump / bump-and-tag (pull_request) Has been skipped
review-check-tests / review-check.sh regression tests (pull_request) Successful in 19s
Runtime PR-Built Compatibility / detect-changes (pull_request) Successful in 38s
publish-runtime-autobump / pr-validate (pull_request) Successful in 54s
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 33s
lint-required-no-paths / lint-required-no-paths (pull_request) Successful in 1m20s
gate-check-v3 / gate-check (pull_request) Successful in 14s
qa-review / approved (pull_request) Successful in 9s
security-review / approved (pull_request) Successful in 9s
sop-checklist-gate / gate (pull_request) Successful in 8s
lint-continue-on-error-tracking / lint-continue-on-error-tracking (pull_request) Successful in 1m57s
sop-tier-check / tier-check (pull_request) Successful in 8s
Lint workflow YAML (Gitea-1.22.6-hostile shapes) / Lint workflow YAML for Gitea-1.22.6-hostile shapes (pull_request) Failing after 1m26s
lint-required-context-exists-in-bp / lint-required-context-exists-in-bp (pull_request) Failing after 2m1s
Lint pre-flip continue-on-error / Verify continue-on-error flips have run-log proof (pull_request) Successful in 2m5s
lint-mask-pr-atomicity / lint-mask-pr-atomicity (pull_request) Successful in 2m24s
Ops Scripts Tests / Ops scripts (unittest) (pull_request) Successful in 1m20s
Continuous synthetic E2E (staging) / Synthetic E2E against staging (push) Has started running
Harness Replays / Harness Replays (pull_request) Successful in 6s
Handlers Postgres Integration / Handlers Postgres Integration (pull_request) Failing after 1m21s
E2E API Smoke Test / E2E API Smoke Test (pull_request) Successful in 1m59s
Runtime PR-Built Compatibility / PR-built wheel + import smoke (pull_request) Successful in 2m52s
This commit is contained in:
commit
d8ac017d6e
@ -110,6 +110,13 @@ AGENT_LOGIN_MAP = {
|
||||
"offsec": "core-offsec",
|
||||
}
|
||||
|
||||
# Map alternate Gitea logins → canonical logins for gate matching.
|
||||
# infra-sre is the engineers/core-devops agent (same team, same work).
|
||||
# Without this alias, infra-sre comments/reviews never satisfy the engineers gate.
|
||||
LOGIN_ALIASES = {
|
||||
"infra-sre": "core-devops",
|
||||
}
|
||||
|
||||
# SOP-6 tier → required agent groups
|
||||
# tier:low → engineers,managers,ceo (OR: any one suffices)
|
||||
# tier:medium → managers AND engineers AND qa,security (AND)
|
||||
@ -168,17 +175,18 @@ def signal_1_comment_scan(pr_number: int, repo: str) -> dict:
|
||||
except GiteaError:
|
||||
pass
|
||||
|
||||
# Collect APPROVED reviews from agent logins
|
||||
# Collect APPROVED reviews from agent logins (resolving LOGIN_ALIASES)
|
||||
try:
|
||||
reviews = api_list(f"/repos/{owner}/{name}/pulls/{pr_number}/reviews")
|
||||
for r in reviews:
|
||||
login = r.get("user", {}).get("login", "")
|
||||
if login in login_to_group and r.get("state") == "APPROVED":
|
||||
canonical = LOGIN_ALIASES.get(login, login)
|
||||
if canonical in login_to_group and r.get("state") == "APPROVED":
|
||||
comments.append(
|
||||
{
|
||||
"id": f"review-{r['id']}",
|
||||
"user": {"login": login},
|
||||
"body": f"[{login}-agent] APPROVED",
|
||||
"user": {"login": canonical},
|
||||
"body": f"[{canonical}-agent] APPROVED",
|
||||
"created_at": r.get("submitted_at") or r.get("created_at", ""),
|
||||
"source": "review",
|
||||
}
|
||||
@ -193,6 +201,8 @@ def signal_1_comment_scan(pr_number: int, repo: str) -> dict:
|
||||
for c in comments:
|
||||
body = c.get("body", "") or ""
|
||||
user_login = c.get("user", {}).get("login", "")
|
||||
# Resolve LOGIN_ALIASES so alternate logins satisfy the canonical gate
|
||||
user_login = LOGIN_ALIASES.get(user_login, user_login)
|
||||
if user_login != login:
|
||||
continue
|
||||
for m in AGENT_TAG_RE.finditer(body):
|
||||
|
||||
@ -32,3 +32,45 @@ def test_run_skips_pr_not_targeting_default_branch(monkeypatch):
|
||||
assert result["verdict"] == "CLEAR"
|
||||
assert result["skipped"] is True
|
||||
assert "staging" in result["reason"]
|
||||
|
||||
|
||||
def test_signal_1_infra_sre_login_alias_resolved_to_core_devops(monkeypatch):
|
||||
"""infra-sre posts [devops-agent] APPROVED → engineers gate satisfied via LOGIN_ALIASES."""
|
||||
mod = load_gate_check()
|
||||
|
||||
def fake_api_get(path):
|
||||
# PR 900 has tier:low label
|
||||
if path == "/repos/molecule-ai/molecule-core/pulls/900":
|
||||
return {
|
||||
"number": 900,
|
||||
"labels": [{"name": "tier:low"}],
|
||||
}
|
||||
raise AssertionError(f"unexpected api_get: {path}")
|
||||
|
||||
def fake_api_list(path):
|
||||
if path == "/repos/molecule-ai/molecule-core/issues/900/comments":
|
||||
return []
|
||||
if path == "/repos/molecule-ai/molecule-core/pulls/900/comments":
|
||||
return []
|
||||
if path == "/repos/molecule-ai/molecule-core/pulls/900/reviews":
|
||||
return [
|
||||
{
|
||||
"id": 1,
|
||||
"user": {"login": "infra-sre"},
|
||||
"state": "APPROVED",
|
||||
"submitted_at": "2026-05-13T10:00:00Z",
|
||||
}
|
||||
]
|
||||
raise AssertionError(f"unexpected api_list: {path}")
|
||||
|
||||
monkeypatch.setattr(mod, "api_get", fake_api_get)
|
||||
monkeypatch.setattr(mod, "api_list", fake_api_list)
|
||||
|
||||
result = mod.signal_1_comment_scan(900, "molecule-ai/molecule-core")
|
||||
|
||||
assert result["verdict"] == "CLEAR"
|
||||
assert result["signal"] == "agent_tag_comments"
|
||||
# infra-sre (aliased to core-devops) should satisfy engineers gate
|
||||
engineers = result["results"]["core-devops"]
|
||||
assert engineers["verdict"] == "APPROVED"
|
||||
assert engineers["group"] == "engineers"
|
||||
|
||||
Loading…
Reference in New Issue
Block a user