ci-health-check: complete dynamic repo discovery (PRI-331)
PR #115's first commit landed dynamic discovery via gh api but missed three of the five issue requirements. This commit completes them: - Move headlamp- prefix filtering into jq via startswith() and add explicit exclusion for headlamp-agent-skills (skills bundle, not a plugin), instead of relying on grep -E '^headlamp-.+'. - Add PLUGIN_REPOS_FALLBACK with the previously hardcoded list and use it when discovery returns empty, instead of exiting with error. - Add header comment documenting the discovery filter and the headlamp-agent-skills exclusion. Verified jq filter against live API: returns 8 plugin repos, all prefixed headlamp-, headlamp-agent-skills correctly excluded. Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
committed by
Gandalf the Greybeard [agent]
Gandalf the Greybeard [agent]
parent
d872bdc626
commit
0ff52c20fd
@@ -2,19 +2,41 @@
|
||||
# ci-health-check.sh — Scan all privilegedescalation repos for CI/CD health
|
||||
# Run from: /paperclip/privilegedescalation/engineering/hugh
|
||||
# Requires: GH_TOKEN set (use: export GH_TOKEN=$(bash ./get-github-token.sh))
|
||||
#
|
||||
# Plugin repo discovery
|
||||
# ---------------------
|
||||
# PLUGIN_REPOS is populated dynamically from the GitHub org so newly created
|
||||
# plugin repos are picked up automatically. The filter is:
|
||||
# - non-archived, public repos in the privilegedescalation org
|
||||
# - name starts with "headlamp-"
|
||||
# - excludes "headlamp-agent-skills" (skills bundle, not a Headlamp plugin)
|
||||
# If discovery fails (network error, GH_TOKEN missing, API outage), we fall
|
||||
# back to a hardcoded list so the health check still produces a useful report.
|
||||
set -euo pipefail
|
||||
|
||||
ORG="privilegedescalation"
|
||||
|
||||
# Hardcoded fallback — kept in sync manually as a safety net for discovery failures.
|
||||
PLUGIN_REPOS_FALLBACK=(
|
||||
headlamp-polaris-plugin
|
||||
headlamp-rook-plugin
|
||||
headlamp-sealed-secrets-plugin
|
||||
headlamp-intel-gpu-plugin
|
||||
headlamp-tns-csi-plugin
|
||||
headlamp-kube-vip-plugin
|
||||
headlamp-plugin-template
|
||||
headlamp-argocd-plugin
|
||||
)
|
||||
|
||||
mapfile -t PLUGIN_REPOS < <(
|
||||
gh api --paginate "orgs/${ORG}/repos" \
|
||||
--jq '.[] | select(.archived == false and .visibility == "public") | .name' \
|
||||
2>/dev/null | grep -E '^headlamp-.+' | sort
|
||||
--jq '.[] | select(.archived == false and .visibility == "public" and (.name | startswith("headlamp-")) and .name != "headlamp-agent-skills") | .name' \
|
||||
2>/dev/null | sort
|
||||
)
|
||||
|
||||
if [ ${#PLUGIN_REPOS[@]} -eq 0 ]; then
|
||||
echo "ERROR: No repos discovered for ${ORG}" >&2
|
||||
exit 1
|
||||
echo "WARNING: dynamic repo discovery returned no results — using hardcoded fallback" >&2
|
||||
PLUGIN_REPOS=("${PLUGIN_REPOS_FALLBACK[@]}")
|
||||
fi
|
||||
|
||||
echo "=== CI/CD Health Check — $(date -u '+%Y-%m-%d %H:%M UTC') ==="
|
||||
|
||||
Reference in New Issue
Block a user