Initial commit
This commit is contained in:
Zhongwei Li
184
hooks/before_pr.sh
Executable file
184
hooks/before_pr.sh
Executable file
@@ -0,0 +1,184 @@
|
||||
# hooks/before_pr.sh
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
# Get language setting from environment
|
||||
LANG="${ORCHESTRA_LANGUAGE:-en}"
|
||||
|
||||
if [ "$LANG" = "ja" ]; then
|
||||
echo "[before_pr] リント/型チェック/テスト/シークレット/SBOM実行中..."
|
||||
else
|
||||
echo "[before_pr] Running lint/type/tests/secret/sbom..."
|
||||
fi
|
||||
|
||||
# Sync documentation to Memory Bank before PR
|
||||
SYNC_SCRIPT="$(dirname "$0")/../.orchestra/scripts/sync-to-memory-bank.sh"
|
||||
if [ -f "$SYNC_SCRIPT" ] && [ -x "$SYNC_SCRIPT" ]; then
|
||||
if [ "$LANG" = "ja" ]; then
|
||||
echo ""
|
||||
echo "[before_pr] Memory Bankへドキュメントを同期中..."
|
||||
else
|
||||
echo ""
|
||||
echo "[before_pr] Syncing documentation to Memory Bank..."
|
||||
fi
|
||||
|
||||
if "$SYNC_SCRIPT"; then
|
||||
if [ "$LANG" = "ja" ]; then
|
||||
echo "✅ Memory Bank同期完了"
|
||||
else
|
||||
echo "✅ Memory Bank sync completed"
|
||||
fi
|
||||
else
|
||||
if [ "$LANG" = "ja" ]; then
|
||||
echo "⚠️ Memory Bank同期が失敗しましたが、PR作成は続行します"
|
||||
else
|
||||
echo "⚠️ Memory Bank sync failed, but continuing with PR creation"
|
||||
fi
|
||||
fi
|
||||
echo ""
|
||||
fi
|
||||
|
||||
# Detect project type and run appropriate checks
|
||||
if [ -f "package.json" ]; then
|
||||
if [ "$LANG" = "ja" ]; then
|
||||
echo "→ ESLint実行中..."
|
||||
else
|
||||
echo "→ Running ESLint..."
|
||||
fi
|
||||
|
||||
npx eslint . --ext .js,.jsx,.ts,.tsx --max-warnings 0 || {
|
||||
if [ "$LANG" = "ja" ]; then
|
||||
echo "❌ ESLintが失敗しました。PR作成前にリントエラーを修正してください。"
|
||||
else
|
||||
echo "❌ ESLint failed. Please fix linting errors before creating PR."
|
||||
fi
|
||||
exit 1
|
||||
}
|
||||
|
||||
if [ "$LANG" = "ja" ]; then
|
||||
echo "→ TypeScriptコンパイラ実行中..."
|
||||
else
|
||||
echo "→ Running TypeScript compiler..."
|
||||
fi
|
||||
|
||||
npx tsc --noEmit || {
|
||||
if [ "$LANG" = "ja" ]; then
|
||||
echo "❌ TypeScriptコンパイルが失敗しました。PR作成前に型エラーを修正してください。"
|
||||
else
|
||||
echo "❌ TypeScript compilation failed. Please fix type errors before creating PR."
|
||||
fi
|
||||
exit 1
|
||||
}
|
||||
|
||||
if [ "$LANG" = "ja" ]; then
|
||||
echo "→ テスト実行中..."
|
||||
else
|
||||
echo "→ Running tests..."
|
||||
fi
|
||||
|
||||
npm test -- --passWithNoTests || {
|
||||
if [ "$LANG" = "ja" ]; then
|
||||
echo "❌ テストが失敗しました。PR作成前に全てのテストが通ることを確認してください。"
|
||||
else
|
||||
echo "❌ Tests failed. Please ensure all tests pass before creating PR."
|
||||
fi
|
||||
exit 1
|
||||
}
|
||||
fi
|
||||
|
||||
if [ -f "pytest.ini" ] || [ -f "setup.py" ] || [ -f "pyproject.toml" ]; then
|
||||
if [ "$LANG" = "ja" ]; then
|
||||
echo "→ pytest実行中..."
|
||||
else
|
||||
echo "→ Running pytest..."
