-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathpreflight.sh
More file actions
executable file
·199 lines (182 loc) · 7.39 KB
/
Copy pathpreflight.sh
File metadata and controls
executable file
·199 lines (182 loc) · 7.39 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
#!/usr/bin/env bash
set -euo pipefail
ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
SURFACE="full"
FAST_MODE=0
source "$ROOT_DIR/scripts/lib/project_automation.sh"
source "$ROOT_DIR/scripts/audit_cache.sh"
source "$ROOT_DIR/scripts/timing_history.sh"
SCRIPT_START_TS="$(date +%s)"
format_duration() {
local seconds="$1"
printf '%ss' "$seconds"
}
phase_cache_fingerprint() {
local cache_key="$1"
local metadata="$2"
shift 2 || true
audit_cache_fingerprint_inputs "$cache_key" "$metadata" "$@"
}
clean_frontend_build_artifacts() {
local frontend_dir=""
frontend_dir="$(automation_frontend_dir_rel)"
if [ -d "${frontend_dir}/.next" ]; then
echo "[preflight] removing stale ${frontend_dir}/.next"
rm -rf "${frontend_dir}/.next"
fi
}
usage() {
cat <<'EOF'
Usage:
bash scripts/preflight.sh [--surface frontend|backend|full] [--fast]
EOF
}
while [ "$#" -gt 0 ]; do
case "$1" in
--surface)
SURFACE="${2:-}"
shift 2
;;
--fast)
FAST_MODE=1
shift
;;
-h|--help)
usage
exit 0
;;
*)
echo "[preflight] unknown argument: $1" >&2
usage >&2
exit 1
;;
esac
done
case "$SURFACE" in
frontend|backend|full)
;;
*)
echo "[preflight] invalid surface: $SURFACE" >&2
usage >&2
exit 1
;;
esac
cd "$ROOT_DIR"
audit_cache_prepare
trap audit_cache_cleanup EXIT
echo "[preflight] repo: $ROOT_DIR"
echo "[preflight] surface: $SURFACE"
echo "[preflight] fast mode: $FAST_MODE"
echo "[preflight] git status"
git status --short
frontend_build_duration=0
if [ -f "$(automation_frontend_dir_rel)/package.json" ] && { [ "$SURFACE" = "frontend" ] || [ "$SURFACE" = "full" ]; }; then
if [ "$FAST_MODE" = "1" ]; then
echo "[preflight] frontend build skipped in fast mode"
else
frontend_build_start_ts="$(date +%s)"
frontend_build_cache_key="preflight_frontend_build"
frontend_build_metadata="$(printf 'surface=%s\nfast=%s\nfrontend_dir=%s\n' "$SURFACE" "$FAST_MODE" "$(automation_frontend_dir_rel)")"
frontend_build_files=()
while IFS= read -r file; do
[ -n "$file" ] && frontend_build_files+=("$file")
done < <(git ls-files "$(automation_frontend_dir_rel)")
if [ -f ".env.production.example" ]; then
frontend_build_files+=(".env.production.example")
fi
frontend_build_fingerprint="$(phase_cache_fingerprint "$frontend_build_cache_key" "$frontend_build_metadata" "${frontend_build_files[@]}")"
if audit_cache_persistent_has "$frontend_build_cache_key" "$frontend_build_fingerprint"; then
echo "[preflight] frontend build cache hit"
audit_cache_record_event phase_hit "$frontend_build_cache_key"
else
echo "[preflight] frontend build cache miss"
audit_cache_record_event phase_miss "$frontend_build_cache_key"
clean_frontend_build_artifacts
echo "[preflight] frontend build"
automation_frontend_npm run build
audit_cache_persistent_mark "$frontend_build_cache_key" "$frontend_build_fingerprint"
fi
frontend_build_duration=$(( $(date +%s) - frontend_build_start_ts ))
fi
fi
backend_syntax_duration=0
if [ -d "$(automation_backend_app_dir_rel)" ] && { [ "$SURFACE" = "backend" ] || [ "$SURFACE" = "full" ]; }; then
backend_syntax_start_ts="$(date +%s)"
echo "[preflight] backend syntax check"
python_files=()
if [ "${DEPLOYMATE_BACKEND_SYNTAX_MODE:-full}" = "skip" ]; then
echo "[preflight] backend syntax skipped for this local diff"
elif [ "${DEPLOYMATE_BACKEND_SYNTAX_MODE:-full}" = "targeted" ] && [ -n "${DEPLOYMATE_BACKEND_PYTHON_FILES:-}" ]; then
IFS=' ' read -r -a python_files <<< "$DEPLOYMATE_BACKEND_PYTHON_FILES"
