|
25714
|
18902
|
6
|
5
|
00e6c41c98f5eca066cac8efd4dc9e91dfe5f583
|
0
|
质量门禁
|
1
|
name: Test Pipeline
"on":
push:
name: Test Pipeline
"on":
push:
branches: [main, develop, 'feature/**', 'claude/**']
pull_request:
branches: [main, develop]
workflow_dispatch:
inputs:
coverage_threshold:
description: '覆盖率阈值 (%)'
required: false
default: '80'
run_ai_tests:
description: '运行 AI 模块测试'
required: false
default: 'true'
type: boolean
run_api_tests:
description: '运行 API 集成测试'
required: false
default: 'true'
type: boolean
run_security_audit:
description: '运行安全审计'
required: false
default: 'true'
type: boolean
env:
COVERAGE_THRESHOLD: ${{ github.event.inputs.coverage_threshold || '80' }}
NODE_VERSION: "20"
PNPM_VERSION: "8"
jobs:
quality-gate:
name: 质量门禁
runs-on: ubuntu-latest
if: always()
steps:
- name: 生成流水线报告
run: |
echo "## Test Pipeline 结果" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**分支**: \`${{ github.ref_name }}\`" >> $GITHUB_STEP_SUMMARY
echo "**提交**: \`${{ github.sha }}\`" >> $GITHUB_STEP_SUMMARY
echo "**触发者**: ${{ github.actor }}" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 静态检查 + 构建" >> $GITHUB_STEP_SUMMARY
echo "| 检查项 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|--------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 后端构建 | ${{ needs.backend-build.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 前端构建 | ${{ needs.frontend-build.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 测试" >> $GITHUB_STEP_SUMMARY
echo "| 测试套件 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|----------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 后端单元测试 (4 分片) | ${{ needs.backend-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 后端 API 集成测试 | ${{ needs.backend-api-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 前端单元测试 | ${{ needs.frontend-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 状态机测试 | ${{ needs.state-machine-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| AI 模块单元测试 | ${{ needs.ai-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| AI 模块 API 测试 | ${{ needs.ai-api-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 安全审计" >> $GITHUB_STEP_SUMMARY
echo "| 审计项 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|--------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 多租户安全审计 | ${{ needs.tenant-security-audit.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| Kafka 事件审计 | ${{ needs.kafka-event-audit.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 依赖安全扫描 | ${{ needs.dependency-security-scan.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 治理基线 | ${{ needs.governance-baseline.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
- name: 门禁裁决
run: |
FAILED=0
# 构建必须通过
for job in "${{ needs.backend-build.result }}" "${{ needs.frontend-build.result }}"; do
if [ "$job" == "failure" ]; then
echo "构建失败"
FAILED=1
fi
done
# 单元测试必须通过
for job in "${{ needs.backend-unit-test.result }}" "${{ needs.frontend-unit-test.result }}"; do
if [ "$job" == "failure" ]; then
echo "单元测试失败"
FAILED=1
fi
done
# 状态机测试必须通过
if [ "${{ needs.state-machine-test.result }}" == "failure" ]; then
echo "状态机测试失败"
FAILED=1
fi
# AI 模块测试失败视为阻塞
if [ "${{ needs.ai-unit-test.result }}" == "failure" ]; then
echo "AI 模块单元测试失败"
FAILED=1
fi
# 多租户安全审计(红线 1)
if [ "${{ needs.tenant-security-audit.result }}" == "failure" ]; then
echo "多租户安全审计失败 - CRITICAL 数据安全风险"
FAILED=1
fi
# Kafka 事件审计(红线 3)
if [ "${{ needs.kafka-event-audit.result }}" == "failure" ]; then
echo "Kafka 事件审计失败 - 审计链断裂风险"
FAILED=1
fi
# 依赖安全扫描
if [ "${{ needs.dependency-security-scan.result }}" == "failure" ]; then
echo "依赖安全扫描失败 - 存在 high/critical 漏洞"
FAILED=1
fi
if [ $FAILED -eq 1 ]; then
echo ""
echo "质量门禁未通过"
exit 1
fi
echo "质量门禁通过"
- if: github.event_name == 'pull_request' && always()
name: PR 评论质量报告
uses: actions/github-script@v7
with:
script: |
const results = {
backendBuild: '${{ needs.backend-build.result }}',
frontendBuild: '${{ needs.frontend-build.result }}',
backendUnit: '${{ needs.backend-unit-test.result }}',
backendApi: '${{ needs.backend-api-test.result }}',
frontendUnit: '${{ needs.frontend-unit-test.result }}',
stateMachine: '${{ needs.state-machine-test.result }}',
aiUnit: '${{ needs.ai-unit-test.result }}',
aiApi: '${{ needs.ai-api-test.result }}',
tenantAudit: '${{ needs.tenant-security-audit.result }}',
kafkaAudit: '${{ needs.kafka-event-audit.result }}',
depScan: '${{ needs.dependency-security-scan.result }}',
};
const icon = (r) => r === 'success' ? '✅' : r === 'failure' ? '❌' : '⏭️';
const allPassed = !Object.values(results).some(r => r === 'failure');
const body = [
`## ${allPassed ? '✅' : '❌'} Test Pipeline 质量门禁`,
'',
'| 检查项 | 状态 |',
'|--------|------|',
`| 后端构建 | ${icon(results.backendBuild)} |`,
`| 前端构建 | ${icon(results.frontendBuild)} |`,
`| 后端单元测试 | ${icon(results.backendUnit)} |`,
`| 后端 API 测试 | ${icon(results.backendApi)} |`,
`| 前端单元测试 | ${icon(results.frontendUnit)} |`,
`| 状态机测试 | ${icon(results.stateMachine)} |`,
`| AI 单元测试 | ${icon(results.aiUnit)} |`,
`| AI API 测试 | ${icon(results.aiApi)} |`,
`| 多租户审计 | ${icon(results.tenantAudit)} |`,
`| Kafka 审计 | ${icon(results.kafkaAudit)} |`,
`| 依赖扫描 | ${icon(results.depScan)} |`,
'',
allPassed ? '**所有门禁通过,可以合并!**' : '**门禁未通过,请修复问题后重新提交。**',
].join('\n');
const { data: comments } = await github.rest.issues.listComments({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo
});
const existing = comments.find(c =>
c.user.type === 'Bot' && c.body.includes('Test Pipeline 质量门禁')
);
if (existing) {
await github.rest.issues.updateComment({
comment_id: existing.id,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
});
} else {
await github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
});
}
...
|
quality-gate
|
["backend-unit-test","backend-api-test ["backend-unit-test","backend-api-test","backend-build","frontend-unit-test","frontend-build","state-machine-test","ai-unit-test","ai-api-test","tenant-security-audit","kafka-event-audit","dependency-security-scan","governance-baseline"]...
|
["ubuntu-latest"]
|
22052
|
1
|
1777545608
|
1777545611
|
1777531658
|
1777545612
|
|
1
|
|
0
|
Edit
Delete
|
|
25943
|
19090
|
6
|
5
|
468c7319f39e251cdf8eb96c3aa63f4db200a7db
|
0
|
质量门禁
|
1
|
name: Test Pipeline
"on":
push:
name: Test Pipeline
"on":
push:
branches: [main, develop, 'feature/**', 'claude/**']
pull_request:
branches: [main, develop]
workflow_dispatch:
inputs:
coverage_threshold:
description: '覆盖率阈值 (%)'
required: false
default: '80'
run_ai_tests:
description: '运行 AI 模块测试'
required: false
default: 'true'
type: boolean
run_api_tests:
description: '运行 API 集成测试'
required: false
default: 'true'
type: boolean
run_security_audit:
description: '运行安全审计'
required: false
default: 'true'
type: boolean
env:
COVERAGE_THRESHOLD: ${{ github.event.inputs.coverage_threshold || '80' }}
NODE_VERSION: "20"
PNPM_VERSION: "8"
jobs:
quality-gate:
name: 质量门禁
runs-on: ubuntu-latest
if: always()
steps:
- name: 生成流水线报告
run: |
echo "## Test Pipeline 结果" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**分支**: \`${{ github.ref_name }}\`" >> $GITHUB_STEP_SUMMARY
echo "**提交**: \`${{ github.sha }}\`" >> $GITHUB_STEP_SUMMARY
echo "**触发者**: ${{ github.actor }}" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 静态检查 + 构建" >> $GITHUB_STEP_SUMMARY
echo "| 检查项 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|--------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 后端构建 | ${{ needs.backend-build.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 前端构建 | ${{ needs.frontend-build.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 测试" >> $GITHUB_STEP_SUMMARY
echo "| 测试套件 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|----------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 后端单元测试 (4 分片) | ${{ needs.backend-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 后端 API 集成测试 | ${{ needs.backend-api-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 前端单元测试 | ${{ needs.frontend-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 状态机测试 | ${{ needs.state-machine-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| AI 模块单元测试 | ${{ needs.ai-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| AI 模块 API 测试 | ${{ needs.ai-api-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 安全审计" >> $GITHUB_STEP_SUMMARY
echo "| 审计项 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|--------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 多租户安全审计 | ${{ needs.tenant-security-audit.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| Kafka 事件审计 | ${{ needs.kafka-event-audit.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 依赖安全扫描 | ${{ needs.dependency-security-scan.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 治理基线 | ${{ needs.governance-baseline.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
- name: 门禁裁决
run: |
FAILED=0
# 构建必须通过
for job in "${{ needs.backend-build.result }}" "${{ needs.frontend-build.result }}"; do
if [ "$job" == "failure" ]; then
echo "构建失败"
FAILED=1
fi
done
# 单元测试必须通过
for job in "${{ needs.backend-unit-test.result }}" "${{ needs.frontend-unit-test.result }}"; do
if [ "$job" == "failure" ]; then
echo "单元测试失败"
FAILED=1
fi
done
# 状态机测试必须通过
if [ "${{ needs.state-machine-test.result }}" == "failure" ]; then
echo "状态机测试失败"
FAILED=1
fi
# AI 模块测试失败视为阻塞
if [ "${{ needs.ai-unit-test.result }}" == "failure" ]; then
echo "AI 模块单元测试失败"
FAILED=1
fi
# 多租户安全审计(红线 1)
if [ "${{ needs.tenant-security-audit.result }}" == "failure" ]; then
echo "多租户安全审计失败 - CRITICAL 数据安全风险"
FAILED=1
fi
# Kafka 事件审计(红线 3)
if [ "${{ needs.kafka-event-audit.result }}" == "failure" ]; then
echo "Kafka 事件审计失败 - 审计链断裂风险"
FAILED=1
fi
# 依赖安全扫描
if [ "${{ needs.dependency-security-scan.result }}" == "failure" ]; then
echo "依赖安全扫描失败 - 存在 high/critical 漏洞"
FAILED=1
fi
if [ $FAILED -eq 1 ]; then
echo ""
echo "质量门禁未通过"
exit 1
fi
echo "质量门禁通过"
- if: github.event_name == 'pull_request' && always()
name: PR 评论质量报告
uses: actions/github-script@v7
with:
script: |
const results = {
backendBuild: '${{ needs.backend-build.result }}',
frontendBuild: '${{ needs.frontend-build.result }}',
backendUnit: '${{ needs.backend-unit-test.result }}',
backendApi: '${{ needs.backend-api-test.result }}',
frontendUnit: '${{ needs.frontend-unit-test.result }}',
stateMachine: '${{ needs.state-machine-test.result }}',
aiUnit: '${{ needs.ai-unit-test.result }}',
aiApi: '${{ needs.ai-api-test.result }}',
tenantAudit: '${{ needs.tenant-security-audit.result }}',
kafkaAudit: '${{ needs.kafka-event-audit.result }}',
depScan: '${{ needs.dependency-security-scan.result }}',
};
const icon = (r) => r === 'success' ? '✅' : r === 'failure' ? '❌' : '⏭️';
const allPassed = !Object.values(results).some(r => r === 'failure');
const body = [
`## ${allPassed ? '✅' : '❌'} Test Pipeline 质量门禁`,
'',
'| 检查项 | 状态 |',
'|--------|------|',
`| 后端构建 | ${icon(results.backendBuild)} |`,
`| 前端构建 | ${icon(results.frontendBuild)} |`,
`| 后端单元测试 | ${icon(results.backendUnit)} |`,
`| 后端 API 测试 | ${icon(results.backendApi)} |`,
`| 前端单元测试 | ${icon(results.frontendUnit)} |`,
`| 状态机测试 | ${icon(results.stateMachine)} |`,
`| AI 单元测试 | ${icon(results.aiUnit)} |`,
`| AI API 测试 | ${icon(results.aiApi)} |`,
`| 多租户审计 | ${icon(results.tenantAudit)} |`,
`| Kafka 审计 | ${icon(results.kafkaAudit)} |`,
`| 依赖扫描 | ${icon(results.depScan)} |`,
'',
allPassed ? '**所有门禁通过,可以合并!**' : '**门禁未通过,请修复问题后重新提交。**',
].join('\n');
const { data: comments } = await github.rest.issues.listComments({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo
});
const existing = comments.find(c =>
c.user.type === 'Bot' && c.body.includes('Test Pipeline 质量门禁')
);
if (existing) {
await github.rest.issues.updateComment({
comment_id: existing.id,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
});
} else {
await github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
});
}
...
|
quality-gate
|
["backend-unit-test","backend-api-test ["backend-unit-test","backend-api-test","backend-build","frontend-unit-test","frontend-build","state-machine-test","ai-unit-test","ai-api-test","tenant-security-audit","kafka-event-audit","dependency-security-scan","governance-baseline"]...
|
["ubuntu-latest"]
|
22247
|
1
|
1777597396
|
1777597398
|
1777597306
|
1777597398
|
|
1
|
|
0
|
Edit
Delete
|
|
25980
|
19093
|
6
|
5
|
468c7319f39e251cdf8eb96c3aa63f4db200a7db
|
0
|
质量门禁
|
1
|
name: Test Pipeline
"on":
push:
name: Test Pipeline
"on":
push:
branches: [main, develop, 'feature/**', 'claude/**']
pull_request:
branches: [main, develop]
workflow_dispatch:
inputs:
coverage_threshold:
description: '覆盖率阈值 (%)'
required: false
default: '80'
run_ai_tests:
description: '运行 AI 模块测试'
required: false
default: 'true'
type: boolean
run_api_tests:
description: '运行 API 集成测试'
required: false
default: 'true'
type: boolean
run_security_audit:
description: '运行安全审计'
required: false
default: 'true'
type: boolean
env:
COVERAGE_THRESHOLD: ${{ github.event.inputs.coverage_threshold || '80' }}
NODE_VERSION: "20"
PNPM_VERSION: "8"
jobs:
quality-gate:
name: 质量门禁
runs-on: ubuntu-latest
if: always()
steps:
- name: 生成流水线报告
run: |
echo "## Test Pipeline 结果" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**分支**: \`${{ github.ref_name }}\`" >> $GITHUB_STEP_SUMMARY
echo "**提交**: \`${{ github.sha }}\`" >> $GITHUB_STEP_SUMMARY
echo "**触发者**: ${{ github.actor }}" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 静态检查 + 构建" >> $GITHUB_STEP_SUMMARY
echo "| 检查项 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|--------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 后端构建 | ${{ needs.backend-build.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 前端构建 | ${{ needs.frontend-build.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 测试" >> $GITHUB_STEP_SUMMARY
echo "| 测试套件 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|----------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 后端单元测试 (4 分片) | ${{ needs.backend-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 后端 API 集成测试 | ${{ needs.backend-api-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 前端单元测试 | ${{ needs.frontend-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 状态机测试 | ${{ needs.state-machine-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| AI 模块单元测试 | ${{ needs.ai-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| AI 模块 API 测试 | ${{ needs.ai-api-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 安全审计" >> $GITHUB_STEP_SUMMARY
echo "| 审计项 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|--------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 多租户安全审计 | ${{ needs.tenant-security-audit.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| Kafka 事件审计 | ${{ needs.kafka-event-audit.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 依赖安全扫描 | ${{ needs.dependency-security-scan.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 治理基线 | ${{ needs.governance-baseline.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
- name: 门禁裁决
run: |
FAILED=0
# 构建必须通过
for job in "${{ needs.backend-build.result }}" "${{ needs.frontend-build.result }}"; do
if [ "$job" == "failure" ]; then
echo "构建失败"
FAILED=1
fi
done
# 单元测试必须通过
for job in "${{ needs.backend-unit-test.result }}" "${{ needs.frontend-unit-test.result }}"; do
if [ "$job" == "failure" ]; then
echo "单元测试失败"
FAILED=1
fi
done
# 状态机测试必须通过
if [ "${{ needs.state-machine-test.result }}" == "failure" ]; then
echo "状态机测试失败"
FAILED=1
fi
# AI 模块测试失败视为阻塞
if [ "${{ needs.ai-unit-test.result }}" == "failure" ]; then
echo "AI 模块单元测试失败"
FAILED=1
fi
# 多租户安全审计(红线 1)
if [ "${{ needs.tenant-security-audit.result }}" == "failure" ]; then
echo "多租户安全审计失败 - CRITICAL 数据安全风险"
FAILED=1
fi
# Kafka 事件审计(红线 3)
if [ "${{ needs.kafka-event-audit.result }}" == "failure" ]; then
echo "Kafka 事件审计失败 - 审计链断裂风险"
FAILED=1
fi
# 依赖安全扫描
if [ "${{ needs.dependency-security-scan.result }}" == "failure" ]; then
echo "依赖安全扫描失败 - 存在 high/critical 漏洞"
FAILED=1
fi
if [ $FAILED -eq 1 ]; then
echo ""
echo "质量门禁未通过"
exit 1
fi
echo "质量门禁通过"
- if: github.event_name == 'pull_request' && always()
name: PR 评论质量报告
uses: actions/github-script@v7
with:
script: |
const results = {
backendBuild: '${{ needs.backend-build.result }}',
frontendBuild: '${{ needs.frontend-build.result }}',
backendUnit: '${{ needs.backend-unit-test.result }}',
backendApi: '${{ needs.backend-api-test.result }}',
frontendUnit: '${{ needs.frontend-unit-test.result }}',
stateMachine: '${{ needs.state-machine-test.result }}',
aiUnit: '${{ needs.ai-unit-test.result }}',
aiApi: '${{ needs.ai-api-test.result }}',
tenantAudit: '${{ needs.tenant-security-audit.result }}',
kafkaAudit: '${{ needs.kafka-event-audit.result }}',
depScan: '${{ needs.dependency-security-scan.result }}',
};
const icon = (r) => r === 'success' ? '✅' : r === 'failure' ? '❌' : '⏭️';
const allPassed = !Object.values(results).some(r => r === 'failure');
const body = [
`## ${allPassed ? '✅' : '❌'} Test Pipeline 质量门禁`,
'',
'| 检查项 | 状态 |',
'|--------|------|',
`| 后端构建 | ${icon(results.backendBuild)} |`,
`| 前端构建 | ${icon(results.frontendBuild)} |`,
`| 后端单元测试 | ${icon(results.backendUnit)} |`,
`| 后端 API 测试 | ${icon(results.backendApi)} |`,
`| 前端单元测试 | ${icon(results.frontendUnit)} |`,
`| 状态机测试 | ${icon(results.stateMachine)} |`,
`| AI 单元测试 | ${icon(results.aiUnit)} |`,
`| AI API 测试 | ${icon(results.aiApi)} |`,
`| 多租户审计 | ${icon(results.tenantAudit)} |`,
`| Kafka 审计 | ${icon(results.kafkaAudit)} |`,
`| 依赖扫描 | ${icon(results.depScan)} |`,
'',
allPassed ? '**所有门禁通过,可以合并!**' : '**门禁未通过,请修复问题后重新提交。**',
].join('\n');
const { data: comments } = await github.rest.issues.listComments({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo
});
const existing = comments.find(c =>
c.user.type === 'Bot' && c.body.includes('Test Pipeline 质量门禁')
);
if (existing) {
await github.rest.issues.updateComment({
comment_id: existing.id,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
});
} else {
await github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
});
}
...
