Skip to content

add ci actions #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
sunnygui-L merged 1 commit into from
Feb 9, 2026
Merged

add ci actions #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 25 additions & 0 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
name: Static Code Analysis

on:
pull_request:
branches:
- master
- develop
push:
branches:
- master
- develop

jobs:
static-check:
runs-on: self-hosted

steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0 # 需要完整的git历史来比较变更

- name: Run static code analysis
run: |
sudo docker run --rm -v $(pwd):/app -v $(pwd):/sast -u $(id -u):$(id -g) -w /app registry-egc.enflame-tech.com/enflame/ci_sast:v1.0-os bash -c 'cd /app && python3 /sast/run.py --all_ci_check'
2 changes: 1 addition & 1 deletion checkers/commit_message_check.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@ def check_func(self):
# self.pass_flag = False
# self.fail_message.append("After removing '[type](jira id)' in the title, the remaining content must have at least 10 valid characters.")
for template_field in self.template_fields:
template_field_reg_find = re.findall(template_field + ":\s*\n(.*?)\n",self.commit_message)
template_field_reg_find = re.findall(template_field + ":\s*\n(.*?)",self.commit_message)
if not template_field_reg_find:
self.pass_flag = False
self.fail_message.append("There must be {},please fill in it".format(template_field))
Expand Down
31 changes: 18 additions & 13 deletions checkers/keyword_check.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,10 +45,10 @@ def check_func(self):
self.files_static_check_status[file_need_check]['name_or_email_msg'] = set()
self.files_static_check_status[file_need_check]['key_word'] = set()
self.files_static_check_status[file_need_check]['add_string'] = set()
change_line_list = [x for x in self.diff_info.get(file_need_check, {}).get("add", [])]
change_line_list = [x for x in self.diff_info.get(file_need_check, {}).get("add", []) if isinstance(x, (tuple, list)) and len(x) > 1 and isinstance(x[1], str)]
for index,line in change_line_list:
for key_word in self.forbidden_string_dict.keys():
if key_word in line:
if isinstance(line, str) and key_word in line:
check_dirs = self.forbidden_string_dict[key_word].get("check_dirs",[])
if not check_dirs:
check_flag = True
Expand All @@ -61,15 +61,20 @@ def check_func(self):
self.pass_flag = False
self.files_static_check_status[file_need_check]['check_status'] = False
self.files_static_check_status[file_need_check]['key_word'].add((index,key_word))
check_name_msg = re.findall(self.judge_str,line)
if check_name_msg:
self.pass_flag = False
self.files_static_check_status[file_need_check]['check_status'] = False
for i in range(len(check_name_msg)):
name_msg = check_name_msg[i][0]
self.files_static_check_status[file_need_check]['name_or_email_msg'].add(name_msg)
add_lines = [x[1] for x in self.diff_info.get(file_need_check, {}).get("add",[]) if not x[1].lstrip().startswith('#')]
delete_lines = [x[1] for x in self.diff_info.get(file_need_check, {}).get("del",[]) if not x[1].lstrip().startswith('#')]
if self.judge_str and isinstance(line, str): # 只有当judge_str不为空且line是字符串时才检查
check_name_msg = re.findall(self.judge_str,line)
if check_name_msg:
self.pass_flag = False
self.files_static_check_status[file_need_check]['check_status'] = False
for i in range(len(check_name_msg)):
if isinstance(check_name_msg[i], (tuple, list)) and len(check_name_msg[i]) > 0:
name_msg = check_name_msg[i][0]
self.files_static_check_status[file_need_check]['name_or_email_msg'].add(name_msg)
elif isinstance(check_name_msg[i], str):
# 如果返回的是字符串而不是元组/列表
self.files_static_check_status[file_need_check]['name_or_email_msg'].add(check_name_msg[i])
add_lines = [x[1] for x in self.diff_info.get(file_need_check, {}).get("add",[]) if isinstance(x, (tuple, list)) and len(x) > 1 and isinstance(x[1], str) and not x[1].lstrip().startswith('#')]
delete_lines = [x[1] for x in self.diff_info.get(file_need_check, {}).get("del",[]) if isinstance(x, (tuple, list)) and len(x) > 1 and isinstance(x[1], str) and not x[1].lstrip().startswith('#')]
for keyword in self.forbidden_add_string:
del_count = 0
add_count = 0
Expand All @@ -87,15 +92,15 @@ def check_func(self):
self.files_static_check_status[file_need_check]["check_status"] = False
self.files_static_check_status[file_need_check]["msg"] = self.files_static_check_status[file_need_check].get("msg","") + "Add '{}' is not allowed!\n".format(keyword)
self.files_static_check_status[file_need_check]['add_string'].add(keyword)
add_line_info = [x for x in self.diff_info.get(file_need_check, {}).get("add",[]) ]
add_line_info = [x for x in self.diff_info.get(file_need_check, {}).get("add",[]) if isinstance(x, (tuple, list)) and len(x) > 1 and isinstance(x[1], str)]
for check_mode in self.forbidden_string_mode:
flag = False
for repo in self.forbidden_string_mode[check_mode].get("repo",[]):
if re.match(repo,self.project_name):
flag = True
if flag:
for add_line in add_line_info:
if re.match(check_mode,add_line[1]):
if len(add_line) > 1 and isinstance(add_line[1], str) and re.match(check_mode,add_line[1]):
self.pass_flag = False
if file_need_check not in self.files_static_check_status:
self.files_static_check_status[file_need_check] = {"check_status":False}
Expand Down
5 changes: 4 additions & 1 deletion common/localgit.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,10 @@ def get_edit_commit_message(self):
command_output = pipe.communicate()[0]
return command_output.decode("utf-8",errors="ignore").strip()
else:
return ""
pipe = subprocess.Popen("git log -1 --pretty=format:%B",
stdout=subprocess.PIPE, stderr=subprocess.STDOUT, shell=True, executable="/bin/bash")
command_output = pipe.communicate()[0]
return command_output.decode("utf-8",errors="ignore").strip()

def get_local_path(self):
'''
Expand Down
1 change: 1 addition & 0 deletions run.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,7 @@ def fully_check(self):
try:
checker.check()
except Exception as e:
print(sast_checker,e)
exit_flag = 1
sys.exit(exit_flag)

Expand Down