Skip to content

Commit dd37c5e

Browse files
PDowneyPDowney
authored
Tests
1 parent c279953 commit dd37c5e

File tree

2 files changed

+82
-120
lines changed

2 files changed

+82
-120
lines changed

β€Ž.github/workflows/gemini-security-scan.ymlβ€Ž

Lines changed: 39 additions & 58 deletions
Original file line numberDiff line numberDiff line change
@@ -18,8 +18,6 @@ concurrency:
1818

1919
permissions:
2020
contents: read
21-
issues: write
22-
pull-requests: write
2321
actions: read
2422

2523
jobs:
@@ -90,13 +88,42 @@ jobs:
9088
$CHANGED_FILES
9189
" > security-analysis.txt
9290
93-
- name: Post Security Analysis Summary
91+
- name: Display Security Analysis Summary
92+
if: steps.changed-files.outputs.any_changed == 'true'
93+
run: |
94+
echo "=================================="
95+
echo "πŸ”’ SECURITY ANALYSIS REPORT"
96+
echo "=================================="
97+
echo "Repository: ${{ github.repository }}"
98+
echo "Commit: ${{ github.sha }}"
99+
echo "Branch: ${{ github.ref }}"
100+
echo "Files Analyzed: ${{ steps.changed-files.outputs.all_changed_files }}"
101+
echo "Analysis Date: $(date -u +"%Y-%m-%dT%H:%M:%SZ")"
102+
echo ""
103+
echo "πŸ€– AI Security Expert Findings:"
104+
echo "=================================="
105+
106+
if [ -f "security-analysis.txt" ]; then
107+
cat security-analysis.txt
108+
else
109+
echo "⚠️ No analysis output found."
110+
fi
111+
112+
echo ""
113+
echo "=================================="
114+
echo "πŸ“‹ Next Steps:"
115+
echo "- Review any security issues identified above"
116+
echo "- Address critical and high-severity findings immediately"
117+
echo "- Test all security-related changes thoroughly"
118+
echo "- Consider implementing additional security measures if recommended"
119+
echo "=================================="
120+
121+
- name: Create Workflow Summary
94122
if: steps.changed-files.outputs.any_changed == 'true'
95123
uses: actions/github-script@v7
96124
env:
97125
CHANGED_FILES: ${{ steps.changed-files.outputs.all_changed_files }}
98126
with:
99-
github-token: ${{ secrets.GITHUB_TOKEN }}
100127
script: |
101128
const fs = require('fs');
102129
const changedFiles = process.env.CHANGED_FILES;
@@ -111,8 +138,7 @@ jobs:
111138
analysisContent = 'Error reading security analysis results.';
112139
}
113140
114-
const title = `πŸ”’ Security Analysis Report - ${context.sha.substring(0, 7)}`;
115-
const body = `
141+
const summaryContent = `
116142
## πŸ›‘οΈ WordPress Security Analysis Results
117143
118144
**Repository:** ${context.repo.owner}/${context.repo.repo}
@@ -138,56 +164,11 @@ jobs:
138164
**Workflow Run:** ${context.payload.repository.html_url}/actions/runs/${context.runId}
139165
`;
140166
141-
// Create issue for security analysis
142-
try {
143-
await github.rest.issues.create({
144-
owner: context.repo.owner,
145-
repo: context.repo.repo,
146-
title: title,
147-
body: body,
148-
labels: ['security-analysis', 'ai-generated', 'needs-review']
149-
});
150-
console.log('βœ… Security analysis issue created successfully');
151-
} catch (error) {
152-
console.log('⚠️ Could not create issue, writing to workflow summary instead');
153-
await core.summary
154-
.addHeading('πŸ”’ Security Analysis Report')
155-
.addRaw(body)
156-
.write();
157-
}
158-
159-
- name: Create Security Issue on Critical Findings
160-
if: failure()
161-
uses: actions/github-script@v7
162-
with:
163-
script: |
164-
const title = `🚨 Critical Security Vulnerabilities Detected - ${context.sha.substring(0, 7)}`;
165-
const body = `
166-
## Security Scan Results
167-
168-
Critical security vulnerabilities have been detected in recent changes.
169-
170-
**Commit:** ${context.sha}
171-
**Branch:** ${context.ref}
172-
**Triggered by:** ${context.eventName}
173-
174-
Please review the workflow logs for detailed findings and remediation steps.
175-
176-
**Workflow Run:** ${context.payload.repository.html_url}/actions/runs/${context.runId}
177-
178-
## Immediate Actions Required:
179-
1. Review the security findings in the workflow logs
180-
2. Fix all critical and high-severity issues
181-
3. Test fixes thoroughly
182-
4. Re-run security scan to verify fixes
183-
184-
**⚠️ Do not merge this PR until all security issues are resolved.**
185-
`;
167+
await core.summary
168+
.addHeading('πŸ”’ Security Analysis Report')
169+
.addRaw(summaryContent)
170+
.write();
186171
187-
await github.rest.issues.create({
188-
owner: context.repo.owner,
189-
repo: context.repo.repo,
190-
title: title,
191-
body: body,
192-
labels: ['security', 'bug', 'critical']
193-
});
172+
console.log('βœ… Security analysis summary created in workflow logs');
173+
174+

β€Ž.github/workflows/wordpress-standards-check.ymlβ€Ž

Lines changed: 43 additions & 62 deletions
Original file line numberDiff line numberDiff line change
@@ -17,8 +17,6 @@ concurrency:
1717