|
quality-gate
|
["backend-unit-test","backend-api-test ["backend-unit-test","backend-api-test","backend-build","frontend-unit-test","frontend-build","state-machine-test","ai-unit-test","ai-api-test","tenant-security-audit","kafka-event-audit","dependency-security-scan","governance-baseline"]...
|
["ubuntu-latest"]
|
22331
|
1
|
1777609984
|
1777609986
|
1777597470
|
1777609986
|
|
1
|
|
0
|
Edit
Delete
|
|
26034
|
19100
|
6
|
5
|
6845ebac54cb057c62116944a21c3a04b78708bf
|
0
|
质量门禁
|
1
|
name: Test Pipeline
"on":
push:
name: Test Pipeline
"on":
push:
branches: [main, develop, 'feature/**', 'claude/**']
pull_request:
branches: [main, develop]
workflow_dispatch:
inputs:
coverage_threshold:
description: '覆盖率阈值 (%)'
required: false
default: '80'
run_ai_tests:
description: '运行 AI 模块测试'
required: false
default: 'true'
type: boolean
run_api_tests:
description: '运行 API 集成测试'
required: false
default: 'true'
type: boolean
run_security_audit:
description: '运行安全审计'
required: false
default: 'true'
type: boolean
env:
COVERAGE_THRESHOLD: ${{ github.event.inputs.coverage_threshold || '80' }}
NODE_VERSION: "20"
PNPM_VERSION: "8"
jobs:
quality-gate:
name: 质量门禁
runs-on: ubuntu-latest
if: always()
steps:
- name: 生成流水线报告
run: |
echo "## Test Pipeline 结果" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**分支**: \`${{ github.ref_name }}\`" >> $GITHUB_STEP_SUMMARY
echo "**提交**: \`${{ github.sha }}\`" >> $GITHUB_STEP_SUMMARY
echo "**触发者**: ${{ github.actor }}" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 静态检查 + 构建" >> $GITHUB_STEP_SUMMARY
echo "| 检查项 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|--------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 后端构建 | ${{ needs.backend-build.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 前端构建 | ${{ needs.frontend-build.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 测试" >> $GITHUB_STEP_SUMMARY
echo "| 测试套件 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|----------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 后端单元测试 (4 分片) | ${{ needs.backend-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 后端 API 集成测试 | ${{ needs.backend-api-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 前端单元测试 | ${{ needs.frontend-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 状态机测试 | ${{ needs.state-machine-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| AI 模块单元测试 | ${{ needs.ai-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| AI 模块 API 测试 | ${{ needs.ai-api-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 安全审计" >> $GITHUB_STEP_SUMMARY
echo "| 审计项 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|--------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 多租户安全审计 | ${{ needs.tenant-security-audit.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| Kafka 事件审计 | ${{ needs.kafka-event-audit.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 依赖安全扫描 | ${{ needs.dependency-security-scan.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 治理基线 | ${{ needs.governance-baseline.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
- name: 门禁裁决
run: |
FAILED=0
# 构建必须通过
for job in "${{ needs.backend-build.result }}" "${{ needs.frontend-build.result }}"; do
if [ "$job" == "failure" ]; then
echo "构建失败"
FAILED=1
fi
done
# 单元测试必须通过
for job in "${{ needs.backend-unit-test.result }}" "${{ needs.frontend-unit-test.result }}"; do
if [ "$job" == "failure" ]; then
echo "单元测试失败"
FAILED=1
fi
done
# 状态机测试必须通过
if [ "${{ needs.state-machine-test.result }}" == "failure" ]; then
echo "状态机测试失败"
FAILED=1
fi
# AI 模块测试失败视为阻塞
if [ "${{ needs.ai-unit-test.result }}" == "failure" ]; then
echo "AI 模块单元测试失败"
FAILED=1
fi
# 多租户安全审计(红线 1)
if [ "${{ needs.tenant-security-audit.result }}" == "failure" ]; then
echo "多租户安全审计失败 - CRITICAL 数据安全风险"
FAILED=1
fi
# Kafka 事件审计(红线 3)
if [ "${{ needs.kafka-event-audit.result }}" == "failure" ]; then
echo "Kafka 事件审计失败 - 审计链断裂风险"
FAILED=1
fi
# 依赖安全扫描
if [ "${{ needs.dependency-security-scan.result }}" == "failure" ]; then
echo "依赖安全扫描失败 - 存在 high/critical 漏洞"
FAILED=1
fi
if [ $FAILED -eq 1 ]; then
echo ""
echo "质量门禁未通过"
exit 1
fi
echo "质量门禁通过"
- if: github.event_name == 'pull_request' && always()
name: PR 评论质量报告
uses: actions/github-script@v7
with:
script: |
const results = {
backendBuild: '${{ needs.backend-build.result }}',
frontendBuild: '${{ needs.frontend-build.result }}',
backendUnit: '${{ needs.backend-unit-test.result }}',
backendApi: '${{ needs.backend-api-test.result }}',
frontendUnit: '${{ needs.frontend-unit-test.result }}',
stateMachine: '${{ needs.state-machine-test.result }}',
aiUnit: '${{ needs.ai-unit-test.result }}',
aiApi: '${{ needs.ai-api-test.result }}',
tenantAudit: '${{ needs.tenant-security-audit.result }}',
kafkaAudit: '${{ needs.kafka-event-audit.result }}',
depScan: '${{ needs.dependency-security-scan.result }}',
};
const icon = (r) => r === 'success' ? '✅' : r === 'failure' ? '❌' : '⏭️';
const allPassed = !Object.values(results).some(r => r === 'failure');
const body = [
`## ${allPassed ? '✅' : '❌'} Test Pipeline 质量门禁`,
'',
'| 检查项 | 状态 |',
'|--------|------|',
`| 后端构建 | ${icon(results.backendBuild)} |`,
`| 前端构建 | ${icon(results.frontendBuild)} |`,
`| 后端单元测试 | ${icon(results.backendUnit)} |`,
`| 后端 API 测试 | ${icon(results.backendApi)} |`,
`| 前端单元测试 | ${icon(results.frontendUnit)} |`,
`| 状态机测试 | ${icon(results.stateMachine)} |`,
`| AI 单元测试 | ${icon(results.aiUnit)} |`,
`| AI API 测试 | ${icon(results.aiApi)} |`,
`| 多租户审计 | ${icon(results.tenantAudit)} |`,
`| Kafka 审计 | ${icon(results.kafkaAudit)} |`,
`| 依赖扫描 | ${icon(results.depScan)} |`,
'',
allPassed ? '**所有门禁通过,可以合并!**' : '**门禁未通过,请修复问题后重新提交。**',
].join('\n');
const { data: comments } = await github.rest.issues.listComments({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo
});
const existing = comments.find(c =>
c.user.type === 'Bot' && c.body.includes('Test Pipeline 质量门禁')
);
if (existing) {
await github.rest.issues.updateComment({
comment_id: existing.id,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
});
} else {
await github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
});
}
...
|
quality-gate
|
["backend-unit-test","backend-api-test ["backend-unit-test","backend-api-test","backend-build","frontend-unit-test","frontend-build","state-machine-test","ai-unit-test","ai-api-test","tenant-security-audit","kafka-event-audit","dependency-security-scan","governance-baseline"]...
|
["ubuntu-latest"]
|
22332
|
1
|
1777609987
|
1777609989
|
1777597572
|
1777609990
|
|
1
|
|
0
|
Edit
Delete
|
|
29504
|
22435
|
6
|
5
|
cf8ca525a24f7e8f7f02481cf1c6e72f68c3788a
|
0
|
质量门禁
|
1
|
name: Test Pipeline
"on":
push:
name: Test Pipeline
"on":
push:
branches: [main, develop, 'feature/**', 'claude/**']
pull_request:
branches: [main, develop]
workflow_dispatch:
inputs:
coverage_threshold:
description: '覆盖率阈值 (%)'
required: false
default: '80'
run_ai_tests:
description: '运行 AI 模块测试'
required: false
default: 'true'
type: boolean
run_api_tests:
description: '运行 API 集成测试'
required: false
default: 'true'
type: boolean
run_security_audit:
description: '运行安全审计'
required: false
default: 'true'
type: boolean
env:
COVERAGE_THRESHOLD: ${{ github.event.inputs.coverage_threshold || '80' }}
NODE_VERSION: "20"
PNPM_VERSION: "8"
jobs:
quality-gate:
name: 质量门禁
runs-on: ubuntu-latest
if: always()
steps:
- name: 生成流水线报告
run: |
echo "## Test Pipeline 结果" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**分支**: \`${{ github.ref_name }}\`" >> $GITHUB_STEP_SUMMARY
echo "**提交**: \`${{ github.sha }}\`" >> $GITHUB_STEP_SUMMARY
echo "**触发者**: ${{ github.actor }}" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 静态检查 + 构建" >> $GITHUB_STEP_SUMMARY
echo "| 检查项 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|--------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 后端构建 | ${{ needs.backend-build.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 前端构建 | ${{ needs.frontend-build.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 测试" >> $GITHUB_STEP_SUMMARY
echo "| 测试套件 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|----------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 后端单元测试 (4 分片) | ${{ needs.backend-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 后端 API 集成测试 | ${{ needs.backend-api-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 前端单元测试 | ${{ needs.frontend-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 状态机测试 | ${{ needs.state-machine-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| AI 模块单元测试 | ${{ needs.ai-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| AI 模块 API 测试 | ${{ needs.ai-api-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 安全审计" >> $GITHUB_STEP_SUMMARY
echo "| 审计项 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|--------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 多租户安全审计 | ${{ needs.tenant-security-audit.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| Kafka 事件审计 | ${{ needs.kafka-event-audit.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 依赖安全扫描 | ${{ needs.dependency-security-scan.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 治理基线 | ${{ needs.governance-baseline.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
- name: 门禁裁决
run: |
FAILED=0
# 构建必须通过
for job in "${{ needs.backend-build.result }}" "${{ needs.frontend-build.result }}"; do
if [ "$job" == "failure" ]; then
echo "构建失败"
FAILED=1
fi
done
# 单元测试必须通过
for job in "${{ needs.backend-unit-test.result }}" "${{ needs.frontend-unit-test.result }}"; do
if [ "$job" == "failure" ]; then
echo "单元测试失败"
FAILED=1
fi
done
# 状态机测试必须通过
if [ "${{ needs.state-machine-test.result }}" == "failure" ]; then
echo "状态机测试失败"
FAILED=1
fi
# AI 模块测试失败视为阻塞
if [ "${{ needs.ai-unit-test.result }}" == "failure" ]; then
echo "AI 模块单元测试失败"
FAILED=1
fi
# 多租户安全审计(红线 1)
if [ "${{ needs.tenant-security-audit.result }}" == "failure" ]; then
echo "多租户安全审计失败 - CRITICAL 数据安全风险"
FAILED=1
fi
# Kafka 事件审计(红线 3)
if [ "${{ needs.kafka-event-audit.result }}" == "failure" ]; then
echo "Kafka 事件审计失败 - 审计链断裂风险"
FAILED=1
fi
# 依赖安全扫描
if [ "${{ needs.dependency-security-scan.result }}" == "failure" ]; then
echo "依赖安全扫描失败 - 存在 high/critical 漏洞"
FAILED=1
fi
if [ $FAILED -eq 1 ]; then
echo ""
echo "质量门禁未通过"
exit 1
fi
echo "质量门禁通过"
- if: github.event_name == 'pull_request' && always()
name: PR 评论质量报告
uses: actions/github-script@v7
with:
script: |
const results = {
backendBuild: '${{ needs.backend-build.result }}',
frontendBuild: '${{ needs.frontend-build.result }}',
backendUnit: '${{ needs.backend-unit-test.result }}',
backendApi: '${{ needs.backend-api-test.result }}',
frontendUnit: '${{ needs.frontend-unit-test.result }}',
stateMachine: '${{ needs.state-machine-test.result }}',
aiUnit: '${{ needs.ai-unit-test.result }}',
aiApi: '${{ needs.ai-api-test.result }}',
tenantAudit: '${{ needs.tenant-security-audit.result }}',
kafkaAudit: '${{ needs.kafka-event-audit.result }}',
depScan: '${{ needs.dependency-security-scan.result }}',
};
const icon = (r) => r === 'success' ? '✅' : r === 'failure' ? '❌' : '⏭️';
const allPassed = !Object.values(results).some(r => r === 'failure');
const body = [
`## ${allPassed ? '✅' : '❌'} Test Pipeline 质量门禁`,
'',
'| 检查项 | 状态 |',
'|--------|------|',
`| 后端构建 | ${icon(results.backendBuild)} |`,
`| 前端构建 | ${icon(results.frontendBuild)} |`,
`| 后端单元测试 | ${icon(results.backendUnit)} |`,
`| 后端 API 测试 | ${icon(results.backendApi)} |`,
`| 前端单元测试 | ${icon(results.frontendUnit)} |`,
`| 状态机测试 | ${icon(results.stateMachine)} |`,
`| AI 单元测试 | ${icon(results.aiUnit)} |`,
`| AI API 测试 | ${icon(results.aiApi)} |`,
`| 多租户审计 | ${icon(results.tenantAudit)} |`,
`| Kafka 审计 | ${icon(results.kafkaAudit)} |`,
`| 依赖扫描 | ${icon(results.depScan)} |`,
'',
allPassed ? '**所有门禁通过,可以合并!**' : '**门禁未通过,请修复问题后重新提交。**',
].join('\n');
const { data: comments } = await github.rest.issues.listComments({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo
});
const existing = comments.find(c =>
c.user.type === 'Bot' && c.body.includes('Test Pipeline 质量门禁')
);
if (existing) {
await github.rest.issues.updateComment({
comment_id: existing.id,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
});
} else {
await github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
});
}
...
|
quality-gate
|
["backend-unit-test","backend-api-test ["backend-unit-test","backend-api-test","backend-build","frontend-unit-test","frontend-build","state-machine-test","ai-unit-test","ai-api-test","tenant-security-audit","kafka-event-audit","dependency-security-scan","governance-baseline"]...
