autonomic-bot
2cede01ed7
Mechanical, semantics-preserving cleanup so the codebase passes the new lint stage:
- ruff format: all 32 Python files (wraps long signatures, normalizes quotes/blank lines).
- nixpkgs-fmt: modules/drone-runner.nix.
- shfmt (-i 2 -ci): scripts/*.sh.
Lint fixes (reviewed, behavior-preserving — no test weakened):
- ruff SIM105: try/except-pass -> contextlib.suppress (abra.py app_config rm; lifecycle.py janitor).
- ruff SIM115: open().read() -> with open() (run_recipe_ci.py redaction-values + gitea-token).
- statix: merge repeated sops `secrets.*` keys into one `secrets = { ... }` (comments kept);
empty fn pattern `{ ... }:` -> `_:` (packages.nix).
- deadnix: drop unused lambda args (flake `self`; configuration.nix `lib`; overlay `final` -> `_`).
Verified on cc-ci: `scripts/lint.sh` -> lint: PASS; nixosConfigurations.cc-ci evaluates;
all Python byte-compiles. The deployed bridge/dashboard/runner source changes hash (reformat),
so cc-ci will be rebuilt to the new closure in W2 before the cold D1-D10 re-verification.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
95 lines
2.3 KiB
Bash
Executable File
95 lines
2.3 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
# cc-ci lint/format entrypoint (Phase 1b, RL1).
|
|
#
|
|
# scripts/lint.sh # check-only (CI mode): non-zero exit if anything is unclean
|
|
# scripts/lint.sh --fix # auto-format + apply auto-fixable lints in place
|
|
#
|
|
# Tools come from the `lint` devshell (`nix develop .#lint`); the `.drone.yml` lint stage runs
|
|
# this exact script. Covers: Nix (nixpkgs-fmt/statix/deadnix), Python (ruff), Shell
|
|
# (shfmt/shellcheck), YAML (yamllint). Run from the repo root.
|
|
set -uo pipefail
|
|
|
|
cd "$(dirname "$0")/.." || exit 1
|
|
|
|
FIX=0
|
|
[ "${1:-}" = "--fix" ] && FIX=1
|
|
|
|
# shfmt style: 2-space indent, indent switch cases (matches the existing scripts).
|
|
SHFMT_FLAGS=(-i 2 -ci)
|
|
|
|
fail=0
|
|
section() { printf '\n=== %s ===\n' "$1"; }
|
|
note() { printf ' %s\n' "$1"; }
|
|
|
|
# Nix files (exclude the `secrets/` submodule).
|
|
mapfile -t NIX_FILES < <(find . -name '*.nix' -not -path './.git/*' -not -path './secrets/*' | sort)
|
|
# Shell scripts.
|
|
mapfile -t SH_FILES < <(find . -name '*.sh' -not -path './.git/*' -not -path './secrets/*' | sort)
|
|
|
|
section "Nix — nixpkgs-fmt"
|
|
if [ "$FIX" = 1 ]; then
|
|
nixpkgs-fmt "${NIX_FILES[@]}" || fail=1
|
|
else
|
|
nixpkgs-fmt --check "${NIX_FILES[@]}" || {
|
|
note "run: scripts/lint.sh --fix"
|
|
fail=1
|
|
}
|
|
fi
|
|
|
|
section "Nix — statix"
|
|
if [ "$FIX" = 1 ]; then
|
|
statix fix . || fail=1
|
|
else
|
|
statix check . || fail=1
|
|
fi
|
|
|
|
section "Nix — deadnix"
|
|
if [ "$FIX" = 1 ]; then
|
|
deadnix --edit "${NIX_FILES[@]}" || fail=1
|
|
else
|
|
deadnix --fail "${NIX_FILES[@]}" || fail=1
|
|
fi
|
|
|
|
section "Python — ruff format"
|
|
if [ "$FIX" = 1 ]; then
|
|
ruff format . || fail=1
|
|
else
|
|
ruff format --check . || {
|
|
note "run: scripts/lint.sh --fix"
|
|
fail=1
|
|
}
|
|
fi
|
|
|
|
section "Python — ruff check"
|
|
if [ "$FIX" = 1 ]; then
|
|
ruff check --fix . || fail=1
|
|
else
|
|
ruff check . || fail=1
|
|
fi
|
|
|
|
if [ "${#SH_FILES[@]}" -gt 0 ]; then
|
|
section "Shell — shfmt"
|
|
if [ "$FIX" = 1 ]; then
|
|
shfmt "${SHFMT_FLAGS[@]}" -w "${SH_FILES[@]}" || fail=1
|
|
else
|
|
shfmt "${SHFMT_FLAGS[@]}" -d "${SH_FILES[@]}" || {
|
|
note "run: scripts/lint.sh --fix"
|
|
fail=1
|
|
}
|
|
fi
|
|
|
|
section "Shell — shellcheck"
|
|
shellcheck "${SH_FILES[@]}" || fail=1
|
|
fi
|
|
|
|
section "YAML — yamllint"
|
|
yamllint -c .yamllint.yaml .drone.yml || fail=1
|
|
|
|
echo
|
|
if [ "$fail" = 0 ]; then
|
|
echo "lint: PASS"
|
|
else
|
|
echo "lint: FAIL"
|
|
fi
|
|
exit "$fail"
|