refactor: simplify process stop flow and harden workspace root checks

zouyonghe · zouyonghe · commit a0edd3246856 · 2026-02-21T00:21:35.000+09:00
diff --git a/scripts/ci/cleanup-dmg.sh b/scripts/ci/cleanup-dmg.sh
@@ -27,17 +27,47 @@ rw_dmg_image_prefix="${ASTRBOT_DESKTOP_MACOS_RW_DMG_IMAGE_PREFIX:-/src-tauri/tar
 rw_dmg_image_suffix_regex="${ASTRBOT_DESKTOP_MACOS_RW_DMG_IMAGE_SUFFIX_REGEX:-/bundle/macos/rw\\..*\\.dmg$}"
 rw_dmg_mountpoint_regex="${ASTRBOT_DESKTOP_MACOS_RW_DMG_MOUNT_REGEX:-^/Volumes/(dmg\\.|rw\\.|dmg-|rw-).*}"
 allow_global_helper_cleanup="${ASTRBOT_DESKTOP_MACOS_ALLOW_GLOBAL_HELPER_KILL:-0}"
+strict_workspace_root="${ASTRBOT_DESKTOP_MACOS_STRICT_WORKSPACE_ROOT:-}"
+
+if [ -z "${strict_workspace_root}" ]; then
+  if [ -n "${GITHUB_ACTIONS:-}" ]; then
+    strict_workspace_root="0"
+  else
+    strict_workspace_root="1"
+  fi
+else
+  case "${strict_workspace_root}" in
+    1|true|TRUE|yes|YES) strict_workspace_root="1" ;;
+    0|false|FALSE|no|NO) strict_workspace_root="0" ;;
+    *)
+      echo "WARN: invalid ASTRBOT_DESKTOP_MACOS_STRICT_WORKSPACE_ROOT=${strict_workspace_root}; fallback to strict mode." >&2
+      strict_workspace_root="1"
+      ;;
+  esac
+fi
+
+fail_or_skip_workspace_root() {
+  local message="$1"
+  if [ "${strict_workspace_root}" = "1" ]; then
+    echo "ERROR: ${message}" >&2
+    return 1
+  fi
+  echo "WARN: ${message}; skip DMG cleanup." >&2
+  return 0
+}
+
 if [ -n "${ASTRBOT_DESKTOP_MACOS_WORKSPACE_ROOT:-}" ]; then
   workspace_root="${ASTRBOT_DESKTOP_MACOS_WORKSPACE_ROOT}"
 elif [ -n "${GITHUB_WORKSPACE:-}" ]; then
   workspace_root="${GITHUB_WORKSPACE}"
 else
-  echo "WARN: ASTRBOT_DESKTOP_MACOS_WORKSPACE_ROOT is required outside GitHub Actions; skip DMG cleanup." >&2
+  fail_or_skip_workspace_root \
+    "ASTRBOT_DESKTOP_MACOS_WORKSPACE_ROOT is required outside GitHub Actions" || exit 1
   exit 0
 fi
 workspace_root="${workspace_root%/}"
 if [ -z "${workspace_root}" ] || [ ! -d "${workspace_root}" ]; then
-  echo "WARN: workspace root is invalid (${workspace_root}); skip DMG cleanup." >&2
+  fail_or_skip_workspace_root "workspace root is invalid (${workspace_root})" || exit 1
   exit 0
 fi
 
diff --git a/src-tauri/src/main.rs b/src-tauri/src/main.rs
@@ -2417,78 +2417,62 @@ fn log_status(label: &str, pid: u32, status: &io::Result<ExitStatus>) {
     }
 }
 
-struct StopCommandConfig<'a> {
-    max_followup: Duration,
-    label_graceful: &'a str,
-    label_force: &'a str,
-    subject: &'a str,
-}
-
-fn stop_child_process_impl(
-    child: &mut Child,
-    timeout: Duration,
-    graceful_cmd: impl FnOnce(&str) -> Command,
-    force_cmd: impl FnOnce(&str) -> Command,
-    config: StopCommandConfig<'_>,
-) -> bool {
+/// Attempt to stop a child process gracefully within `timeout`.
+///
+/// On the force-kill path, a follow-up wait is derived from `timeout` (`timeout / 4`)
+/// and capped per-platform:
+/// - Windows: up to 2200ms.
+/// - Non-Windows: up to 1500ms.
+#[cfg(target_os = "windows")]
+fn stop_child_process_gracefully(child: &mut Child, timeout: Duration) -> bool {
     let pid = child.id();
     let pid_arg = pid.to_string();
 