|
["ubuntu-latest"]
|
25792
|
1
|
1778609631
|
1778609632
|
1778598489
|
1778609632
|
|
1
|
|
0
|
Edit
Delete
|
|
29627
|
22503
|
6
|
5
|
cf8ca525a24f7e8f7f02481cf1c6e72f68c3788a
|
0
|
质量门禁
|
1
|
name: Test Pipeline
"on":
push:
name: Test Pipeline
"on":
push:
branches: [main, develop, 'feature/**', 'claude/**']
pull_request:
branches: [main, develop]
workflow_dispatch:
inputs:
coverage_threshold:
description: '覆盖率阈值 (%)'
required: false
default: '80'
run_ai_tests:
description: '运行 AI 模块测试'
required: false
default: 'true'
type: boolean
run_api_tests:
description: '运行 API 集成测试'
required: false
default: 'true'
type: boolean
run_security_audit:
description: '运行安全审计'
required: false
default: 'true'
type: boolean
env:
COVERAGE_THRESHOLD: ${{ github.event.inputs.coverage_threshold || '80' }}
NODE_VERSION: "20"
PNPM_VERSION: "8"
jobs:
quality-gate:
name: 质量门禁
runs-on: ubuntu-latest
if: always()
steps:
- name: 生成流水线报告
run: |
echo "## Test Pipeline 结果" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**分支**: \`${{ github.ref_name }}\`" >> $GITHUB_STEP_SUMMARY
echo "**提交**: \`${{ github.sha }}\`" >> $GITHUB_STEP_SUMMARY
echo "**触发者**: ${{ github.actor }}" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 静态检查 + 构建" >> $GITHUB_STEP_SUMMARY
echo "| 检查项 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|--------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 后端构建 | ${{ needs.backend-build.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 前端构建 | ${{ needs.frontend-build.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 测试" >> $GITHUB_STEP_SUMMARY
echo "| 测试套件 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|----------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 后端单元测试 (4 分片) | ${{ needs.backend-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 后端 API 集成测试 | ${{ needs.backend-api-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 前端单元测试 | ${{ needs.frontend-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 状态机测试 | ${{ needs.state-machine-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| AI 模块单元测试 | ${{ needs.ai-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| AI 模块 API 测试 | ${{ needs.ai-api-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 安全审计" >> $GITHUB_STEP_SUMMARY
echo "| 审计项 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|--------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 多租户安全审计 | ${{ needs.tenant-security-audit.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| Kafka 事件审计 | ${{ needs.kafka-event-audit.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 依赖安全扫描 | ${{ needs.dependency-security-scan.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 治理基线 | ${{ needs.governance-baseline.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
- name: 门禁裁决
run: |
FAILED=0
# 构建必须通过
for job in "${{ needs.backend-build.result }}" "${{ needs.frontend-build.result }}"; do
if [ "$job" == "failure" ]; then
echo "构建失败"
FAILED=1
fi
done
# 单元测试必须通过
for job in "${{ needs.backend-unit-test.result }}" "${{ needs.frontend-unit-test.result }}"; do
if [ "$job" == "failure" ]; then
echo "单元测试失败"
FAILED=1
fi
done
# 状态机测试必须通过
if [ "${{ needs.state-machine-test.result }}" == "failure" ]; then
echo "状态机测试失败"
FAILED=1
fi
# AI 模块测试失败视为阻塞
if [ "${{ needs.ai-unit-test.result }}" == "failure" ]; then
echo "AI 模块单元测试失败"
FAILED=1
fi
# 多租户安全审计(红线 1)
if [ "${{ needs.tenant-security-audit.result }}" == "failure" ]; then
echo "多租户安全审计失败 - CRITICAL 数据安全风险"
FAILED=1
fi
# Kafka 事件审计(红线 3)
if [ "${{ needs.kafka-event-audit.result }}" == "failure" ]; then
echo "Kafka 事件审计失败 - 审计链断裂风险"
FAILED=1
fi
# 依赖安全扫描
if [ "${{ needs.dependency-security-scan.result }}" == "failure" ]; then
echo "依赖安全扫描失败 - 存在 high/critical 漏洞"
FAILED=1
fi
if [ $FAILED -eq 1 ]; then
echo ""
echo "质量门禁未通过"
exit 1
fi
echo "质量门禁通过"
- if: github.event_name == 'pull_request' && always()
name: PR 评论质量报告
uses: actions/github-script@v7
with:
script: |
const results = {
backendBuild: '${{ needs.backend-build.result }}',
frontendBuild: '${{ needs.frontend-build.result }}',
backendUnit: '${{ needs.backend-unit-test.result }}',
backendApi: '${{ needs.backend-api-test.result }}',
frontendUnit: '${{ needs.frontend-unit-test.result }}',
stateMachine: '${{ needs.state-machine-test.result }}',
aiUnit: '${{ needs.ai-unit-test.result }}',
aiApi: '${{ needs.ai-api-test.result }}',
tenantAudit: '${{ needs.tenant-security-audit.result }}',
kafkaAudit: '${{ needs.kafka-event-audit.result }}',
depScan: '${{ needs.dependency-security-scan.result }}',
};
const icon = (r) => r === 'success' ? '✅' : r === 'failure' ? '❌' : '⏭️';
const allPassed = !Object.values(results).some(r => r === 'failure');
const body = [
`## ${allPassed ? '✅' : '❌'} Test Pipeline 质量门禁`,
'',
'| 检查项 | 状态 |',
'|--------|------|',
`| 后端构建 | ${icon(results.backendBuild)} |`,
`| 前端构建 | ${icon(results.frontendBuild)} |`,
`| 后端单元测试 | ${icon(results.backendUnit)} |`,
`| 后端 API 测试 | ${icon(results.backendApi)} |`,
`| 前端单元测试 | ${icon(results.frontendUnit)} |`,
`| 状态机测试 | ${icon(results.stateMachine)} |`,
`| AI 单元测试 | ${icon(results.aiUnit)} |`,
`| AI API 测试 | ${icon(results.aiApi)} |`,
`| 多租户审计 | ${icon(results.tenantAudit)} |`,
`| Kafka 审计 | ${icon(results.kafkaAudit)} |`,
`| 依赖扫描 | ${icon(results.depScan)} |`,
'',
allPassed ? '**所有门禁通过,可以合并!**' : '**门禁未通过,请修复问题后重新提交。**',
].join('\n');
const { data: comments } = await github.rest.issues.listComments({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo
});
const existing = comments.find(c =>
c.user.type === 'Bot' && c.body.includes('Test Pipeline 质量门禁')
);
if (existing) {
await github.rest.issues.updateComment({
comment_id: existing.id,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
});
} else {
await github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
});
}
...
|
quality-gate
|
["backend-unit-test","backend-api-test ["backend-unit-test","backend-api-test","backend-build","frontend-unit-test","frontend-build","state-machine-test","ai-unit-test","ai-api-test","tenant-security-audit","kafka-event-audit","dependency-security-scan","governance-baseline"]...
|
["ubuntu-latest"]
|
25947
|
2
|
1778643704
|
1778643735
|
1778624145
|
1778643735
|
|
1
|
|
0
|
Edit
Delete
|
|
29650
|
22504
|
6
|
5
|
501c3efd550add8ef7a9b2a306f4641141eabec8
|
0
|
质量门禁
|
1
|
name: Test Pipeline
"on":
push:
name: Test Pipeline
"on":
push:
branches: [main, develop, 'feature/**', 'claude/**']
pull_request:
branches: [main, develop]
workflow_dispatch:
inputs:
coverage_threshold:
description: '覆盖率阈值 (%)'
required: false
default: '80'
run_ai_tests:
description: '运行 AI 模块测试'
required: false
default: 'true'
type: boolean
run_api_tests:
description: '运行 API 集成测试'
required: false
default: 'true'
type: boolean
run_security_audit:
description: '运行安全审计'
required: false
default: 'true'
type: boolean
env:
COVERAGE_THRESHOLD: ${{ github.event.inputs.coverage_threshold || '80' }}
NODE_OPTIONS: --max-old-space-size=8192
NODE_VERSION: "20"
PNPM_VERSION: "8"
jobs:
quality-gate:
name: 质量门禁
runs-on: ubuntu-latest
if: always()
steps:
- name: 生成流水线报告
run: |
echo "## Test Pipeline 结果" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**分支**: \`${{ github.ref_name }}\`" >> $GITHUB_STEP_SUMMARY
echo "**提交**: \`${{ github.sha }}\`" >> $GITHUB_STEP_SUMMARY
echo "**触发者**: ${{ github.actor }}" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 静态检查 + 构建" >> $GITHUB_STEP_SUMMARY
echo "| 检查项 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|--------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 后端构建 | ${{ needs.backend-build.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 前端构建 | ${{ needs.frontend-build.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 测试" >> $GITHUB_STEP_SUMMARY
echo "| 测试套件 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|----------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 后端单元测试 (4 分片) | ${{ needs.backend-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 后端 API 集成测试 | ${{ needs.backend-api-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 前端单元测试 | ${{ needs.frontend-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 状态机测试 | ${{ needs.state-machine-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| AI 模块单元测试 | ${{ needs.ai-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| AI 模块 API 测试 | ${{ needs.ai-api-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 安全审计" >> $GITHUB_STEP_SUMMARY
echo "| 审计项 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|--------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 多租户安全审计 | ${{ needs.tenant-security-audit.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| Kafka 事件审计 | ${{ needs.kafka-event-audit.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 依赖安全扫描 | ${{ needs.dependency-security-scan.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 治理基线 | ${{ needs.governance-baseline.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
- name: 门禁裁决
run: |
FAILED=0
# 构建必须通过
for job in "${{ needs.backend-build.result }}" "${{ needs.frontend-build.result }}"; do
if [ "$job" == "failure" ]; then
echo "构建失败"
FAILED=1
fi
done
# 单元测试必须通过
for job in "${{ needs.backend-unit-test.result }}" "${{ needs.frontend-unit-test.result }}"; do
if [ "$job" == "failure" ]; then
echo "单元测试失败"
FAILED=1
fi
done
# 状态机测试必须通过
if [ "${{ needs.state-machine-test.result }}" == "failure" ]; then
echo "状态机测试失败"
FAILED=1
fi
# AI 模块测试失败视为阻塞
if [ "${{ needs.ai-unit-test.result }}" == "failure" ]; then
echo "AI 模块单元测试失败"
FAILED=1
fi
# 多租户安全审计(红线 1)
if [ "${{ needs.tenant-security-audit.result }}" == "failure" ]; then
echo "多租户安全审计失败 - CRITICAL 数据安全风险"
FAILED=1
fi
# Kafka 事件审计(红线 3)
if [ "${{ needs.kafka-event-audit.result }}" == "failure" ]; then
echo "Kafka 事件审计失败 - 审计链断裂风险"
FAILED=1
fi
# 依赖安全扫描
if [ "${{ needs.dependency-security-scan.result }}" == "failure" ]; then
echo "依赖安全扫描失败 - 存在 high/critical 漏洞"
FAILED=1
fi
if [ $FAILED -eq 1 ]; then
echo ""
echo "质量门禁未通过"
exit 1
fi
echo "质量门禁通过"
- if: github.event_name == 'pull_request' && always()
name: PR 评论质量报告
uses: actions/github-script@v7
with:
script: |
const results = {
backendBuild: '${{ needs.backend-build.result }}',
frontendBuild: '${{ needs.frontend-build.result }}',
backendUnit: '${{ needs.backend-unit-test.result }}',
backendApi: '${{ needs.backend-api-test.result }}',
frontendUnit: '${{ needs.frontend-unit-test.result }}',
stateMachine: '${{ needs.state-machine-test.result }}',
aiUnit: '${{ needs.ai-unit-test.result }}',
aiApi: '${{ needs.ai-api-test.result }}',
tenantAudit: '${{ needs.tenant-security-audit.result }}',
kafkaAudit: '${{ needs.kafka-event-audit.result }}',
depScan: '${{ needs.dependency-security-scan.result }}',
};
const icon = (r) => r === 'success' ? '✅' : r === 'failure' ? '❌' : '⏭️';
const allPassed = !Object.values(results).some(r => r === 'failure');
const body = [
`## ${allPassed ? '✅' : '❌'} Test Pipeline 质量门禁`,
'',
'| 检查项 | 状态 |',
'|--------|------|',
`| 后端构建 | ${icon(results.backendBuild)} |`,
`| 前端构建 | ${icon(results.frontendBuild)} |`,
`| 后端单元测试 | ${icon(results.backendUnit)} |`,
`| 后端 API 测试 | ${icon(results.backendApi)} |`,
`| 前端单元测试 | ${icon(results.frontendUnit)} |`,
`| 状态机测试 | ${icon(results.stateMachine)} |`,
`| AI 单元测试 | ${icon(results.aiUnit)} |`,
`| AI API 测试 | ${icon(results.aiApi)} |`,
`| 多租户审计 | ${icon(results.tenantAudit)} |`,
`| Kafka 审计 | ${icon(results.kafkaAudit)} |`,
`| 依赖扫描 | ${icon(results.depScan)} |`,
'',
allPassed ? '**所有门禁通过,可以合并!**' : '**门禁未通过,请修复问题后重新提交。**',
].join('\n');
const { data: comments } = await github.rest.issues.listComments({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo
});
const existing = comments.find(c =>
c.user.type === 'Bot' && c.body.includes('Test Pipeline 质量门禁')
);
if (existing) {
await github.rest.issues.updateComment({
comment_id: existing.id,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
});
} else {
await github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
});
}
permissions:
contents: read
pull-requests: read # dorny/paths-filter@v3 读取 PR 文件列表
checks: write
issues: write # github-script@v7 在 PR 评论质量报告
...
|
quality-gate
|
["backend-unit-test","backend-api-test ["backend-unit-test","backend-api-test","backend-build","frontend-unit-test","frontend-build","state-machine-test","ai-unit-test","ai-api-test","tenant-security-audit","kafka-event-audit","dependency-security-scan","governance-baseline"]...
|
["ubuntu-latest"]
|
25953
|
1
|
1778643747
|
1778643750
|
1778624230
|
1778643750
|
|
1
|
|
0
|
Edit
Delete
|
|
29673
|
22505
|
6
|
5
|
75c32172af80b8afc83b0c684b9d65fba5cf9d7e
|
0
|
质量门禁
|
1
|
name: Test Pipeline
"on":
push:
name: Test Pipeline
"on":
push:
branches: [main, develop, 'feature/**', 'claude/**']
pull_request:
branches: [main, develop]
workflow_dispatch:
inputs:
coverage_threshold:
description: '覆盖率阈值 (%)'
required: false
default: '80'
run_ai_tests:
description: '运行 AI 模块测试'
required: false
default: 'true'
type: boolean
run_api_tests:
description: '运行 API 集成测试'
required: false
default: 'true'
type: boolean
run_security_audit:
description: '运行安全审计'
required: false
default: 'true'
type: boolean
env:
COVERAGE_THRESHOLD: ${{ github.event.inputs.coverage_threshold || '80' }}
NODE_VERSION: "20"
PNPM_VERSION: "8"
jobs:
quality-gate:
name: 质量门禁
runs-on: ubuntu-latest
if: always()
steps:
- name: 生成流水线报告
run: |
echo "## Test Pipeline 结果" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**分支**: \`${{ github.ref_name }}\`" >> $GITHUB_STEP_SUMMARY
echo "**提交**: \`${{ github.sha }}\`" >> $GITHUB_STEP_SUMMARY
echo "**触发者**: ${{ github.actor }}" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 静态检查 + 构建" >> $GITHUB_STEP_SUMMARY
echo "| 检查项 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|--------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 后端构建 | ${{ needs.backend-build.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 前端构建 | ${{ needs.frontend-build.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 测试" >> $GITHUB_STEP_SUMMARY
echo "| 测试套件 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|----------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 后端单元测试 (4 分片) | ${{ needs.backend-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 后端 API 集成测试 | ${{ needs.backend-api-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 前端单元测试 | ${{ needs.frontend-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 状态机测试 | ${{ needs.state-machine-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| AI 模块单元测试 | ${{ needs.ai-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| AI 模块 API 测试 | ${{ needs.ai-api-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 安全审计" >> $GITHUB_STEP_SUMMARY
echo "| 审计项 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|--------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 多租户安全审计 | ${{ needs.tenant-security-audit.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| Kafka 事件审计 | ${{ needs.kafka-event-audit.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 依赖安全扫描 | ${{ needs.dependency-security-scan.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 治理基线 | ${{ needs.governance-baseline.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
- name: 门禁裁决
run: |
FAILED=0
# 构建必须通过
for job in "${{ needs.backend-build.result }}" "${{ needs.frontend-build.result }}"; do
if [ "$job" == "failure" ]; then
echo "构建失败"
FAILED=1
fi
done
# 单元测试必须通过
for job in "${{ needs.backend-unit-test.result }}" "${{ needs.frontend-unit-test.result }}"; do
if [ "$job" == "failure" ]; then
echo "单元测试失败"
FAILED=1
fi
done
# 状态机测试必须通过
if [ "${{ needs.state-machine-test.result }}" == "failure" ]; then
echo "状态机测试失败"
FAILED=1
fi
# AI 模块测试失败视为阻塞
if [ "${{ needs.ai-unit-test.result }}" == "failure" ]; then
echo "AI 模块单元测试失败"
FAILED=1
fi
# 多租户安全审计(红线 1)
if [ "${{ needs.tenant-security-audit.result }}" == "failure" ]; then
echo "多租户安全审计失败 - CRITICAL 数据安全风险"
FAILED=1
fi
# Kafka 事件审计(红线 3)
if [ "${{ needs.kafka-event-audit.result }}" == "failure" ]; then
echo "Kafka 事件审计失败 - 审计链断裂风险"
FAILED=1
fi
# 依赖安全扫描
if [ "${{ needs.dependency-security-scan.result }}" == "failure" ]; then
echo "依赖安全扫描失败 - 存在 high/critical 漏洞"
FAILED=1
fi
if [ $FAILED -eq 1 ]; then
echo ""
echo "质量门禁未通过"
exit 1
fi
echo "质量门禁通过"
- if: github.event_name == 'pull_request' && always()
name: PR 评论质量报告
uses: actions/github-script@v7
with:
script: |
const results = {
backendBuild: '${{ needs.backend-build.result }}',
frontendBuild: '${{ needs.frontend-build.result }}',
backendUnit: '${{ needs.backend-unit-test.result }}',
backendApi: '${{ needs.backend-api-test.result }}',
frontendUnit: '${{ needs.frontend-unit-test.result }}',
stateMachine: '${{ needs.state-machine-test.result }}',
aiUnit: '${{ needs.ai-unit-test.result }}',
aiApi: '${{ needs.ai-api-test.result }}',
tenantAudit: '${{ needs.tenant-security-audit.result }}',
kafkaAudit: '${{ needs.kafka-event-audit.result }}',
depScan: '${{ needs.dependency-security-scan.result }}',
};
const icon = (r) => r === 'success' ? '✅' : r === 'failure' ? '❌' : '⏭️';
const allPassed = !Object.values(results).some(r => r === 'failure');
const body = [
`## ${allPassed ? '✅' : '❌'} Test Pipeline 质量门禁`,
'',
'| 检查项 | 状态 |',
'|--------|------|',
`| 后端构建 | ${icon(results.backendBuild)} |`,
`| 前端构建 | ${icon(results.frontendBuild)} |`,
`| 后端单元测试 | ${icon(results.backendUnit)} |`,
`| 后端 API 测试 | ${icon(results.backendApi)} |`,
`| 前端单元测试 | ${icon(results.frontendUnit)} |`,
`| 状态机测试 | ${icon(results.stateMachine)} |`,
`| AI 单元测试 | ${icon(results.aiUnit)} |`,
`| AI API 测试 | ${icon(results.aiApi)} |`,
`| 多租户审计 | ${icon(results.tenantAudit)} |`,
`| Kafka 审计 | ${icon(results.kafkaAudit)} |`,
`| 依赖扫描 | ${icon(results.depScan)} |`,
'',
allPassed ? '**所有门禁通过,可以合并!**' : '**门禁未通过,请修复问题后重新提交。**',
].join('\n');
const { data: comments } = await github.rest.issues.listComments({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo
});
const existing = comments.find(c =>
c.user.type === 'Bot' && c.body.includes('Test Pipeline 质量门禁')
);
if (existing) {
await github.rest.issues.updateComment({
comment_id: existing.id,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
});
} else {
await github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
});
}
...