echo "[preflight] backend syntax scope: targeted"
else
while IFS= read -r file; do
python_files+=("$file")
done < <(find "$(automation_backend_app_dir_rel)" -type f -name '*.py' | sort)
echo "[preflight] backend syntax scope: full"
fi
if [ "${#python_files[@]}" -gt 0 ]; then
backend_syntax_cache_key="preflight_backend_syntax"
backend_syntax_metadata="$(printf 'surface=%s\nfast=%s\nmode=%s\nfiles=%s\n' "$SURFACE" "$FAST_MODE" "${DEPLOYMATE_BACKEND_SYNTAX_MODE:-full}" "${python_files[*]}")"
backend_syntax_fingerprint="$(phase_cache_fingerprint "$backend_syntax_cache_key" "$backend_syntax_metadata" "${python_files[@]}")"
if audit_cache_persistent_has "$backend_syntax_cache_key" "$backend_syntax_fingerprint"; then
echo "[preflight] backend syntax cache hit"
audit_cache_record_event phase_hit "$backend_syntax_cache_key"
else
echo "[preflight] backend syntax cache miss"
audit_cache_record_event phase_miss "$backend_syntax_cache_key"
python3 -m py_compile "${python_files[@]}"
audit_cache_persistent_mark "$backend_syntax_cache_key" "$backend_syntax_fingerprint"
fi
fi
backend_syntax_duration=$(( $(date +%s) - backend_syntax_start_ts ))
fi
security_audit_duration=0
if [ -f "scripts/security_audit.sh" ]; then
security_audit_start_ts="$(date +%s)"
echo "[preflight] security audit"
bash scripts/security_audit.sh
security_audit_duration=$(( $(date +%s) - security_audit_start_ts ))
fi
runtime_capability_duration=0
if [ -f "scripts/runtime_capability_audit.sh" ]; then
if [ "${DEPLOYMATE_RUN_RUNTIME_AUDITS:-1}" = "1" ]; then
runtime_capability_start_ts="$(date +%s)"
echo "[preflight] runtime capability audit"
bash scripts/runtime_capability_audit.sh
runtime_capability_duration=$(( $(date +%s) - runtime_capability_start_ts ))
else
echo "[preflight] runtime capability audit skipped for this local diff"
fi
fi
production_env_duration=0
if [ -f "scripts/production_env_audit.sh" ]; then
if [ "${DEPLOYMATE_RUN_RUNTIME_AUDITS:-1}" = "1" ]; then
production_env_start_ts="$(date +%s)"
echo "[preflight] production env audit"
bash scripts/production_env_audit.sh
production_env_duration=$(( $(date +%s) - production_env_start_ts ))
else
echo "[preflight] production env audit skipped for this local diff"
fi
fi
total_duration=$(( $(date +%s) - SCRIPT_START_TS ))
timing_history_append "preflight" "$SURFACE" "$FAST_MODE" "frontend_build" "$frontend_build_duration"
timing_history_append "preflight" "$SURFACE" "$FAST_MODE" "backend_syntax" "$backend_syntax_duration"
timing_history_append "preflight" "$SURFACE" "$FAST_MODE" "security_audit" "$security_audit_duration"
timing_history_append "preflight" "$SURFACE" "$FAST_MODE" "runtime_capability_audit" "$runtime_capability_duration"
timing_history_append "preflight" "$SURFACE" "$FAST_MODE" "production_env_audit" "$production_env_duration"
timing_history_append "preflight" "$SURFACE" "$FAST_MODE" "total" "$total_duration"
echo "[preflight] timing summary:"
echo "[preflight] - frontend build: $(format_duration "$frontend_build_duration")"
echo "[preflight] - backend syntax: $(format_duration "$backend_syntax_duration")"
echo "[preflight] - security audit: $(format_duration "$security_audit_duration")"
echo "[preflight] - runtime capability audit: $(format_duration "$runtime_capability_duration")"
echo "[preflight] - production env audit: $(format_duration "$production_env_duration")"
echo "[preflight] - total: $(format_duration "$total_duration")"
echo "[preflight] timing history: .logs/local_gate_timing.csv"
audit_cache_print_summary "[preflight]"
audit_cache_print_family_summary "[preflight]"
audit_cache_print_family_hint "[preflight]"
timing_history_print_hint "preflight" "$SURFACE" "$FAST_MODE"
echo "[preflight] done"