-    let graceful_status = graceful_cmd(pid_arg.as_str()).status();
-    log_status(config.label_graceful, pid, &graceful_status);
+    let graceful_status = build_stop_command("taskkill", &["/pid", &pid_arg, "/t"]).status();
+    log_status("taskkill graceful stop", pid, &graceful_status);
 
     if wait_for_child_exit(child, timeout) {
         return true;
     }
 
-    let force_status = force_cmd(pid_arg.as_str()).status();
-    log_status(config.label_force, pid, &force_status);
+    let force_status = build_stop_command("taskkill", &["/pid", &pid_arg, "/t", "/f"]).status();
+    log_status("taskkill force stop", pid, &force_status);
 
-    let followup_wait = derive_force_stop_wait(timeout, config.max_followup);
+    let followup_wait = derive_force_stop_wait(
+        timeout,
+        Duration::from_millis(FORCE_STOP_WAIT_MAX_WINDOWS_MS),
+    );
     append_desktop_log(&format!(
-        "{} graceful stop timed out, force-kill issued: pid={pid}, graceful={graceful_status:?}, force={force_status:?}, followup_wait_ms={}",
-        config.subject,
+        "child graceful stop timed out, force-kill issued: pid={pid}, graceful={graceful_status:?}, force={force_status:?}, followup_wait_ms={}",
         followup_wait.as_millis(),
     ));
     wait_for_child_exit(child, followup_wait)
 }
 
-/// Attempt to stop a child process gracefully within `timeout`.
-///
-/// On the force-kill path, a follow-up wait is derived from `timeout` (`timeout / 4`)
-/// and capped per-platform:
-/// - Windows: up to 2200ms.
-/// - Non-Windows: up to 1500ms.
-#[cfg(target_os = "windows")]
-fn stop_child_process_gracefully(child: &mut Child, timeout: Duration) -> bool {
-    stop_child_process_impl(
-        child,
-        timeout,
-        |pid_arg| build_stop_command("taskkill", &["/pid", pid_arg, "/t"]),
-        |pid_arg| build_stop_command("taskkill", &["/pid", pid_arg, "/t", "/f"]),
-        StopCommandConfig {
-            max_followup: Duration::from_millis(FORCE_STOP_WAIT_MAX_WINDOWS_MS),
-            label_graceful: "taskkill graceful stop",
-            label_force: "taskkill force stop",
-            subject: "child",
-        },
-    )
-}
-
 #[cfg(not(target_os = "windows"))]
 fn stop_child_process_gracefully(child: &mut Child, timeout: Duration) -> bool {
-    stop_child_process_impl(
-        child,
+    let pid = child.id();
+    let pid_arg = pid.to_string();
+
+    let graceful_status = build_stop_command("kill", &["-TERM", &pid_arg]).status();
+    log_status("kill -TERM", pid, &graceful_status);
+
+    if wait_for_child_exit(child, timeout) {
+        return true;
+    }
+
+    let force_status = build_stop_command("kill", &["-KILL", &pid_arg]).status();
+    log_status("kill -KILL", pid, &force_status);
+
+    let followup_wait = derive_force_stop_wait(
         timeout,
-        |pid_arg| build_stop_command("kill", &["-TERM", pid_arg]),
-        |pid_arg| build_stop_command("kill", &["-KILL", pid_arg]),
-        StopCommandConfig {
-            max_followup: Duration::from_millis(FORCE_STOP_WAIT_MAX_NON_WINDOWS_MS),
-            label_graceful: "kill -TERM",
-            label_force: "kill -KILL",
-            subject: "child",
-        },
-    )
+        Duration::from_millis(FORCE_STOP_WAIT_MAX_NON_WINDOWS_MS),
+    );
+    append_desktop_log(&format!(
+        "child graceful stop timed out, force-kill issued: pid={pid}, graceful={graceful_status:?}, force={force_status:?}, followup_wait_ms={}",
+        followup_wait.as_millis(),
+    ));
+    wait_for_child_exit(child, followup_wait)
 }
 
 fn build_debug_command(plan: &LaunchPlan) -> Vec<String> {