|
quality-gate
|
["backend-unit-test","backend-api-test ["backend-unit-test","backend-api-test","backend-build","frontend-unit-test","frontend-build","state-machine-test","ai-unit-test","ai-api-test","tenant-security-audit","kafka-event-audit","dependency-security-scan","governance-baseline"]...
|
["ubuntu-latest"]
|
25954
|
1
|
1778643751
|
1778643752
|
1778624232
|
1778643752
|
|
1
|
|
0
|
Edit
Delete
|
|
29713
|
22511
|
6
|
5
|
534799e0b1707368df37aff7b3df545a6ca1064a
|
0
|
质量门禁
|
1
|
name: Test Pipeline
"on":
push:
name: Test Pipeline
"on":
push:
branches: [main, develop, 'feature/**', 'claude/**']
pull_request:
branches: [main, develop]
workflow_dispatch:
inputs:
coverage_threshold:
description: '覆盖率阈值 (%)'
required: false
default: '80'
run_ai_tests:
description: '运行 AI 模块测试'
required: false
default: 'true'
type: boolean
run_api_tests:
description: '运行 API 集成测试'
required: false
default: 'true'
type: boolean
run_security_audit:
description: '运行安全审计'
required: false
default: 'true'
type: boolean
env:
COVERAGE_THRESHOLD: ${{ github.event.inputs.coverage_threshold || '80' }}
NODE_OPTIONS: --max-old-space-size=8192
NODE_VERSION: "20"
PNPM_VERSION: "8"
jobs:
quality-gate:
name: 质量门禁
runs-on: ubuntu-latest
if: always()
steps:
- name: 生成流水线报告
run: |
echo "## Test Pipeline 结果" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**分支**: \`${{ github.ref_name }}\`" >> $GITHUB_STEP_SUMMARY
echo "**提交**: \`${{ github.sha }}\`" >> $GITHUB_STEP_SUMMARY
echo "**触发者**: ${{ github.actor }}" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 静态检查 + 构建" >> $GITHUB_STEP_SUMMARY
echo "| 检查项 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|--------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 后端构建 | ${{ needs.backend-build.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 前端构建 | ${{ needs.frontend-build.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 测试" >> $GITHUB_STEP_SUMMARY
echo "| 测试套件 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|----------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 后端单元测试 (4 分片) | ${{ needs.backend-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 后端 API 集成测试 | ${{ needs.backend-api-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 前端单元测试 | ${{ needs.frontend-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 状态机测试 | ${{ needs.state-machine-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| AI 模块单元测试 | ${{ needs.ai-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| AI 模块 API 测试 | ${{ needs.ai-api-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 安全审计" >> $GITHUB_STEP_SUMMARY
echo "| 审计项 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|--------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 多租户安全审计 | ${{ needs.tenant-security-audit.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| Kafka 事件审计 | ${{ needs.kafka-event-audit.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 依赖安全扫描 | ${{ needs.dependency-security-scan.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 治理基线 | ${{ needs.governance-baseline.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
- name: 门禁裁决
run: |
FAILED=0
# 构建必须通过
for job in "${{ needs.backend-build.result }}" "${{ needs.frontend-build.result }}"; do
if [ "$job" == "failure" ]; then
echo "构建失败"
FAILED=1
fi
done
# 单元测试必须通过
for job in "${{ needs.backend-unit-test.result }}" "${{ needs.frontend-unit-test.result }}"; do
if [ "$job" == "failure" ]; then
echo "单元测试失败"
FAILED=1
fi
done
# 状态机测试必须通过
if [ "${{ needs.state-machine-test.result }}" == "failure" ]; then
echo "状态机测试失败"
FAILED=1
fi
# AI 模块测试失败视为阻塞
if [ "${{ needs.ai-unit-test.result }}" == "failure" ]; then
echo "AI 模块单元测试失败"
FAILED=1
fi
# 多租户安全审计(红线 1)
if [ "${{ needs.tenant-security-audit.result }}" == "failure" ]; then
echo "多租户安全审计失败 - CRITICAL 数据安全风险"
FAILED=1
fi
# Kafka 事件审计(红线 3)
if [ "${{ needs.kafka-event-audit.result }}" == "failure" ]; then
echo "Kafka 事件审计失败 - 审计链断裂风险"
FAILED=1
fi
# 依赖安全扫描
if [ "${{ needs.dependency-security-scan.result }}" == "failure" ]; then
echo "依赖安全扫描失败 - 存在 high/critical 漏洞"
FAILED=1
fi
if [ $FAILED -eq 1 ]; then
echo ""
echo "质量门禁未通过"
exit 1
fi
echo "质量门禁通过"
- if: github.event_name == 'pull_request' && always()
name: PR 评论质量报告
uses: actions/github-script@v7
with:
script: |
const results = {
backendBuild: '${{ needs.backend-build.result }}',
frontendBuild: '${{ needs.frontend-build.result }}',
backendUnit: '${{ needs.backend-unit-test.result }}',
backendApi: '${{ needs.backend-api-test.result }}',
frontendUnit: '${{ needs.frontend-unit-test.result }}',
stateMachine: '${{ needs.state-machine-test.result }}',
aiUnit: '${{ needs.ai-unit-test.result }}',
aiApi: '${{ needs.ai-api-test.result }}',
tenantAudit: '${{ needs.tenant-security-audit.result }}',
kafkaAudit: '${{ needs.kafka-event-audit.result }}',
depScan: '${{ needs.dependency-security-scan.result }}',
};
const icon = (r) => r === 'success' ? '✅' : r === 'failure' ? '❌' : '⏭️';
const allPassed = !Object.values(results).some(r => r === 'failure');
const body = [
`## ${allPassed ? '✅' : '❌'} Test Pipeline 质量门禁`,
'',
'| 检查项 | 状态 |',
'|--------|------|',
`| 后端构建 | ${icon(results.backendBuild)} |`,
`| 前端构建 | ${icon(results.frontendBuild)} |`,
`| 后端单元测试 | ${icon(results.backendUnit)} |`,
`| 后端 API 测试 | ${icon(results.backendApi)} |`,
`| 前端单元测试 | ${icon(results.frontendUnit)} |`,
`| 状态机测试 | ${icon(results.stateMachine)} |`,
`| AI 单元测试 | ${icon(results.aiUnit)} |`,
`| AI API 测试 | ${icon(results.aiApi)} |`,
`| 多租户审计 | ${icon(results.tenantAudit)} |`,
`| Kafka 审计 | ${icon(results.kafkaAudit)} |`,
`| 依赖扫描 | ${icon(results.depScan)} |`,
'',
allPassed ? '**所有门禁通过,可以合并!**' : '**门禁未通过,请修复问题后重新提交。**',
].join('\n');
const { data: comments } = await github.rest.issues.listComments({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo
});
const existing = comments.find(c =>
c.user.type === 'Bot' && c.body.includes('Test Pipeline 质量门禁')
);
if (existing) {
await github.rest.issues.updateComment({
comment_id: existing.id,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
});
} else {
await github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
});
}
permissions:
contents: read
pull-requests: read # dorny/paths-filter@v3 读取 PR 文件列表
checks: write
issues: write # github-script@v7 在 PR 评论质量报告
...
|
quality-gate
|
["backend-unit-test","backend-api-test ["backend-unit-test","backend-api-test","backend-build","frontend-unit-test","frontend-build","state-machine-test","ai-unit-test","ai-api-test","tenant-security-audit","kafka-event-audit","dependency-security-scan","governance-baseline"]...
|
["ubuntu-latest"]
|
25956
|
1
|
1778643755
|
1778643757
|
1778624988
|
1778643757
|
|
1
|
|
0
|
Edit
Delete
|
|
29917
|
22653
|
6
|
5
|
921a6ce5568beb3034fc47d4bf7a392351c0068f
|
0
|
质量门禁
|
1
|
name: Test Pipeline
"on":
push:
name: Test Pipeline
"on":
push:
branches: [main, develop, 'feature/**', 'claude/**']
pull_request:
branches: [main, develop]
workflow_dispatch:
inputs:
coverage_threshold:
description: '覆盖率阈值 (%)'
required: false
default: '80'
run_ai_tests:
description: '运行 AI 模块测试'
required: false
default: 'true'
type: boolean
run_api_tests:
description: '运行 API 集成测试'
required: false
default: 'true'
type: boolean
run_security_audit:
description: '运行安全审计'
required: false
default: 'true'
type: boolean
env:
COVERAGE_THRESHOLD: ${{ github.event.inputs.coverage_threshold || '80' }}
NODE_OPTIONS: --max-old-space-size=8192
NODE_VERSION: "20"
PNPM_VERSION: "8"
jobs:
quality-gate:
name: 质量门禁
runs-on: ubuntu-latest
if: always()
steps:
- name: 生成流水线报告
run: |
echo "## Test Pipeline 结果" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**分支**: \`${{ github.ref_name }}\`" >> $GITHUB_STEP_SUMMARY
echo "**提交**: \`${{ github.sha }}\`" >> $GITHUB_STEP_SUMMARY
echo "**触发者**: ${{ github.actor }}" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 静态检查 + 构建" >> $GITHUB_STEP_SUMMARY
echo "| 检查项 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|--------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 后端构建 | ${{ needs.backend-build.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 前端构建 | ${{ needs.frontend-build.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 测试" >> $GITHUB_STEP_SUMMARY
echo "| 测试套件 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|----------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 后端单元测试 (4 分片) | ${{ needs.backend-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 后端 API 集成测试 | ${{ needs.backend-api-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 前端单元测试 | ${{ needs.frontend-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 状态机测试 | ${{ needs.state-machine-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| AI 模块单元测试 | ${{ needs.ai-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| AI 模块 API 测试 | ${{ needs.ai-api-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 安全审计" >> $GITHUB_STEP_SUMMARY
echo "| 审计项 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|--------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 多租户安全审计 | ${{ needs.tenant-security-audit.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| Kafka 事件审计 | ${{ needs.kafka-event-audit.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 依赖安全扫描 | ${{ needs.dependency-security-scan.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 治理基线 | ${{ needs.governance-baseline.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
- name: 门禁裁决
run: |
FAILED=0
# 构建必须通过
for job in "${{ needs.backend-build.result }}" "${{ needs.frontend-build.result }}"; do
if [ "$job" == "failure" ]; then
echo "构建失败"
FAILED=1
fi
done
# 单元测试必须通过
for job in "${{ needs.backend-unit-test.result }}" "${{ needs.frontend-unit-test.result }}"; do
if [ "$job" == "failure" ]; then
echo "单元测试失败"
FAILED=1
fi
done
# 状态机测试必须通过
if [ "${{ needs.state-machine-test.result }}" == "failure" ]; then
echo "状态机测试失败"
FAILED=1
fi
# AI 模块测试失败视为阻塞
if [ "${{ needs.ai-unit-test.result }}" == "failure" ]; then
echo "AI 模块单元测试失败"
FAILED=1
fi
# 多租户安全审计(红线 1)
if [ "${{ needs.tenant-security-audit.result }}" == "failure" ]; then
echo "多租户安全审计失败 - CRITICAL 数据安全风险"
FAILED=1
fi
# Kafka 事件审计(红线 3)
if [ "${{ needs.kafka-event-audit.result }}" == "failure" ]; then
echo "Kafka 事件审计失败 - 审计链断裂风险"
FAILED=1
fi
# 依赖安全扫描
if [ "${{ needs.dependency-security-scan.result }}" == "failure" ]; then
echo "依赖安全扫描失败 - 存在 high/critical 漏洞"
FAILED=1
fi
if [ $FAILED -eq 1 ]; then
echo ""
echo "质量门禁未通过"
exit 1
fi
echo "质量门禁通过"
- if: github.event_name == 'pull_request' && always()
name: PR 评论质量报告
uses: actions/github-script@v7
with:
script: |
const results = {
backendBuild: '${{ needs.backend-build.result }}',
frontendBuild: '${{ needs.frontend-build.result }}',
backendUnit: '${{ needs.backend-unit-test.result }}',
backendApi: '${{ needs.backend-api-test.result }}',
frontendUnit: '${{ needs.frontend-unit-test.result }}',
stateMachine: '${{ needs.state-machine-test.result }}',
aiUnit: '${{ needs.ai-unit-test.result }}',
aiApi: '${{ needs.ai-api-test.result }}',
tenantAudit: '${{ needs.tenant-security-audit.result }}',
kafkaAudit: '${{ needs.kafka-event-audit.result }}',
depScan: '${{ needs.dependency-security-scan.result }}',
};
const icon = (r) => r === 'success' ? '✅' : r === 'failure' ? '❌' : '⏭️';
const allPassed = !Object.values(results).some(r => r === 'failure');
const body = [
`## ${allPassed ? '✅' : '❌'} Test Pipeline 质量门禁`,
'',
'| 检查项 | 状态 |',
'|--------|------|',
`| 后端构建 | ${icon(results.backendBuild)} |`,
`| 前端构建 | ${icon(results.frontendBuild)} |`,
`| 后端单元测试 | ${icon(results.backendUnit)} |`,
`| 后端 API 测试 | ${icon(results.backendApi)} |`,
`| 前端单元测试 | ${icon(results.frontendUnit)} |`,
`| 状态机测试 | ${icon(results.stateMachine)} |`,
`| AI 单元测试 | ${icon(results.aiUnit)} |`,
`| AI API 测试 | ${icon(results.aiApi)} |`,
`| 多租户审计 | ${icon(results.tenantAudit)} |`,
`| Kafka 审计 | ${icon(results.kafkaAudit)} |`,
`| 依赖扫描 | ${icon(results.depScan)} |`,
'',
allPassed ? '**所有门禁通过,可以合并!**' : '**门禁未通过,请修复问题后重新提交。**',
].join('\n');
const { data: comments } = await github.rest.issues.listComments({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo
});
const existing = comments.find(c =>
c.user.type === 'Bot' && c.body.includes('Test Pipeline 质量门禁')
);
if (existing) {
await github.rest.issues.updateComment({
comment_id: existing.id,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
});
} else {
await github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
});
}
permissions:
contents: read
pull-requests: read # dorny/paths-filter@v3 读取 PR 文件列表
checks: write
issues: write # github-script@v7 在 PR 评论质量报告
...
|
quality-gate
|
["backend-unit-test","backend-api-test ["backend-unit-test","backend-api-test","backend-build","frontend-unit-test","frontend-build","state-machine-test","ai-unit-test","ai-api-test","tenant-security-audit","kafka-event-audit","dependency-security-scan","governance-baseline"]...