1818
permissions:
1919
contents: read
20-
issues: write
21-
pull-requests: write
2220
actions: read
2321

2422
jobs:
@@ -114,14 +112,47 @@ jobs:
114112
$CHANGED_FILES
115113
" > standards-analysis.txt
116114
117-
- name: Post Standards Analysis Summary
115+
- name: Display Standards Analysis Summary
116+
if: steps.changed-files.outputs.any_changed == 'true'
117+
run: |
118+
echo "=================================="
119+
echo "πŸ“‹ WORDPRESS STANDARDS REVIEW"
120+
echo "=================================="
121+
echo "Repository: ${{ github.repository }}"
122+
echo "Commit: ${{ github.sha }}"
123+
echo "Branch: ${{ github.ref }}"
124+
echo "Files Analyzed: ${{ steps.changed-files.outputs.all_changed_files_count }}"
125+
echo "Analysis Date: $(date -u +"%Y-%m-%dT%H:%M:%SZ")"
126+
echo ""
127+
echo "πŸ“ Files Reviewed:"
128+
echo "${{ steps.changed-files.outputs.all_changed_files }}"
129+
echo ""
130+
echo "πŸ€– WordPress Expert Findings:"
131+
echo "=================================="
132+
133+
if [ -f "standards-analysis.txt" ]; then
134+
cat standards-analysis.txt
135+
else
136+
echo "⚠️ No analysis output found."
137+
fi
138+
139+
echo ""
140+
echo "=================================="
141+
echo "πŸ“‹ Recommended Actions:"
142+
echo "- Review all findings marked as CRITICAL or HIGH priority"
143+
echo "- Implement suggested WordPress coding standards improvements"
144+
echo "- Test changes to ensure compatibility with WordPress 6.5+ and PHP 7.4+"
145+
echo "- Consider performance optimizations where recommended"
146+
echo "- Update documentation if architectural changes are suggested"
147+
echo "=================================="
148+
149+
- name: Create Workflow Summary
118150
if: steps.changed-files.outputs.any_changed == 'true'
119151
uses: actions/github-script@v7
120152
env:
121153
CHANGED_FILES: ${{ steps.changed-files.outputs.all_changed_files }}
122154
FILES_COUNT: ${{ steps.changed-files.outputs.all_changed_files_count }}
123155
with:
124-
github-token: ${{ secrets.GITHUB_TOKEN }}
125156
script: |
126157
const fs = require('fs');
127158
const changedFiles = process.env.CHANGED_FILES;
@@ -137,8 +168,7 @@ jobs:
137168
analysisContent = 'Error reading standards analysis results.';
138169
}
139170
140-
const title = `πŸ“‹ WordPress Standards Review - ${context.sha.substring(0, 7)}`;
141-
const body = `
171+
const summaryContent = `
142172
## 🎯 WordPress Best Practices Analysis Results
143173
144174
**Repository:** ${context.repo.owner}/${context.repo.repo}
@@ -170,60 +200,11 @@ jobs:
170200
**Workflow Run:** ${context.payload.repository.html_url}/actions/runs/${context.runId}
171201
`;
172202
173-
// Create issue for standards review
174-
try {
175-
await github.rest.issues.create({
176-
owner: context.repo.owner,
177-
repo: context.repo.repo,
178-
title: title,
179-
body: body,
180-
labels: ['code-standards', 'wordpress', 'ai-generated', 'needs-review']
181-
});
182-
console.log('βœ… Standards analysis issue created successfully');
183-
} catch (error) {
184-
console.log('⚠️ Could not create issue, writing to workflow summary instead');
185-
await core.summary
186-
.addHeading('πŸ“‹ WordPress Standards Review')
187-
.addRaw(body)
188-
.write();
189-
}
190-
191-
- name: Comment on PR with Findings
192-
if: github.event_name == 'pull_request'
193-
uses: actions/github-script@v7
194-
env:
195-
FILES_COUNT: ${{ steps.changed-files.outputs.all_changed_files_count }}
196-
with:
197-
script: |
198-
const fs = require('fs');
199-
const filesCount = process.env.FILES_COUNT;
200-
201-
// This would be the output from Gemini CLI
202-
const comment = `
203-
## 🎯 WordPress Best Practices Review
204-
205-
Thank you for your contribution! I've analyzed your code changes for WordPress best practices and coding standards.
206-
207-
### πŸ“Š Analysis Summary
208-
- **Files Analyzed:** ${filesCount}
209-
- **WordPress Version:** 6.5+ compatible
210-
- **PHP Version:** 7.4+ compatible
211-
212-
### πŸ” Key Areas Reviewed
213-
βœ… WordPress Coding Standards
214-
βœ… Plugin Architecture
215-
βœ… Security Best Practices
216-
βœ… Performance Considerations
217-
βœ… Internationalization
203+
await core.summary
204+
.addHeading('πŸ“‹ WordPress Standards Review')
205+
.addRaw(summaryContent)
206+
.write();
218207
219-
> **Note:** This is an AI-powered analysis. Please review suggestions carefully and validate against the [WordPress Plugin Developer Handbook](https://developer.wordpress.org/plugins/).
220-
221-
**Workflow Run:** ${context.payload.repository.html_url}/actions/runs/${context.runId}
222-
`;
223-
224-
await github.rest.issues.createComment({
225-
issue_number: context.issue.number,
226-
owner: context.repo.owner,
227-
repo: context.repo.repo,
228-
body: comment
229-
});
208+
console.log('βœ… Standards analysis summary created in workflow logs');
209+
210+

0 commit comments

Comments
Β (0)