rules/.github/workflows/validate-rules.yml at main · project-codeguard/rules · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
---
name: Validate Rules

permissions:
  contents: read

on:
  pull_request:
    paths:
      - 'sources/**'
      - 'src/**'
      - 'pyproject.toml'
  push:
    branches:
      - main
      - develop
    paths:
      - 'sources/**'
      - 'src/**'
      - 'pyproject.toml'
  workflow_dispatch:

jobs:
  validate:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout repository
        uses: actions/checkout@v4

      - name: Install uv
        uses: astral-sh/setup-uv@v4
        with:
          enable-cache: true

      - name: Set up Python
        uses: actions/setup-python@v5
        with:
          python-version: '3.11'

      - name: Install dependencies
        run: uv sync

      - name: Validate unified rules
        run: uv run python src/validate_unified_rules.py sources/

      - name: Check required core rule files exist
        run: |
          echo "Checking for required core rule files..."
          required_files=(
            "sources/core/codeguard-1-hardcoded-credentials.md"
            "sources/core/codeguard-1-crypto-algorithms.md"
            "sources/core/codeguard-1-digital-certificates.md"
            "sources/core/codeguard-SKILLS.md.template"
          )

          missing=0
          for file in "${required_files[@]}"; do
            if [ ! -f "$file" ]; then
              echo "❌ Missing required file: $file"
              missing=1
            else
              echo "✅ Found: $file"
            fi
          done

          if [ $missing -eq 1 ]; then
            exit 1
          fi

      - name: Test conversion to IDE formats
        run: |
          echo "Testing IDE format conversion..."
          uv run python src/convert_to_ide_formats.py --output-dir test-output

          # Check that files were generated
          if [ ! -d "test-output/.cursor" ]; then
            echo "❌ Cursor rules not generated"
            exit 1
          fi

          if [ ! -d "test-output/.windsurf" ]; then
            echo "❌ Windsurf rules not generated"
            exit 1
          fi

          if [ ! -d "test-output/.github" ]; then
            echo "❌ Copilot instructions not generated"
            exit 1
          fi

          if [ ! -d "test-output/.agent" ]; then
            echo "❌ Antigravity rules not generated"
            exit 1
          fi

          echo "✅ All IDE formats generated successfully"

      - name: Check skills/ directory is up-to-date
        run: |
          echo "Checking if committed skills/ directory is up-to-date..."

          # Save current skills
          mv skills skills-committed

          # Regenerate skills (core rules only, matching default)
          uv run python src/convert_to_ide_formats.py

          # Compare
          if ! diff -r skills/ skills-committed/ > /dev/null 2>&1; then
            echo "❌ The skills/ directory is out of date!"
            echo "Please regenerate by running: python src/convert_to_ide_formats.py"
            echo "Then: git add skills/"
            mv skills-committed skills
            exit 1
          fi

          # Restore original
          rm -rf skills
          mv skills-committed skills
          echo "✅ Committed skills/ directory is up-to-date"

      - name: Summary
        if: success()
        run: |
          echo "✅ All validation checks passed!"
          echo ""
          echo "Rule validation: ✅"
          echo "Required files: ✅"
          echo "IDE conversion: ✅"
          echo "Skills directory: ✅"