|
["ubuntu-latest"]
|
26179
|
1
|
1778689173
|
1778689174
|
1778679483
|
1778689175
|
|
1
|
|
0
|
Edit
Delete
|
|
29970
|
22659
|
6
|
5
|
921a6ce5568beb3034fc47d4bf7a392351c0068f
|
0
|
质量门禁
|
1
|
name: Test Pipeline
"on":
push:
name: Test Pipeline
"on":
push:
branches: [main, develop, 'feature/**', 'claude/**']
pull_request:
branches: [main, develop]
workflow_dispatch:
inputs:
coverage_threshold:
description: '覆盖率阈值 (%)'
required: false
default: '80'
run_ai_tests:
description: '运行 AI 模块测试'
required: false
default: 'true'
type: boolean
run_api_tests:
description: '运行 API 集成测试'
required: false
default: 'true'
type: boolean
run_security_audit:
description: '运行安全审计'
required: false
default: 'true'
type: boolean
env:
COVERAGE_THRESHOLD: ${{ github.event.inputs.coverage_threshold || '80' }}
NODE_OPTIONS: --max-old-space-size=8192
NODE_VERSION: "20"
PNPM_VERSION: "8"
jobs:
quality-gate:
name: 质量门禁
runs-on: ubuntu-latest
if: always()
steps:
- name: 生成流水线报告
run: |
echo "## Test Pipeline 结果" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**分支**: \`${{ github.ref_name }}\`" >> $GITHUB_STEP_SUMMARY
echo "**提交**: \`${{ github.sha }}\`" >> $GITHUB_STEP_SUMMARY
echo "**触发者**: ${{ github.actor }}" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 静态检查 + 构建" >> $GITHUB_STEP_SUMMARY
echo "| 检查项 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|--------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 后端构建 | ${{ needs.backend-build.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 前端构建 | ${{ needs.frontend-build.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 测试" >> $GITHUB_STEP_SUMMARY
echo "| 测试套件 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|----------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 后端单元测试 (4 分片) | ${{ needs.backend-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 后端 API 集成测试 | ${{ needs.backend-api-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 前端单元测试 | ${{ needs.frontend-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 状态机测试 | ${{ needs.state-machine-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| AI 模块单元测试 | ${{ needs.ai-unit-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| AI 模块 API 测试 | ${{ needs.ai-api-test.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### 安全审计" >> $GITHUB_STEP_SUMMARY
echo "| 审计项 | 状态 |" >> $GITHUB_STEP_SUMMARY
echo "|--------|------|" >> $GITHUB_STEP_SUMMARY
echo "| 多租户安全审计 | ${{ needs.tenant-security-audit.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| Kafka 事件审计 | ${{ needs.kafka-event-audit.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 依赖安全扫描 | ${{ needs.dependency-security-scan.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
echo "| 治理基线 | ${{ needs.governance-baseline.result || 'skipped' }} |" >> $GITHUB_STEP_SUMMARY
- name: 门禁裁决
run: |
FAILED=0
# 构建必须通过
for job in "${{ needs.backend-build.result }}" "${{ needs.frontend-build.result }}"; do
if [ "$job" == "failure" ]; then
echo "构建失败"
FAILED=1
fi
done
# 单元测试必须通过
for job in "${{ needs.backend-unit-test.result }}" "${{ needs.frontend-unit-test.result }}"; do
if [ "$job" == "failure" ]; then
echo "单元测试失败"
FAILED=1
fi
done
# 状态机测试必须通过
if [ "${{ needs.state-machine-test.result }}" == "failure" ]; then
echo "状态机测试失败"
FAILED=1
fi
# AI 模块测试失败视为阻塞
if [ "${{ needs.ai-unit-test.result }}" == "failure" ]; then
echo "AI 模块单元测试失败"
FAILED=1
fi
# 多租户安全审计(红线 1)
if [ "${{ needs.tenant-security-audit.result }}" == "failure" ]; then
echo "多租户安全审计失败 - CRITICAL 数据安全风险"
FAILED=1
fi
# Kafka 事件审计(红线 3)
if [ "${{ needs.kafka-event-audit.result }}" == "failure" ]; then
echo "Kafka 事件审计失败 - 审计链断裂风险"
FAILED=1
fi
# 依赖安全扫描
if [ "${{ needs.dependency-security-scan.result }}" == "failure" ]; then
echo "依赖安全扫描失败 - 存在 high/critical 漏洞"
FAILED=1
fi
if [ $FAILED -eq 1 ]; then
echo ""
echo "质量门禁未通过"
exit 1
fi
echo "质量门禁通过"
- if: github.event_name == 'pull_request' && always()
name: PR 评论质量报告
uses: actions/github-script@v7
with:
script: |
const results = {
backendBuild: '${{ needs.backend-build.result }}',
frontendBuild: '${{ needs.frontend-build.result }}',
backendUnit: '${{ needs.backend-unit-test.result }}',
backendApi: '${{ needs.backend-api-test.result }}',
frontendUnit: '${{ needs.frontend-unit-test.result }}',
stateMachine: '${{ needs.state-machine-test.result }}',
aiUnit: '${{ needs.ai-unit-test.result }}',
aiApi: '${{ needs.ai-api-test.result }}',
tenantAudit: '${{ needs.tenant-security-audit.result }}',
kafkaAudit: '${{ needs.kafka-event-audit.result }}',
depScan: '${{ needs.dependency-security-scan.result }}',
};
const icon = (r) => r === 'success' ? '✅' : r === 'failure' ? '❌' : '⏭️';
const allPassed = !Object.values(results).some(r => r === 'failure');
const body = [
`## ${allPassed ? '✅' : '❌'} Test Pipeline 质量门禁`,
'',
'| 检查项 | 状态 |',
'|--------|------|',
`| 后端构建 | ${icon(results.backendBuild)} |`,
`| 前端构建 | ${icon(results.frontendBuild)} |`,
`| 后端单元测试 | ${icon(results.backendUnit)} |`,
`| 后端 API 测试 | ${icon(results.backendApi)} |`,
`| 前端单元测试 | ${icon(results.frontendUnit)} |`,
`| 状态机测试 | ${icon(results.stateMachine)} |`,
`| AI 单元测试 | ${icon(results.aiUnit)} |`,
`| AI API 测试 | ${icon(results.aiApi)} |`,
`| 多租户审计 | ${icon(results.tenantAudit)} |`,
`| Kafka 审计 | ${icon(results.kafkaAudit)} |`,
`| 依赖扫描 | ${icon(results.depScan)} |`,
'',
allPassed ? '**所有门禁通过,可以合并!**' : '**门禁未通过,请修复问题后重新提交。**',
].join('\n');
const { data: comments } = await github.rest.issues.listComments({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo
});
const existing = comments.find(c =>
c.user.type === 'Bot' && c.body.includes('Test Pipeline 质量门禁')
);
if (existing) {
await github.rest.issues.updateComment({
comment_id: existing.id,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
});
} else {
await github.rest.issues.createComment({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
body: body
});
}
permissions:
contents: read
pull-requests: read # dorny/paths-filter@v3 读取 PR 文件列表
checks: write
issues: write # github-script@v7 在 PR 评论质量报告
...
|
quality-gate
|
["backend-unit-test","backend-api-test ["backend-unit-test","backend-api-test","backend-build","frontend-unit-test","frontend-build","state-machine-test","ai-unit-test","ai-api-test","tenant-security-audit","kafka-event-audit","dependency-security-scan","governance-baseline"]...
|
["ubuntu-latest"]
|
26182
|
1
|
1778689179
|
1778689181
|
1778679720
|
1778689181
|
|
1
|
|
0
|
Edit
Delete
|
|
7861
|
6706
|
6
|
5
|
e112d45af414e4862c0328abad7c4df74d3c1dbf
|
0
|
📋 质量门禁总结
|
0
|
name: Code Quality Gate
"on":
push:
name: Code Quality Gate
"on":
push:
branches: [main, develop]
pull_request:
branches: [main, develop]
workflow_dispatch:
inputs:
strict_mode:
description: '严格模式(失败即阻止合并)'
required: false
default: true
type: boolean
env:
COVERAGE_THRESHOLD_E2E: "60"
COVERAGE_THRESHOLD_INTEGRATION: "70"
COVERAGE_THRESHOLD_UNIT: "80"
NODE_VERSION: "20"
PNPM_VERSION: "8"
jobs:
quality-gate-summary:
name: "\U0001F4CB 质量门禁总结"
runs-on: ubuntu-latest
if: always()
steps:
- name: 输出质量门禁结果
run: "echo \"## \U0001F6A6 质量门禁结果\" >> $GITHUB_STEP_SUMMARY\necho \"\" >> $GITHUB_STEP_SUMMARY\necho \"| 检查项 | 状态 | 说明 |\" >> $GITHUB_STEP_SUMMARY\necho \"|--------|------|------|\" >> $GITHUB_STEP_SUMMARY\necho \"| 静态代码分析 | ${{ needs.static-analysis.result }} | TypeScript/Prisma 验证 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 多租户安全审计 | ${{ needs.tenant-security.result }} | 数据隔离检查 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 单元测试覆盖率 | ${{ needs.unit-test-coverage.result }} | ≥80% 阈值 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 状态机测试 | ${{ needs.state-machine-tests.result }} | XState 验证 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 类型安全检查 | ${{ needs.type-safety.result }} | any 类型统计 |\" >> $GITHUB_STEP_SUMMARY\n"
- name: 检查是否全部通过
run: "STATIC=\"${{ needs.static-analysis.result }}\"\nTENANT=\"${{ needs.tenant-security.result }}\"\nCOVERAGE=\"${{ needs.unit-test-coverage.result }}\"\nSTATE=\"${{ needs.state-machine-tests.result }}\"\nTYPE=\"${{ needs.type-safety.result }}\"\n\n# 核心门禁(必须通过)\nCORE_FAILED=0\nif [ \"$TENANT\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:多租户安全审计\"\n CORE_FAILED=1\nfi\nif [ \"$COVERAGE\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:单元测试覆盖率\"\n CORE_FAILED=1\nfi\nif [ \"$STATIC\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:静态代码分析\"\n CORE_FAILED=1\nfi\n\nif [ $CORE_FAILED -eq 1 ]; then\n echo \"\"\n echo \"\U0001F6A8 质量门禁未通过,请修复上述问题后重新提交\"\n exit 1\nfi\n\necho \"✅ 所有质量门禁通过\"\n"
- if: github.event_name == 'pull_request' && always()
name: 评论 PR 总结
uses: actions/github-script@v7
with:
script: "const results = {\n static: '${{ needs.static-analysis.result }}',\n tenant: '${{ needs.tenant-security.result }}',\n coverage: '${{ needs.unit-test-coverage.result }}',\n state: '${{ needs.state-machine-tests.result }}',\n type: '${{ needs.type-safety.result }}'\n};\n\nconst getEmoji = (result) => {\n if (result === 'success') return '✅';\n if (result === 'failure') return '❌';\n if (result === 'skipped') return '⏭️';\n return '⚠️';\n};\n\nconst allPassed = Object.values(results).every(r => r === 'success' || r === 'skipped');\n\nconst body = [\n '## \U0001F6A6 质量门禁检查结果',\n '',\n '| 检查项 | 状态 |',\n '|--------|------|',\n `| 静态代码分析 | ${getEmoji(results.static)} |`,\n `| 多租户安全审计 | ${getEmoji(results.tenant)} |`,\n `| 单元测试覆盖率 | ${getEmoji(results.coverage)} |`,\n `| 状态机测试 | ${getEmoji(results.state)} |`,\n `| 类型安全检查 | ${getEmoji(results.type)} |`,\n '',\n allPassed ? '✅ **所有质量门禁通过,可以合并!**' : '❌ **质量门禁未通过,请修复问题后重新提交。**'\n].join('\\n');\n\n// 查找是否已有评论\nconst comments = await github.rest.issues.listComments({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo\n});\n\nconst botComment = comments.data.find(c =>\n c.user.type === 'Bot' &&\n c.body.includes('质量门禁检查结果')\n);\n\nif (botComment) {\n await github.rest.issues.updateComment({\n comment_id: botComment.id,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: body\n });\n} else {\n await github.rest.issues.createComment({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: body\n });\n}\n"
...
|
quality-gate-summary
|
["static-analysis","tenant-security� ["static-analysis","tenant-security","unit-test-coverage","state-machine-tests","type-safety"]...
|
["ubuntu-latest"]
|
0
|
3
|
0
|
1773832746
|
1773831750
|
1773832746
|
|
1
|
|
0
|
Edit
Delete
|
|
7923
|
6716
|
6
|
5
|
b7eb415d7a9689f1efec941bcb2dcd7d098e9c28
|
0
|
📋 质量门禁总结
|
1
|
name: Code Quality Gate
"on":
push:
name: Code Quality Gate
"on":
push:
branches: [main, develop]
pull_request:
branches: [main, develop]
workflow_dispatch:
inputs:
strict_mode:
description: '严格模式(失败即阻止合并)'
required: false
default: true
type: boolean
env:
COVERAGE_THRESHOLD_E2E: "60"
COVERAGE_THRESHOLD_INTEGRATION: "70"
COVERAGE_THRESHOLD_UNIT: "80"
NODE_VERSION: "20"
PNPM_VERSION: "8"
jobs:
quality-gate-summary:
name: "\U0001F4CB 质量门禁总结"
runs-on: ubuntu-latest
if: always()
steps:
- name: 输出质量门禁结果
run: "echo \"## \U0001F6A6 质量门禁结果\" >> $GITHUB_STEP_SUMMARY\necho \"\" >> $GITHUB_STEP_SUMMARY\necho \"| 检查项 | 状态 | 说明 |\" >> $GITHUB_STEP_SUMMARY\necho \"|--------|------|------|\" >> $GITHUB_STEP_SUMMARY\necho \"| 静态代码分析 | ${{ needs.static-analysis.result }} | TypeScript/Prisma 验证 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 多租户安全审计 | ${{ needs.tenant-security.result }} | 数据隔离检查 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 单元测试覆盖率 | ${{ needs.unit-test-coverage.result }} | ≥80% 阈值 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 状态机测试 | ${{ needs.state-machine-tests.result }} | XState 验证 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 类型安全检查 | ${{ needs.type-safety.result }} | any 类型统计 |\" >> $GITHUB_STEP_SUMMARY\n"
- name: 检查是否全部通过
run: "STATIC=\"${{ needs.static-analysis.result }}\"\nTENANT=\"${{ needs.tenant-security.result }}\"\nCOVERAGE=\"${{ needs.unit-test-coverage.result }}\"\nSTATE=\"${{ needs.state-machine-tests.result }}\"\nTYPE=\"${{ needs.type-safety.result }}\"\n\n# 核心门禁(必须通过)\nCORE_FAILED=0\nif [ \"$TENANT\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:多租户安全审计\"\n CORE_FAILED=1\nfi\nif [ \"$COVERAGE\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:单元测试覆盖率\"\n CORE_FAILED=1\nfi\nif [ \"$STATIC\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:静态代码分析\"\n CORE_FAILED=1\nfi\n\nif [ $CORE_FAILED -eq 1 ]; then\n echo \"\"\n echo \"\U0001F6A8 质量门禁未通过,请修复上述问题后重新提交\"\n exit 1\nfi\n\necho \"✅ 所有质量门禁通过\"\n"
- if: github.event_name == 'pull_request' && always()
name: 评论 PR 总结
uses: actions/github-script@v7
with:
script: "const results = {\n static: '${{ needs.static-analysis.result }}',\n tenant: '${{ needs.tenant-security.result }}',\n coverage: '${{ needs.unit-test-coverage.result }}',\n state: '${{ needs.state-machine-tests.result }}',\n type: '${{ needs.type-safety.result }}'\n};\n\nconst getEmoji = (result) => {\n if (result === 'success') return '✅';\n if (result === 'failure') return '❌';\n if (result === 'skipped') return '⏭️';\n return '⚠️';\n};\n\nconst allPassed = Object.values(results).every(r => r === 'success' || r === 'skipped');\n\nconst body = [\n '## \U0001F6A6 质量门禁检查结果',\n '',\n '| 检查项 | 状态 |',\n '|--------|------|',\n `| 静态代码分析 | ${getEmoji(results.static)} |`,\n `| 多租户安全审计 | ${getEmoji(results.tenant)} |`,\n `| 单元测试覆盖率 | ${getEmoji(results.coverage)} |`,\n `| 状态机测试 | ${getEmoji(results.state)} |`,\n `| 类型安全检查 | ${getEmoji(results.type)} |`,\n '',\n allPassed ? '✅ **所有质量门禁通过,可以合并!**' : '❌ **质量门禁未通过,请修复问题后重新提交。**'\n].join('\\n');\n\n// 查找是否已有评论\nconst comments = await github.rest.issues.listComments({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo\n});\n\nconst botComment = comments.data.find(c =>\n c.user.type === 'Bot' &&\n c.body.includes('质量门禁检查结果')\n);\n\nif (botComment) {\n await github.rest.issues.updateComment({\n comment_id: botComment.id,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: body\n });\n} else {\n await github.rest.issues.createComment({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: body\n });\n}\n"
...
|
quality-gate-summary
|
["static-analysis","tenant-security� ["static-analysis","tenant-security","unit-test-coverage","state-machine-tests","type-safety"]...
|
["ubuntu-latest"]
|
6808
|
2
|
1773833312
|
1773833313
|
1773832746
|
1773833313
|
|
1
|
|
0
|
Edit
Delete
|
|
8286
|
6999
|
6
|
5
|
bd59e5501292cb061719f669c7a7b7afd4f1a0b7
|
0
|
📋 质量门禁总结
|
0
|
name: Code Quality Gate
"on":
push:
name: Code Quality Gate
"on":
push:
branches: [main, develop]
pull_request:
branches: [main, develop]
workflow_dispatch:
inputs:
strict_mode:
description: '严格模式(失败即阻止合并)'
required: false
default: true
type: boolean
env:
COVERAGE_THRESHOLD_E2E: "60"
COVERAGE_THRESHOLD_INTEGRATION: "70"
COVERAGE_THRESHOLD_UNIT: "80"
NODE_VERSION: "20"
PNPM_VERSION: "8"
jobs:
quality-gate-summary:
name: "\U0001F4CB 质量门禁总结"
runs-on: ubuntu-latest
if: always()
steps:
- name: 输出质量门禁结果
run: "echo \"## \U0001F6A6 质量门禁结果\" >> $GITHUB_STEP_SUMMARY\necho \"\" >> $GITHUB_STEP_SUMMARY\necho \"| 检查项 | 状态 | 说明 |\" >> $GITHUB_STEP_SUMMARY\necho \"|--------|------|------|\" >> $GITHUB_STEP_SUMMARY\necho \"| 静态代码分析 | ${{ needs.static-analysis.result }} | TypeScript/Prisma 验证 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 多租户安全审计 | ${{ needs.tenant-security.result }} | 数据隔离检查 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 单元测试覆盖率 | ${{ needs.unit-test-coverage.result }} | ≥80% 阈值 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 状态机测试 | ${{ needs.state-machine-tests.result }} | XState 验证 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 类型安全检查 | ${{ needs.type-safety.result }} | any 类型统计 |\" >> $GITHUB_STEP_SUMMARY\n"
- name: 检查是否全部通过
run: "STATIC=\"${{ needs.static-analysis.result }}\"\nTENANT=\"${{ needs.tenant-security.result }}\"\nCOVERAGE=\"${{ needs.unit-test-coverage.result }}\"\nSTATE=\"${{ needs.state-machine-tests.result }}\"\nTYPE=\"${{ needs.type-safety.result }}\"\n\n# 核心门禁(必须通过)\nCORE_FAILED=0\nif [ \"$TENANT\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:多租户安全审计\"\n CORE_FAILED=1\nfi\nif [ \"$COVERAGE\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:单元测试覆盖率\"\n CORE_FAILED=1\nfi\nif [ \"$STATIC\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:静态代码分析\"\n CORE_FAILED=1\nfi\n\nif [ $CORE_FAILED -eq 1 ]; then\n echo \"\"\n echo \"\U0001F6A8 质量门禁未通过,请修复上述问题后重新提交\"\n exit 1\nfi\n\necho \"✅ 所有质量门禁通过\"\n"
- if: github.event_name == 'pull_request' && always()
name: 评论 PR 总结
uses: actions/github-script@v7
with:
script: "const results = {\n static: '${{ needs.static-analysis.result }}',\n tenant: '${{ needs.tenant-security.result }}',\n coverage: '${{ needs.unit-test-coverage.result }}',\n state: '${{ needs.state-machine-tests.result }}',\n type: '${{ needs.type-safety.result }}'\n};\n\nconst getEmoji = (result) => {\n if (result === 'success') return '✅';\n if (result === 'failure') return '❌';\n if (result === 'skipped') return '⏭️';\n return '⚠️';\n};\n\nconst allPassed = Object.values(results).every(r => r === 'success' || r === 'skipped');\n\nconst body = [\n '## \U0001F6A6 质量门禁检查结果',\n '',\n '| 检查项 | 状态 |',\n '|--------|------|',\n `| 静态代码分析 | ${getEmoji(results.static)} |`,\n `| 多租户安全审计 | ${getEmoji(results.tenant)} |`,\n `| 单元测试覆盖率 | ${getEmoji(results.coverage)} |`,\n `| 状态机测试 | ${getEmoji(results.state)} |`,\n `| 类型安全检查 | ${getEmoji(results.type)} |`,\n '',\n allPassed ? '✅ **所有质量门禁通过,可以合并!**' : '❌ **质量门禁未通过,请修复问题后重新提交。**'\n].join('\\n');\n\n// 查找是否已有评论\nconst comments = await github.rest.issues.listComments({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo\n});\n\nconst botComment = comments.data.find(c =>\n c.user.type === 'Bot' &&\n c.body.includes('质量门禁检查结果')\n);\n\nif (botComment) {\n await github.rest.issues.updateComment({\n comment_id: botComment.id,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: body\n });\n} else {\n await github.rest.issues.createComment({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: body\n });\n}\n"
...