|
||||
fi
|
||||
|
||||
pytest --maxfail=1 --disable-warnings -q || {
|
||||
if [ "$LANG" = "ja" ]; then
|
||||
echo "❌ Pytestが失敗しました。PR作成前に失敗したテストを修正してください。"
|
||||
else
|
||||
echo "❌ Pytest failed. Please fix failing tests before creating PR."
|
||||
fi
|
||||
exit 1
|
||||
}
|
||||
fi
|
||||
|
||||
# Secret scanning with TruffleHog
|
||||
if command -v trufflehog &> /dev/null; then
|
||||
if [ "$LANG" = "ja" ]; then
|
||||
echo "→ TruffleHogシークレットスキャン実行中..."
|
||||
else
|
||||
echo "→ Running TruffleHog secret scan..."
|
||||
fi
|
||||
|
||||
trufflehog git file://. --since-commit HEAD~1 --only-verified --fail || {
|
||||
if [ "$LANG" = "ja" ]; then
|
||||
echo "❌ シークレットが検出されました!PR作成前にシークレットを削除してください。"
|
||||
else
|
||||
echo "❌ Secret detected! Please remove secrets before creating PR."
|
||||
fi
|
||||
exit 1
|
||||
}
|
||||
else
|
||||
if [ "$LANG" = "ja" ]; then
|
||||
echo "⚠️ TruffleHogがインストールされていません。シークレットスキャンをスキップします。インストール:brew install trufflehog"
|
||||
else
|
||||
echo "⚠️ TruffleHog not installed. Skipping secret scan. Install: brew install trufflehog"
|
||||
fi
|
||||
fi
|
||||
|
||||
# SBOM generation and vulnerability scanning with Syft + Grype
|
||||
if command -v syft &> /dev/null && command -v grype &> /dev/null; then
|
||||
if [ "$LANG" = "ja" ]; then
|
||||
echo "→ SyftでSBOM生成中..."
|
||||
else
|
||||
echo "→ Generating SBOM with Syft..."
|
||||
fi
|
||||
|
||||
syft dir:. -o cyclonedx-json > sbom.json
|
||||
|
||||
if [ "$LANG" = "ja" ]; then
|
||||
echo "→ Grypeで脆弱性スキャン中..."
|
||||
else
|
||||
echo "→ Scanning vulnerabilities with Grype..."
|
||||
fi
|
||||
|
||||
grype sbom:sbom.json --fail-on medium || {
|
||||
if [ "$LANG" = "ja" ]; then
|
||||
echo "❌ 脆弱性が検出されました!PR作成前にセキュリティ問題に対処してください。"
|
||||
else
|
||||
echo "❌ Vulnerabilities detected! Please address security issues before creating PR."
|
||||
fi
|
||||
exit 1
|
||||
}
|
||||
else
|
||||
if [ "$LANG" = "ja" ]; then
|
||||
echo "⚠️ Syft/Grypeがインストールされていません。SBOM & 脆弱性スキャンをスキップします。"
|
||||
echo " インストール:brew install syft grype"
|
||||
else
|
||||
echo "⚠️ Syft/Grype not installed. Skipping SBOM & vulnerability scan."
|
||||
echo " Install: brew install syft grype"
|
||||
fi
|
||||
fi
|
||||
|
||||
# Voice notification (Eden announces QA completion)
|
||||
VOICE_SCRIPT="$(dirname "$0")/../mcp-servers/play-voice.sh"
|
||||
if [ -f "$VOICE_SCRIPT" ]; then
|
||||
"$VOICE_SCRIPT" "eden" "pre-PR checks" 2>/dev/null || true
|
||||
fi
|
||||
|
||||
if [ "$LANG" = "ja" ]; then
|
||||
echo "✅ 全てのPR前チェックが通過しました!"
|
||||
else
|
||||
echo "✅ All pre-PR checks passed!"
|
||||
fi
|
||||
|
||||
# Auto-commit QA validation results (Eden)
|
||||
AUTO_COMMIT_SCRIPT="$(dirname "$0")/../mcp-servers/auto-commit.sh"
|
||||
if [ -f "$AUTO_COMMIT_SCRIPT" ] && [ -x "$AUTO_COMMIT_SCRIPT" ]; then
|
||||
"$AUTO_COMMIT_SCRIPT" \
|
||||
"test" \
|
||||
"to ensure code quality" \
|
||||
"Pass pre-PR quality checks (lint, type, test, secrets, vulnerabilities)" \
|
||||
"Eden" 2>/dev/null || true
|
||||
fi
|
||||
Reference in New Issue
Block a user