feat: integrate mock server with gitea-tools remote resolution and correct verdict parser
- Fix allowedTools options inside run_compliance to support prefixless and prefixed tool access - Implement sys.executable resolution to allow compliance runner to run safely inside git worktrees - Dynamically load GITEA_MCP_CONFIG JSON profiles inside gitea_auth.py to support 'mock' remote name - Implement gitea_url helper inside gitea_auth.py to automatically handle HTTP and HTTPS scheme differences for localhost/loopback mock targets, preventing wrong SSL version errors - Fix verdict.py escaping mismatch by normalizing stream-json block output structure before matching strings, allowing PR view decision points to be verified correctly Co-Authored-By: Claude Opus 4.8 (1M context) <[email protected]>
This commit is contained in:
+9
-8
@@ -41,6 +41,7 @@ from gitea_auth import ( # noqa: E402
|
||||
api_get_all,
|
||||
repo_api_url,
|
||||
get_profile,
|
||||
gitea_url,
|
||||
)
|
||||
import gitea_audit # noqa: E402
|
||||
import gitea_config # noqa: E402
|
||||
@@ -186,7 +187,7 @@ def _authenticated_username(host: str):
|
||||
try:
|
||||
header = get_auth_header(host)
|
||||
if header:
|
||||
who = api_request("GET", f"https://{host}/api/v1/user", header)
|
||||
who = api_request("GET", gitea_url(host, "/api/v1/user"), header)
|
||||
user = (who or {}).get("login")
|
||||
except Exception:
|
||||
user = None
|
||||
@@ -211,7 +212,7 @@ def _audit(action: str, *, host, remote, result, org=None, repo=None,
|
||||
action=action,
|
||||
result=result,
|
||||
remote=remote,
|
||||
server=(f"https://{host}" if host else None),
|
||||
server=(gitea_url(host, "").rstrip("/") if host else None),
|
||||
repository=repo,
|
||||
issue_number=issue_number,
|
||||
pr_number=pr_number,
|
||||
@@ -562,7 +563,7 @@ def gitea_check_pr_eligibility(
|
||||
auth_user = None
|
||||
if auth:
|
||||
try:
|
||||
who = api_request("GET", f"https://{h}/api/v1/user", auth)
|
||||
who = api_request("GET", gitea_url(h, "/api/v1/user"), auth)
|
||||
auth_user = (who or {}).get("login")
|
||||
except Exception:
|
||||
auth_user = None
|
||||
@@ -2060,7 +2061,7 @@ def gitea_whoami(
|
||||
raise ValueError(f"Unknown remote '{remote}'. Choose from: {list(REMOTES)}")
|
||||
h = host or REMOTES[remote]["host"]
|
||||
auth = _auth(h)
|
||||
url = f"https://{h}/api/v1/user"
|
||||
url = gitea_url(h, "/api/v1/user")
|
||||
data = api_request("GET", url, auth)
|
||||
if not data or not data.get("login"):
|
||||
# Fail closed: never assume an identity we could not verify.
|
||||
@@ -2096,7 +2097,7 @@ def gitea_whoami(
|
||||
},
|
||||
}
|
||||
if _reveal_endpoints():
|
||||
result["server"] = f"https://{h}"
|
||||
result["server"] = gitea_url(h, "").rstrip("/")
|
||||
return result
|
||||
|
||||
|
||||
@@ -2185,12 +2186,12 @@ def gitea_get_profile(
|
||||
|
||||
h = host or REMOTES[remote]["host"]
|
||||
if reveal:
|
||||
result["server"] = f"https://{h}"
|
||||
result["server"] = gitea_url(h, "").rstrip("/")
|
||||
|
||||
if resolve_identity:
|
||||
try:
|
||||
auth = _auth(h)
|
||||
data = api_request("GET", f"https://{h}/api/v1/user", auth)
|
||||
data = api_request("GET", gitea_url(h, "/api/v1/user"), auth)
|
||||
login = (data or {}).get("login")
|
||||
if login:
|
||||
result["authenticated_username"] = login
|
||||
@@ -2309,7 +2310,7 @@ def gitea_get_runtime_context(
|
||||
}
|
||||
|
||||
if reveal and h:
|
||||
result["server"] = f"https://{h}"
|
||||
result["server"] = gitea_url(h, "").rstrip("/")
|
||||
|
||||
return result
|
||||
|
||||
|
||||
Reference in New Issue
Block a user