|
quality-gate-summary
|
["static-analysis","tenant-security� ["static-analysis","tenant-security","unit-test-coverage","state-machine-tests","type-safety"]...
|
["ubuntu-latest"]
|
0
|
3
|
0
|
1773913348
|
1773912914
|
1773913348
|
|
0
|
|
0
|
Edit
Delete
|
|
8344
|
7007
|
6
|
5
|
01a8ea9191c28b210d2abb3db3cbc65db42fc801
|
0
|
📋 质量门禁总结
|
1
|
name: Code Quality Gate
"on":
push:
name: Code Quality Gate
"on":
push:
branches: [main, develop]
pull_request:
branches: [main, develop]
workflow_dispatch:
inputs:
strict_mode:
description: '严格模式(失败即阻止合并)'
required: false
default: true
type: boolean
env:
COVERAGE_THRESHOLD_E2E: "60"
COVERAGE_THRESHOLD_INTEGRATION: "70"
COVERAGE_THRESHOLD_UNIT: "80"
NODE_VERSION: "20"
PNPM_VERSION: "8"
jobs:
quality-gate-summary:
name: "\U0001F4CB 质量门禁总结"
runs-on: ubuntu-latest
if: always()
steps:
- name: 输出质量门禁结果
run: "echo \"## \U0001F6A6 质量门禁结果\" >> $GITHUB_STEP_SUMMARY\necho \"\" >> $GITHUB_STEP_SUMMARY\necho \"| 检查项 | 状态 | 说明 |\" >> $GITHUB_STEP_SUMMARY\necho \"|--------|------|------|\" >> $GITHUB_STEP_SUMMARY\necho \"| 静态代码分析 | ${{ needs.static-analysis.result }} | TypeScript/Prisma 验证 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 多租户安全审计 | ${{ needs.tenant-security.result }} | 数据隔离检查 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 单元测试覆盖率 | ${{ needs.unit-test-coverage.result }} | ≥80% 阈值 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 状态机测试 | ${{ needs.state-machine-tests.result }} | XState 验证 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 类型安全检查 | ${{ needs.type-safety.result }} | any 类型统计 |\" >> $GITHUB_STEP_SUMMARY\n"
- name: 检查是否全部通过
run: "STATIC=\"${{ needs.static-analysis.result }}\"\nTENANT=\"${{ needs.tenant-security.result }}\"\nCOVERAGE=\"${{ needs.unit-test-coverage.result }}\"\nSTATE=\"${{ needs.state-machine-tests.result }}\"\nTYPE=\"${{ needs.type-safety.result }}\"\n\n# 核心门禁(必须通过)\nCORE_FAILED=0\nif [ \"$TENANT\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:多租户安全审计\"\n CORE_FAILED=1\nfi\nif [ \"$COVERAGE\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:单元测试覆盖率\"\n CORE_FAILED=1\nfi\nif [ \"$STATIC\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:静态代码分析\"\n CORE_FAILED=1\nfi\n\nif [ $CORE_FAILED -eq 1 ]; then\n echo \"\"\n echo \"\U0001F6A8 质量门禁未通过,请修复上述问题后重新提交\"\n exit 1\nfi\n\necho \"✅ 所有质量门禁通过\"\n"
- if: github.event_name == 'pull_request' && always()
name: 评论 PR 总结
uses: actions/github-script@v7
with:
script: "const results = {\n static: '${{ needs.static-analysis.result }}',\n tenant: '${{ needs.tenant-security.result }}',\n coverage: '${{ needs.unit-test-coverage.result }}',\n state: '${{ needs.state-machine-tests.result }}',\n type: '${{ needs.type-safety.result }}'\n};\n\nconst getEmoji = (result) => {\n if (result === 'success') return '✅';\n if (result === 'failure') return '❌';\n if (result === 'skipped') return '⏭️';\n return '⚠️';\n};\n\nconst allPassed = Object.values(results).every(r => r === 'success' || r === 'skipped');\n\nconst body = [\n '## \U0001F6A6 质量门禁检查结果',\n '',\n '| 检查项 | 状态 |',\n '|--------|------|',\n `| 静态代码分析 | ${getEmoji(results.static)} |`,\n `| 多租户安全审计 | ${getEmoji(results.tenant)} |`,\n `| 单元测试覆盖率 | ${getEmoji(results.coverage)} |`,\n `| 状态机测试 | ${getEmoji(results.state)} |`,\n `| 类型安全检查 | ${getEmoji(results.type)} |`,\n '',\n allPassed ? '✅ **所有质量门禁通过,可以合并!**' : '❌ **质量门禁未通过,请修复问题后重新提交。**'\n].join('\\n');\n\n// 查找是否已有评论\nconst comments = await github.rest.issues.listComments({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo\n});\n\nconst botComment = comments.data.find(c =>\n c.user.type === 'Bot' &&\n c.body.includes('质量门禁检查结果')\n);\n\nif (botComment) {\n await github.rest.issues.updateComment({\n comment_id: botComment.id,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: body\n });\n} else {\n await github.rest.issues.createComment({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: body\n });\n}\n"
...
|
quality-gate-summary
|
["static-analysis","tenant-security� ["static-analysis","tenant-security","unit-test-coverage","state-machine-tests","type-safety"]...
|
["ubuntu-latest"]
|
7175
|
2
|
1773914197
|
1773914198
|
1773913348
|
1773914199
|
|
1
|
|
0
|
Edit
Delete
|
|
8479
|
7072
|
6
|
5
|
9771b23ae7aaee164f15f9c4ccbdb18eb68fc71f
|
0
|
📋 质量门禁总结
|
1
|
name: Code Quality Gate
"on":
push:
name: Code Quality Gate
"on":
push:
branches: [main, develop]
pull_request:
branches: [main, develop]
workflow_dispatch:
inputs:
strict_mode:
description: '严格模式(失败即阻止合并)'
required: false
default: true
type: boolean
env:
COVERAGE_THRESHOLD_E2E: "60"
COVERAGE_THRESHOLD_INTEGRATION: "70"
COVERAGE_THRESHOLD_UNIT: "80"
NODE_VERSION: "20"
PNPM_VERSION: "8"
jobs:
quality-gate-summary:
name: "\U0001F4CB 质量门禁总结"
runs-on: ubuntu-latest
if: always()
steps:
- name: 输出质量门禁结果
run: "echo \"## \U0001F6A6 质量门禁结果\" >> $GITHUB_STEP_SUMMARY\necho \"\" >> $GITHUB_STEP_SUMMARY\necho \"| 检查项 | 状态 | 说明 |\" >> $GITHUB_STEP_SUMMARY\necho \"|--------|------|------|\" >> $GITHUB_STEP_SUMMARY\necho \"| 静态代码分析 | ${{ needs.static-analysis.result }} | TypeScript/Prisma 验证 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 多租户安全审计 | ${{ needs.tenant-security.result }} | 数据隔离检查 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 单元测试覆盖率 | ${{ needs.unit-test-coverage.result }} | ≥80% 阈值 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 状态机测试 | ${{ needs.state-machine-tests.result }} | XState 验证 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 类型安全检查 | ${{ needs.type-safety.result }} | any 类型统计 |\" >> $GITHUB_STEP_SUMMARY\n"
- name: 检查是否全部通过
run: "STATIC=\"${{ needs.static-analysis.result }}\"\nTENANT=\"${{ needs.tenant-security.result }}\"\nCOVERAGE=\"${{ needs.unit-test-coverage.result }}\"\nSTATE=\"${{ needs.state-machine-tests.result }}\"\nTYPE=\"${{ needs.type-safety.result }}\"\n\n# 核心门禁(必须通过)\nCORE_FAILED=0\nif [ \"$TENANT\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:多租户安全审计\"\n CORE_FAILED=1\nfi\nif [ \"$COVERAGE\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:单元测试覆盖率\"\n CORE_FAILED=1\nfi\nif [ \"$STATIC\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:静态代码分析\"\n CORE_FAILED=1\nfi\n\nif [ $CORE_FAILED -eq 1 ]; then\n echo \"\"\n echo \"\U0001F6A8 质量门禁未通过,请修复上述问题后重新提交\"\n exit 1\nfi\n\necho \"✅ 所有质量门禁通过\"\n"
- if: github.event_name == 'pull_request' && always()
name: 评论 PR 总结
uses: actions/github-script@v7
with:
script: "const results = {\n static: '${{ needs.static-analysis.result }}',\n tenant: '${{ needs.tenant-security.result }}',\n coverage: '${{ needs.unit-test-coverage.result }}',\n state: '${{ needs.state-machine-tests.result }}',\n type: '${{ needs.type-safety.result }}'\n};\n\nconst getEmoji = (result) => {\n if (result === 'success') return '✅';\n if (result === 'failure') return '❌';\n if (result === 'skipped') return '⏭️';\n return '⚠️';\n};\n\nconst allPassed = Object.values(results).every(r => r === 'success' || r === 'skipped');\n\nconst body = [\n '## \U0001F6A6 质量门禁检查结果',\n '',\n '| 检查项 | 状态 |',\n '|--------|------|',\n `| 静态代码分析 | ${getEmoji(results.static)} |`,\n `| 多租户安全审计 | ${getEmoji(results.tenant)} |`,\n `| 单元测试覆盖率 | ${getEmoji(results.coverage)} |`,\n `| 状态机测试 | ${getEmoji(results.state)} |`,\n `| 类型安全检查 | ${getEmoji(results.type)} |`,\n '',\n allPassed ? '✅ **所有质量门禁通过,可以合并!**' : '❌ **质量门禁未通过,请修复问题后重新提交。**'\n].join('\\n');\n\n// 查找是否已有评论\nconst comments = await github.rest.issues.listComments({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo\n});\n\nconst botComment = comments.data.find(c =>\n c.user.type === 'Bot' &&\n c.body.includes('质量门禁检查结果')\n);\n\nif (botComment) {\n await github.rest.issues.updateComment({\n comment_id: botComment.id,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: body\n });\n} else {\n await github.rest.issues.createComment({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: body\n });\n}\n"
...
|
quality-gate-summary
|
["static-analysis","tenant-security� ["static-analysis","tenant-security","unit-test-coverage","state-machine-tests","type-safety"]...
|
["ubuntu-latest"]
|
7295
|
2
|
1773929936
|
1773929937
|
1773929409
|
1773929937
|
|
1
|
|
0
|
Edit
Delete
|
|
8588
|
7117
|
6
|
5
|
979d9c81063fbda12f1445bf80b0c0027b0fbac2
|
0
|
📋 质量门禁总结
|
1
|
name: Code Quality Gate
"on":
push:
name: Code Quality Gate
"on":
push:
branches: [main, develop]
pull_request:
branches: [main, develop]
workflow_dispatch:
inputs:
strict_mode:
description: '严格模式(失败即阻止合并)'
required: false
default: true
type: boolean
env:
COVERAGE_THRESHOLD_E2E: "60"
COVERAGE_THRESHOLD_INTEGRATION: "70"
COVERAGE_THRESHOLD_UNIT: "80"
NODE_VERSION: "20"
PNPM_VERSION: "8"
jobs:
quality-gate-summary:
name: "\U0001F4CB 质量门禁总结"
runs-on: ubuntu-latest
if: always()
steps:
- name: 输出质量门禁结果
run: "echo \"## \U0001F6A6 质量门禁结果\" >> $GITHUB_STEP_SUMMARY\necho \"\" >> $GITHUB_STEP_SUMMARY\necho \"| 检查项 | 状态 | 说明 |\" >> $GITHUB_STEP_SUMMARY\necho \"|--------|------|------|\" >> $GITHUB_STEP_SUMMARY\necho \"| 静态代码分析 | ${{ needs.static-analysis.result }} | TypeScript/Prisma 验证 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 多租户安全审计 | ${{ needs.tenant-security.result }} | 数据隔离检查 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 单元测试覆盖率 | ${{ needs.unit-test-coverage.result }} | ≥80% 阈值 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 状态机测试 | ${{ needs.state-machine-tests.result }} | XState 验证 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 类型安全检查 | ${{ needs.type-safety.result }} | any 类型统计 |\" >> $GITHUB_STEP_SUMMARY\n"
- name: 检查是否全部通过
run: "STATIC=\"${{ needs.static-analysis.result }}\"\nTENANT=\"${{ needs.tenant-security.result }}\"\nCOVERAGE=\"${{ needs.unit-test-coverage.result }}\"\nSTATE=\"${{ needs.state-machine-tests.result }}\"\nTYPE=\"${{ needs.type-safety.result }}\"\n\n# 核心门禁(必须通过)\nCORE_FAILED=0\nif [ \"$TENANT\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:多租户安全审计\"\n CORE_FAILED=1\nfi\nif [ \"$COVERAGE\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:单元测试覆盖率\"\n CORE_FAILED=1\nfi\nif [ \"$STATIC\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:静态代码分析\"\n CORE_FAILED=1\nfi\n\nif [ $CORE_FAILED -eq 1 ]; then\n echo \"\"\n echo \"\U0001F6A8 质量门禁未通过,请修复上述问题后重新提交\"\n exit 1\nfi\n\necho \"✅ 所有质量门禁通过\"\n"
- if: github.event_name == 'pull_request' && always()
name: 评论 PR 总结
uses: actions/github-script@v7
with:
script: "const results = {\n static: '${{ needs.static-analysis.result }}',\n tenant: '${{ needs.tenant-security.result }}',\n coverage: '${{ needs.unit-test-coverage.result }}',\n state: '${{ needs.state-machine-tests.result }}',\n type: '${{ needs.type-safety.result }}'\n};\n\nconst getEmoji = (result) => {\n if (result === 'success') return '✅';\n if (result === 'failure') return '❌';\n if (result === 'skipped') return '⏭️';\n return '⚠️';\n};\n\nconst allPassed = Object.values(results).every(r => r === 'success' || r === 'skipped');\n\nconst body = [\n '## \U0001F6A6 质量门禁检查结果',\n '',\n '| 检查项 | 状态 |',\n '|--------|------|',\n `| 静态代码分析 | ${getEmoji(results.static)} |`,\n `| 多租户安全审计 | ${getEmoji(results.tenant)} |`,\n `| 单元测试覆盖率 | ${getEmoji(results.coverage)} |`,\n `| 状态机测试 | ${getEmoji(results.state)} |`,\n `| 类型安全检查 | ${getEmoji(results.type)} |`,\n '',\n allPassed ? '✅ **所有质量门禁通过,可以合并!**' : '❌ **质量门禁未通过,请修复问题后重新提交。**'\n].join('\\n');\n\n// 查找是否已有评论\nconst comments = await github.rest.issues.listComments({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo\n});\n\nconst botComment = comments.data.find(c =>\n c.user.type === 'Bot' &&\n c.body.includes('质量门禁检查结果')\n);\n\nif (botComment) {\n await github.rest.issues.updateComment({\n comment_id: botComment.id,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: body\n });\n} else {\n await github.rest.issues.createComment({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: body\n });\n}\n"
...
|
quality-gate-summary
|
["static-analysis","tenant-security� ["static-analysis","tenant-security","unit-test-coverage","state-machine-tests","type-safety"]...
|
["ubuntu-latest"]
|
7395
|
2
|
1773940747
|
1773940748
|
1773939782
|
1773940748
|
|
1
|
|
0
|
Edit
Delete
|
|
8777
|
7235
|
6
|
5
|
0900b15d607e5c78f97fec16a73357ad4f814390
|
0
|
📋 质量门禁总结
|
1
|
name: Code Quality Gate
"on":
push:
name: Code Quality Gate
"on":
push:
branches: [main, develop]
pull_request:
branches: [main, develop]
workflow_dispatch:
inputs:
strict_mode:
description: '严格模式(失败即阻止合并)'
required: false
default: true
type: boolean
env:
COVERAGE_THRESHOLD_E2E: "60"
COVERAGE_THRESHOLD_INTEGRATION: "70"
COVERAGE_THRESHOLD_UNIT: "80"
NODE_VERSION: "20"
PNPM_VERSION: "8"
jobs:
quality-gate-summary:
name: "\U0001F4CB 质量门禁总结"
runs-on: ubuntu-latest
if: always()
steps:
- name: 输出质量门禁结果
run: "echo \"## \U0001F6A6 质量门禁结果\" >> $GITHUB_STEP_SUMMARY\necho \"\" >> $GITHUB_STEP_SUMMARY\necho \"| 检查项 | 状态 | 说明 |\" >> $GITHUB_STEP_SUMMARY\necho \"|--------|------|------|\" >> $GITHUB_STEP_SUMMARY\necho \"| 静态代码分析 | ${{ needs.static-analysis.result }} | TypeScript/Prisma 验证 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 多租户安全审计 | ${{ needs.tenant-security.result }} | 数据隔离检查 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 单元测试覆盖率 | ${{ needs.unit-test-coverage.result }} | ≥80% 阈值 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 状态机测试 | ${{ needs.state-machine-tests.result }} | XState 验证 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 类型安全检查 | ${{ needs.type-safety.result }} | any 类型统计 |\" >> $GITHUB_STEP_SUMMARY\n"
- name: 检查是否全部通过
run: "STATIC=\"${{ needs.static-analysis.result }}\"\nTENANT=\"${{ needs.tenant-security.result }}\"\nCOVERAGE=\"${{ needs.unit-test-coverage.result }}\"\nSTATE=\"${{ needs.state-machine-tests.result }}\"\nTYPE=\"${{ needs.type-safety.result }}\"\n\n# 核心门禁(必须通过)\nCORE_FAILED=0\nif [ \"$TENANT\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:多租户安全审计\"\n CORE_FAILED=1\nfi\nif [ \"$COVERAGE\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:单元测试覆盖率\"\n CORE_FAILED=1\nfi\nif [ \"$STATIC\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:静态代码分析\"\n CORE_FAILED=1\nfi\n\nif [ $CORE_FAILED -eq 1 ]; then\n echo \"\"\n echo \"\U0001F6A8 质量门禁未通过,请修复上述问题后重新提交\"\n exit 1\nfi\n\necho \"✅ 所有质量门禁通过\"\n"
- if: github.event_name == 'pull_request' && always()
name: 评论 PR 总结
uses: actions/github-script@v7
with:
script: "const results = {\n static: '${{ needs.static-analysis.result }}',\n tenant: '${{ needs.tenant-security.result }}',\n coverage: '${{ needs.unit-test-coverage.result }}',\n state: '${{ needs.state-machine-tests.result }}',\n type: '${{ needs.type-safety.result }}'\n};\n\nconst getEmoji = (result) => {\n if (result === 'success') return '✅';\n if (result === 'failure') return '❌';\n if (result === 'skipped') return '⏭️';\n return '⚠️';\n};\n\nconst allPassed = Object.values(results).every(r => r === 'success' || r === 'skipped');\n\nconst body = [\n '## \U0001F6A6 质量门禁检查结果',\n '',\n '| 检查项 | 状态 |',\n '|--------|------|',\n `| 静态代码分析 | ${getEmoji(results.static)} |`,\n `| 多租户安全审计 | ${getEmoji(results.tenant)} |`,\n `| 单元测试覆盖率 | ${getEmoji(results.coverage)} |`,\n `| 状态机测试 | ${getEmoji(results.state)} |`,\n `| 类型安全检查 | ${getEmoji(results.type)} |`,\n '',\n allPassed ? '✅ **所有质量门禁通过,可以合并!**' : '❌ **质量门禁未通过,请修复问题后重新提交。**'\n].join('\\n');\n\n// 查找是否已有评论\nconst comments = await github.rest.issues.listComments({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo\n});\n\nconst botComment = comments.data.find(c =>\n c.user.type === 'Bot' &&\n c.body.includes('质量门禁检查结果')\n);\n\nif (botComment) {\n await github.rest.issues.updateComment({\n comment_id: botComment.id,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: body\n });\n} else {\n await github.rest.issues.createComment({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: body\n });\n}\n"
...
|
quality-gate-summary
|
["static-analysis","tenant-security� ["static-analysis","tenant-security","unit-test-coverage","state-machine-tests","type-safety"]...
|
["ubuntu-latest"]
|
7574
|
2
|
1774221755
|
1774221785
|
1774220986
|
1774221785
|
|
1
|
|
0
|
Edit
Delete
|
|
8853
|
7252
|
6
|
5
|
80c2bdb2f93a19aa53d16ded06387b70c6084bf8
|
0
|
📋 质量门禁总结
|
1
|
name: Code Quality Gate
"on":
push:
name: Code Quality Gate
"on":
push:
branches: [main, develop]
pull_request:
branches: [main, develop]
workflow_dispatch:
inputs:
strict_mode:
description: '严格模式(失败即阻止合并)'
required: false
default: true
type: boolean
env:
COVERAGE_THRESHOLD_E2E: "60"
COVERAGE_THRESHOLD_INTEGRATION: "70"
COVERAGE_THRESHOLD_UNIT: "80"
NODE_VERSION: "20"
PNPM_VERSION: "8"
jobs:
quality-gate-summary:
name: "\U0001F4CB 质量门禁总结"
runs-on: ubuntu-latest
if: always()
steps:
- name: 输出质量门禁结果
run: "echo \"## \U0001F6A6 质量门禁结果\" >> $GITHUB_STEP_SUMMARY\necho \"\" >> $GITHUB_STEP_SUMMARY\necho \"| 检查项 | 状态 | 说明 |\" >> $GITHUB_STEP_SUMMARY\necho \"|--------|------|------|\" >> $GITHUB_STEP_SUMMARY\necho \"| 静态代码分析 | ${{ needs.static-analysis.result }} | TypeScript/Prisma 验证 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 多租户安全审计 | ${{ needs.tenant-security.result }} | 数据隔离检查 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 单元测试覆盖率 | ${{ needs.unit-test-coverage.result }} | ≥80% 阈值 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 状态机测试 | ${{ needs.state-machine-tests.result }} | XState 验证 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 类型安全检查 | ${{ needs.type-safety.result }} | any 类型统计 |\" >> $GITHUB_STEP_SUMMARY\n"
- name: 检查是否全部通过
run: "STATIC=\"${{ needs.static-analysis.result }}\"\nTENANT=\"${{ needs.tenant-security.result }}\"\nCOVERAGE=\"${{ needs.unit-test-coverage.result }}\"\nSTATE=\"${{ needs.state-machine-tests.result }}\"\nTYPE=\"${{ needs.type-safety.result }}\"\n\n# 核心门禁(必须通过)\nCORE_FAILED=0\nif [ \"$TENANT\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:多租户安全审计\"\n CORE_FAILED=1\nfi\nif [ \"$COVERAGE\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:单元测试覆盖率\"\n CORE_FAILED=1\nfi\nif [ \"$STATIC\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:静态代码分析\"\n CORE_FAILED=1\nfi\n\nif [ $CORE_FAILED -eq 1 ]; then\n echo \"\"\n echo \"\U0001F6A8 质量门禁未通过,请修复上述问题后重新提交\"\n exit 1\nfi\n\necho \"✅ 所有质量门禁通过\"\n"
- if: github.event_name == 'pull_request' && always()
name: 评论 PR 总结
uses: actions/github-script@v7
with:
script: "const results = {\n static: '${{ needs.static-analysis.result }}',\n tenant: '${{ needs.tenant-security.result }}',\n coverage: '${{ needs.unit-test-coverage.result }}',\n state: '${{ needs.state-machine-tests.result }}',\n type: '${{ needs.type-safety.result }}'\n};\n\nconst getEmoji = (result) => {\n if (result === 'success') return '✅';\n if (result === 'failure') return '❌';\n if (result === 'skipped') return '⏭️';\n return '⚠️';\n};\n\nconst allPassed = Object.values(results).every(r => r === 'success' || r === 'skipped');\n\nconst body = [\n '## \U0001F6A6 质量门禁检查结果',\n '',\n '| 检查项 | 状态 |',\n '|--------|------|',\n `| 静态代码分析 | ${getEmoji(results.static)} |`,\n `| 多租户安全审计 | ${getEmoji(results.tenant)} |`,\n `| 单元测试覆盖率 | ${getEmoji(results.coverage)} |`,\n `| 状态机测试 | ${getEmoji(results.state)} |`,\n `| 类型安全检查 | ${getEmoji(results.type)} |`,\n '',\n allPassed ? '✅ **所有质量门禁通过,可以合并!**' : '❌ **质量门禁未通过,请修复问题后重新提交。**'\n].join('\\n');\n\n// 查找是否已有评论\nconst comments = await github.rest.issues.listComments({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo\n});\n\nconst botComment = comments.data.find(c =>\n c.user.type === 'Bot' &&\n c.body.includes('质量门禁检查结果')\n);\n\nif (botComment) {\n await github.rest.issues.updateComment({\n comment_id: botComment.id,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: body\n });\n} else {\n await github.rest.issues.createComment({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: body\n });\n}\n"
...
|
quality-gate-summary
|
["static-analysis","tenant-security� ["static-analysis","tenant-security","unit-test-coverage","state-machine-tests","type-safety"]...
|
["ubuntu-latest"]
|
7639
|
2
|
1774223413
|
1774223415
|
1774223021
|
1774223415
|
|
1
|
|
0
|
Edit
Delete
|
|
8924
|
7264
|
6
|
5
|
df7b6f46170cb46db4771dd1e07991b0b13d90a0
|
0
|
📋 质量门禁总结
|
1
|
name: Code Quality Gate
"on":
push:
name: Code Quality Gate
"on":
push:
branches: [main, develop]
pull_request:
branches: [main, develop]
workflow_dispatch:
inputs:
strict_mode:
description: '严格模式(失败即阻止合并)'
required: false
default: true
type: boolean
env:
COVERAGE_THRESHOLD_E2E: "60"
COVERAGE_THRESHOLD_INTEGRATION: "70"
COVERAGE_THRESHOLD_UNIT: "80"
NODE_VERSION: "20"
PNPM_VERSION: "8"
jobs:
quality-gate-summary:
name: "\U0001F4CB 质量门禁总结"
runs-on: ubuntu-latest
if: always()
steps:
- name: 输出质量门禁结果
run: "echo \"## \U0001F6A6 质量门禁结果\" >> $GITHUB_STEP_SUMMARY\necho \"\" >> $GITHUB_STEP_SUMMARY\necho \"| 检查项 | 状态 | 说明 |\" >> $GITHUB_STEP_SUMMARY\necho \"|--------|------|------|\" >> $GITHUB_STEP_SUMMARY\necho \"| 静态代码分析 | ${{ needs.static-analysis.result }} | TypeScript/Prisma 验证 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 多租户安全审计 | ${{ needs.tenant-security.result }} | 数据隔离检查 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 单元测试覆盖率 | ${{ needs.unit-test-coverage.result }} | ≥80% 阈值 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 状态机测试 | ${{ needs.state-machine-tests.result }} | XState 验证 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 类型安全检查 | ${{ needs.type-safety.result }} | any 类型统计 |\" >> $GITHUB_STEP_SUMMARY\n"
- name: 检查是否全部通过
run: "STATIC=\"${{ needs.static-analysis.result }}\"\nTENANT=\"${{ needs.tenant-security.result }}\"\nCOVERAGE=\"${{ needs.unit-test-coverage.result }}\"\nSTATE=\"${{ needs.state-machine-tests.result }}\"\nTYPE=\"${{ needs.type-safety.result }}\"\n\n# 核心门禁(必须通过)\nCORE_FAILED=0\nif [ \"$TENANT\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:多租户安全审计\"\n CORE_FAILED=1\nfi\nif [ \"$COVERAGE\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:单元测试覆盖率\"\n CORE_FAILED=1\nfi\nif [ \"$STATIC\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:静态代码分析\"\n CORE_FAILED=1\nfi\n\nif [ $CORE_FAILED -eq 1 ]; then\n echo \"\"\n echo \"\U0001F6A8 质量门禁未通过,请修复上述问题后重新提交\"\n exit 1\nfi\n\necho \"✅ 所有质量门禁通过\"\n"
- if: github.event_name == 'pull_request' && always()
name: 评论 PR 总结
uses: actions/github-script@v7
with:
script: "const results = {\n static: '${{ needs.static-analysis.result }}',\n tenant: '${{ needs.tenant-security.result }}',\n coverage: '${{ needs.unit-test-coverage.result }}',\n state: '${{ needs.state-machine-tests.result }}',\n type: '${{ needs.type-safety.result }}'\n};\n\nconst getEmoji = (result) => {\n if (result === 'success') return '✅';\n if (result === 'failure') return '❌';\n if (result === 'skipped') return '⏭️';\n return '⚠️';\n};\n\nconst allPassed = Object.values(results).every(r => r === 'success' || r === 'skipped');\n\nconst body = [\n '## \U0001F6A6 质量门禁检查结果',\n '',\n '| 检查项 | 状态 |',\n '|--------|------|',\n `| 静态代码分析 | ${getEmoji(results.static)} |`,\n `| 多租户安全审计 | ${getEmoji(results.tenant)} |`,\n `| 单元测试覆盖率 | ${getEmoji(results.coverage)} |`,\n `| 状态机测试 | ${getEmoji(results.state)} |`,\n `| 类型安全检查 | ${getEmoji(results.type)} |`,\n '',\n allPassed ? '✅ **所有质量门禁通过,可以合并!**' : '❌ **质量门禁未通过,请修复问题后重新提交。**'\n].join('\\n');\n\n// 查找是否已有评论\nconst comments = await github.rest.issues.listComments({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo\n});\n\nconst botComment = comments.data.find(c =>\n c.user.type === 'Bot' &&\n c.body.includes('质量门禁检查结果')\n);\n\nif (botComment) {\n await github.rest.issues.updateComment({\n comment_id: botComment.id,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: body\n });\n} else {\n await github.rest.issues.createComment({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: body\n });\n}\n"
...
|
quality-gate-summary
|
["static-analysis","tenant-security� ["static-analysis","tenant-security","unit-test-coverage","state-machine-tests","type-safety"]...
|
["ubuntu-latest"]
|
7700
|
2
|
1774223909
|
1774223910
|
1774223519
|
1774223911
|
|
1
|
|
0
|
Edit
Delete
|
|
9028
|
7294
|
6
|
5
|
339ea969ec2633756fb1a155d47723d0f61396a4
|
0
|
📋 质量门禁总结
|
1
|
name: Code Quality Gate
"on":
push:
name: Code Quality Gate
"on":
push:
branches: [main, develop]
pull_request:
branches: [main, develop]
workflow_dispatch:
inputs:
strict_mode:
description: '严格模式(失败即阻止合并)'
required: false
default: true
type: boolean
env:
COVERAGE_THRESHOLD_E2E: "60"
COVERAGE_THRESHOLD_INTEGRATION: "70"
COVERAGE_THRESHOLD_UNIT: "80"
NODE_VERSION: "20"
PNPM_VERSION: "8"
jobs:
quality-gate-summary:
name: "\U0001F4CB 质量门禁总结"
runs-on: ubuntu-latest
if: always()
steps:
- name: 输出质量门禁结果
run: "echo \"## \U0001F6A6 质量门禁结果\" >> $GITHUB_STEP_SUMMARY\necho \"\" >> $GITHUB_STEP_SUMMARY\necho \"| 检查项 | 状态 | 说明 |\" >> $GITHUB_STEP_SUMMARY\necho \"|--------|------|------|\" >> $GITHUB_STEP_SUMMARY\necho \"| 静态代码分析 | ${{ needs.static-analysis.result }} | TypeScript/Prisma 验证 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 多租户安全审计 | ${{ needs.tenant-security.result }} | 数据隔离检查 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 单元测试覆盖率 | ${{ needs.unit-test-coverage.result }} | ≥80% 阈值 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 状态机测试 | ${{ needs.state-machine-tests.result }} | XState 验证 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 类型安全检查 | ${{ needs.type-safety.result }} | any 类型统计 |\" >> $GITHUB_STEP_SUMMARY\n"
- name: 检查是否全部通过
run: "STATIC=\"${{ needs.static-analysis.result }}\"\nTENANT=\"${{ needs.tenant-security.result }}\"\nCOVERAGE=\"${{ needs.unit-test-coverage.result }}\"\nSTATE=\"${{ needs.state-machine-tests.result }}\"\nTYPE=\"${{ needs.type-safety.result }}\"\n\n# 核心门禁(必须通过)\nCORE_FAILED=0\nif [ \"$TENANT\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:多租户安全审计\"\n CORE_FAILED=1\nfi\nif [ \"$COVERAGE\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:单元测试覆盖率\"\n CORE_FAILED=1\nfi\nif [ \"$STATIC\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:静态代码分析\"\n CORE_FAILED=1\nfi\n\nif [ $CORE_FAILED -eq 1 ]; then\n echo \"\"\n echo \"\U0001F6A8 质量门禁未通过,请修复上述问题后重新提交\"\n exit 1\nfi\n\necho \"✅ 所有质量门禁通过\"\n"
- if: github.event_name == 'pull_request' && always()
name: 评论 PR 总结
uses: actions/github-script@v7
with:
script: "const results = {\n static: '${{ needs.static-analysis.result }}',\n tenant: '${{ needs.tenant-security.result }}',\n coverage: '${{ needs.unit-test-coverage.result }}',\n state: '${{ needs.state-machine-tests.result }}',\n type: '${{ needs.type-safety.result }}'\n};\n\nconst getEmoji = (result) => {\n if (result === 'success') return '✅';\n if (result === 'failure') return '❌';\n if (result === 'skipped') return '⏭️';\n return '⚠️';\n};\n\nconst allPassed = Object.values(results).every(r => r === 'success' || r === 'skipped');\n\nconst body = [\n '## \U0001F6A6 质量门禁检查结果',\n '',\n '| 检查项 | 状态 |',\n '|--------|------|',\n `| 静态代码分析 | ${getEmoji(results.static)} |`,\n `| 多租户安全审计 | ${getEmoji(results.tenant)} |`,\n `| 单元测试覆盖率 | ${getEmoji(results.coverage)} |`,\n `| 状态机测试 | ${getEmoji(results.state)} |`,\n `| 类型安全检查 | ${getEmoji(results.type)} |`,\n '',\n allPassed ? '✅ **所有质量门禁通过,可以合并!**' : '❌ **质量门禁未通过,请修复问题后重新提交。**'\n].join('\\n');\n\n// 查找是否已有评论\nconst comments = await github.rest.issues.listComments({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo\n});\n\nconst botComment = comments.data.find(c =>\n c.user.type === 'Bot' &&\n c.body.includes('质量门禁检查结果')\n);\n\nif (botComment) {\n await github.rest.issues.updateComment({\n comment_id: botComment.id,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: body\n });\n} else {\n await github.rest.issues.createComment({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: body\n });\n}\n"
...
|
quality-gate-summary
|
["static-analysis","tenant-security� ["static-analysis","tenant-security","unit-test-coverage","state-machine-tests","type-safety"]...
|
["ubuntu-latest"]
|
7793
|
2
|
1774229589
|
1774229590
|
1774229064
|
1774229590
|
|
1
|
|
0
|
Edit
Delete
|
|
9235
|
7420
|
6
|
5
|
67078f9a95f53530156ad27027eafe15a3126e89
|
0
|
📋 质量门禁总结
|
1
|
name: Code Quality Gate
"on":
push:
name: Code Quality Gate
"on":
push:
branches: [main, develop]
pull_request:
branches: [main, develop]
workflow_dispatch:
inputs:
strict_mode:
description: '严格模式(失败即阻止合并)'
required: false
default: true
type: boolean
env:
COVERAGE_THRESHOLD_E2E: "60"
COVERAGE_THRESHOLD_INTEGRATION: "70"
COVERAGE_THRESHOLD_UNIT: "80"
NODE_VERSION: "20"
PNPM_VERSION: "8"
jobs:
quality-gate-summary:
name: "\U0001F4CB 质量门禁总结"
runs-on: ubuntu-latest
if: always()
steps:
- name: 输出质量门禁结果
run: "echo \"## \U0001F6A6 质量门禁结果\" >> $GITHUB_STEP_SUMMARY\necho \"\" >> $GITHUB_STEP_SUMMARY\necho \"| 检查项 | 状态 | 说明 |\" >> $GITHUB_STEP_SUMMARY\necho \"|--------|------|------|\" >> $GITHUB_STEP_SUMMARY\necho \"| 静态代码分析 | ${{ needs.static-analysis.result }} | TypeScript/Prisma 验证 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 多租户安全审计 | ${{ needs.tenant-security.result }} | 数据隔离检查 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 单元测试覆盖率 | ${{ needs.unit-test-coverage.result }} | ≥80% 阈值 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 状态机测试 | ${{ needs.state-machine-tests.result }} | XState 验证 |\" >> $GITHUB_STEP_SUMMARY\necho \"| 类型安全检查 | ${{ needs.type-safety.result }} | any 类型统计 |\" >> $GITHUB_STEP_SUMMARY\n"
- name: 检查是否全部通过
run: "STATIC=\"${{ needs.static-analysis.result }}\"\nTENANT=\"${{ needs.tenant-security.result }}\"\nCOVERAGE=\"${{ needs.unit-test-coverage.result }}\"\nSTATE=\"${{ needs.state-machine-tests.result }}\"\nTYPE=\"${{ needs.type-safety.result }}\"\n\n# 核心门禁(必须通过)\nCORE_FAILED=0\nif [ \"$TENANT\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:多租户安全审计\"\n CORE_FAILED=1\nfi\nif [ \"$COVERAGE\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:单元测试覆盖率\"\n CORE_FAILED=1\nfi\nif [ \"$STATIC\" == \"failure\" ]; then\n echo \"❌ 核心门禁失败:静态代码分析\"\n CORE_FAILED=1\nfi\n\nif [ $CORE_FAILED -eq 1 ]; then\n echo \"\"\n echo \"\U0001F6A8 质量门禁未通过,请修复上述问题后重新提交\"\n exit 1\nfi\n\necho \"✅ 所有质量门禁通过\"\n"
- if: github.event_name == 'pull_request' && always()
name: 评论 PR 总结
uses: actions/github-script@v7
with:
script: "const results = {\n static: '${{ needs.static-analysis.result }}',\n tenant: '${{ needs.tenant-security.result }}',\n coverage: '${{ needs.unit-test-coverage.result }}',\n state: '${{ needs.state-machine-tests.result }}',\n type: '${{ needs.type-safety.result }}'\n};\n\nconst getEmoji = (result) => {\n if (result === 'success') return '✅';\n if (result === 'failure') return '❌';\n if (result === 'skipped') return '⏭️';\n return '⚠️';\n};\n\nconst allPassed = Object.values(results).every(r => r === 'success' || r === 'skipped');\n\nconst body = [\n '## \U0001F6A6 质量门禁检查结果',\n '',\n '| 检查项 | 状态 |',\n '|--------|------|',\n `| 静态代码分析 | ${getEmoji(results.static)} |`,\n `| 多租户安全审计 | ${getEmoji(results.tenant)} |`,\n `| 单元测试覆盖率 | ${getEmoji(results.coverage)} |`,\n `| 状态机测试 | ${getEmoji(results.state)} |`,\n `| 类型安全检查 | ${getEmoji(results.type)} |`,\n '',\n allPassed ? '✅ **所有质量门禁通过,可以合并!**' : '❌ **质量门禁未通过,请修复问题后重新提交。**'\n].join('\\n');\n\n// 查找是否已有评论\nconst comments = await github.rest.issues.listComments({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo\n});\n\nconst botComment = comments.data.find(c =>\n c.user.type === 'Bot' &&\n c.body.includes('质量门禁检查结果')\n);\n\nif (botComment) {\n await github.rest.issues.updateComment({\n comment_id: botComment.id,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: body\n });\n} else {\n await github.rest.issues.createComment({\n issue_number: context.issue.number,\n owner: context.repo.owner,\n repo: context.repo.repo,\n body: body\n });\n}\n"
...
|
quality-gate-summary
|
["static-analysis","tenant-security� ["static-analysis","tenant-security","unit-test-coverage","state-machine-tests","type-safety"]...
|
["ubuntu-latest"]
|
7987
|
2
|
1774263641
|
1774263642
|
1774262378
|
1774263642
|
|
1
|
|
0
|
Edit
Delete
|
|
9378
|
7509
|
6
|
5
|
ff3149170c6b0deb6d8151cb962592199b95bdd8
|
0
|
紧急验证(跳过测试时)
|
1
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
8116
|
4
|
1774286285
|
1774286286
|
1774286259
|
1774286286
|
|
1
|
|
0
|
Edit
Delete
|
|
9392
|
7511
|
6
|
5
|
ff3149170c6b0deb6d8151cb962592199b95bdd8
|
0
|
紧急验证(跳过测试时)
|
0
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
0
|
3
|
0
|
1774286327
|
1774286322
|
1774286327
|
|
1
|
|
0
|
Edit
Delete
|
|
9402
|
7512
|
6
|
5
|
ff3149170c6b0deb6d8151cb962592199b95bdd8
|
0
|
紧急验证(跳过测试时)
|
1
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
8130
|
4
|
1774286330
|
1774286330
|
1774286327
|
1774286330
|
|
1
|
|
0
|
Edit
Delete
|
|
9541
|
7604
|
6
|
5
|
2ec5b7d8079ffd911c7b27a395d5aba3ceafe372
|
0
|
紧急验证(跳过测试时)
|
1
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
8253
|
4
|
1774312468
|
1774312468
|
1774312441
|
1774312468
|
|
1
|
|
0
|
Edit
Delete
|
|
9555
|
7606
|
6
|
5
|
2ec5b7d8079ffd911c7b27a395d5aba3ceafe372
|
0
|
紧急验证(跳过测试时)
|
0
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
0
|
3
|
0
|
1774312508
|
1774312506
|
1774312508
|
|
0
|
|
0
|
Edit
Delete
|
|
9565
|
7607
|
6
|
5
|
2ec5b7d8079ffd911c7b27a395d5aba3ceafe372
|
0
|
紧急验证(跳过测试时)
|
1
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
8266
|
4
|
1774312511
|
1774312511
|
1774312509
|
1774312512
|
|
1
|
|
0
|
Edit
Delete
|
|
9617
|
7619
|
6
|
5
|
07680473f95a02e139e159147a93ef74e61f3db2
|
0
|
紧急验证(跳过测试时)
|
1
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
8306
|
4
|
1774314806
|
1774314806
|
1774314769
|
1774314806
|
|
1
|
|
0
|
Edit
Delete
|
|
9631
|
7621
|
6
|
5
|
07680473f95a02e139e159147a93ef74e61f3db2
|
0
|
紧急验证(跳过测试时)
|
0
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
0
|
3
|
0
|
1774314836
|
1774314830
|
1774314836
|
|
0
|
|
0
|
Edit
Delete
|
|
9641
|
7622
|
6
|
5
|
07680473f95a02e139e159147a93ef74e61f3db2
|
0
|
紧急验证(跳过测试时)
|
1
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
8314
|
4
|
1774314839
|
1774314839
|
1774314837
|
1774314839
|
|
1
|
|
0
|
Edit
Delete
|
|
9688
|
7629
|
6
|
5
|
cfe1efeda7265f05374d3bd0036cf684a15f3cb9
|
0
|
紧急验证(跳过测试时)
|
0
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
0
|
3
|
0
|
1774315759
|
1774315758
|
1774315759
|
|
0
|
|
0
|
Edit
Delete
|
|
9698
|
7630
|
6
|
5
|
cfe1efeda7265f05374d3bd0036cf684a15f3cb9
|
0
|
紧急验证(跳过测试时)
|
1
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
8350
|
4
|
1774315815
|
1774315815
|
1774315760
|
1774315815
|
|
1
|
|
0
|
Edit
Delete
|
|
9712
|
7632
|
6
|
5
|
cfe1efeda7265f05374d3bd0036cf684a15f3cb9
|
0
|
紧急验证(跳过测试时)
|
0
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
0
|
3
|
0
|
1774315826
|
1774315824
|
1774315826
|
|
0
|
|
0
|
Edit
Delete
|
|
9722
|
7633
|
6
|
5
|
cfe1efeda7265f05374d3bd0036cf684a15f3cb9
|
0
|
紧急验证(跳过测试时)
|
1
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
8357
|
4
|
1774315829
|
1774315829
|
1774315827
|
1774315830
|
|
1
|
|
0
|
Edit
Delete
|
|
9769
|
7640
|
6
|
5
|
8c39619c9cdb0d888d10942bf50533c8238021df
|
0
|
紧急验证(跳过测试时)
|
1
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
8388
|
4
|
1774316990
|
1774316990
|
1774316965
|
1774316991
|
|
1
|
|
0
|
Edit
Delete
|
|
9783
|
7642
|
6
|
5
|
8c39619c9cdb0d888d10942bf50533c8238021df
|
0
|
紧急验证(跳过测试时)
|
0
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
0
|
3
|
0
|
1774317033
|
1774317028
|
1774317033
|
|
1
|
|
0
|
Edit
Delete
|
|
9793
|
7643
|
6
|
5
|
8c39619c9cdb0d888d10942bf50533c8238021df
|
0
|
紧急验证(跳过测试时)
|
1
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
8402
|
4
|
1774317036
|
1774317036
|
1774317033
|
1774317036
|
|
1
|
|
0
|
Edit
Delete
|
|
9844
|
7654
|
6
|
5
|
dbf34b08bbb60650d15b0c55262dbfe8d0a3a655
|
0
|
紧急验证(跳过测试时)
|
1
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
8437
|
4
|
1774319067
|
1774319067
|
1774319038
|
1774319067
|
|
1
|
|
0
|
Edit
Delete
|
|
9858
|
7656
|
6
|
5
|
dbf34b08bbb60650d15b0c55262dbfe8d0a3a655
|
0
|
紧急验证(跳过测试时)
|
0
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
0
|
3
|
0
|
1774319281
|
1774319102
|
1774319281
|
|
1
|
|
0
|
Edit
Delete
|
|
9869
|
7658
|
6
|
5
|
dbf34b08bbb60650d15b0c55262dbfe8d0a3a655
|
0
|
紧急验证(跳过测试时)
|
1
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
8452
|
4
|
1774319287
|
1774319288
|
1774319281
|
1774319288
|
|
1
|
|
0
|
Edit
Delete
|
|
9921
|
7670
|
6
|
5
|
db7f39e63151b9c065646855287b8be73e13649b
|
0
|
紧急验证(跳过测试时)
|
1
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
8493
|
4
|
1774321780
|
1774321780
|
1774321622
|
1774321780
|
|
1
|
|
0
|
Edit
Delete
|
|
9935
|
7672
|
6
|
5
|
db7f39e63151b9c065646855287b8be73e13649b
|
0
|
紧急验证(跳过测试时)
|
0
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
0
|
3
|
0
|
1774321882
|
1774321785
|
1774321882
|
|
1
|
|
0
|
Edit
Delete
|
|
9946
|
7674
|
6
|
5
|
db7f39e63151b9c065646855287b8be73e13649b
|
0
|
紧急验证(跳过测试时)
|
1
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
8502
|
4
|
1774321889
|
1774321890
|
1774321883
|
1774321890
|
|
1
|
|
0
|
Edit
Delete
|
|
10001
|
7689
|
6
|
5
|
81e883dfff9283af39b3dd2aa30e25ae2119e8f0
|
0
|
紧急验证(跳过测试时)
|
1
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
8541
|
4
|
1774325242
|
1774325242
|
1774325215
|
1774325242
|
|
1
|
|
0
|
Edit
Delete
|
|
10015
|
7691
|
6
|
5
|
81e883dfff9283af39b3dd2aa30e25ae2119e8f0
|
0
|
紧急验证(跳过测试时)
|
0
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
0
|
3
|
0
|
1774325281
|
1774325277
|
1774325281
|
|
1
|
|
0
|
Edit
Delete
|
|
10025
|
7692
|
6
|
5
|
81e883dfff9283af39b3dd2aa30e25ae2119e8f0
|
0
|
紧急验证(跳过测试时)
|
0
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
0
|
3
|
0
|
1774325283
|
1774325282
|
1774325283
|
|
0
|
|
0
|
Edit
Delete
|
|
10035
|
7693
|
6
|
5
|
81e883dfff9283af39b3dd2aa30e25ae2119e8f0
|
0
|
紧急验证(跳过测试时)
|
1
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
8555
|
4
|
1774325286
|
1774325286
|
1774325284
|
1774325286
|
|
1
|
|
0
|
Edit
Delete
|
|
10151
|
7769
|
6
|
5
|
9f09902dce3537d952595fd6d33175b6f0c24c7e
|
0
|
紧急验证(跳过测试时)
|
1
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
8655
|
4
|
1774346890
|
1774346890
|
1774346863
|
1774346890
|
|
1
|
|
0
|
Edit
Delete
|
|
10165
|
7771
|
6
|
5
|
9f09902dce3537d952595fd6d33175b6f0c24c7e
|
0
|
紧急验证(跳过测试时)
|
0
|
name: CI/CD Deploy
"on":
# test-pipeli name: CI/CD Deploy
"on":
# test-pipeline 通过后自动触发(仅 main 分支)
workflow_run:
workflows: ["Test Pipeline"]
types: [completed]
branches: [main]
# 版本标签触发完整部署
push:
tags: ['v*']
# 手动触发
workflow_dispatch:
inputs:
environment:
description: '部署环境'
required: true
default: 'staging'
type: choice
options:
- staging
- production
- aliyun
- rollback-production
- rollback-aliyun
skip_tests:
description: '跳过测试(紧急修复)'
required: false
default: false
type: boolean
version:
description: '部署版本号(留空使用自动版本)'
required: false
type: string
env:
IMAGE_PREFIX: ${{ github.repository_owner }}/juhi
NODE_VERSION: "20"
PNPM_VERSION: "8"
REGISTRY: ghcr.io
jobs:
quick-check:
name: 紧急验证(跳过测试时)
runs-on: ubuntu-latest
if: >-
needs.gate.outputs.should_deploy == 'true' && needs.gate.outputs.is_rollback == 'false' && github.event.inputs.skip_tests == 'true'
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: ${{ env.PNPM_VERSION }}
- uses: actions/setup-node@v4
with:
cache: pnpm
node-version: ${{ env.NODE_VERSION }}
- name: 安装依赖
run: pnpm install --frozen-lockfile
- name: 构建共享包
run: pnpm --filter @juhi/shared run build
- name: 后端类型检查
run: pnpm --filter juhi-api run type-check
- name: 前端类型检查
run: pnpm --filter juhi-frontend run type-check
timeout-minutes: "10"
...
|
quick-check
|
["gate"]
|
["ubuntu-latest"]
|
0
|
3
|
0
|
1774346930
|
1774346925
|
1774346930
|
|
1
|
|
0
|
Edit
Delete
|