Skip to content

Commit e66b556

Browse files
authored
ci: guard sdk-go consumer boundaries (#22)
* ci: guard sdk-go consumer boundaries * chore: strip Co-authored-by trailers in lefthook hooks
1 parent a6fea16 commit e66b556

5 files changed

Lines changed: 50 additions & 2 deletions

File tree

.github/workflows/ci.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -58,6 +58,8 @@ jobs:
5858
fi
5959
- name: go vet
6060
run: go vet ./...
61+
- name: consumer boundary guard
62+
run: bash ./scripts/check-consumer-boundaries.sh
6163

6264
# -------------------------------------------------------------------------
6365
# Lint — golangci-lint covers most static checks.

Makefile

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ GOVULNCHECK := $(GOBIN_DIR)/govulncheck
2727
# ---------------------------------------------------------------------------
2828
# Phony declarations (alphabetical).
2929
# ---------------------------------------------------------------------------
30-
.PHONY: all bench build ci clean cover fmt help lint lint-fix \
30+
.PHONY: all bench boundary-guard build ci clean cover fmt help lint lint-fix \
3131
security test test-10x test-race tidy version vet
3232

3333
# ---------------------------------------------------------------------------
@@ -74,6 +74,9 @@ fmt: ## Format source files (gofumpt + goimports).
7474
vet: ## Run go vet.
7575
go vet ./...
7676

77+
boundary-guard: ## Fail if the SDK imports support engines or Hawk private packages.
78+
bash ./scripts/check-consumer-boundaries.sh
79+
7780
lint: ## Run golangci-lint.
7881
@command -v $(GOLANGCI) >/dev/null 2>&1 || (echo "install: go install github.com/golangci/golangci-lint/v2/cmd/golangci-lint@latest" && exit 1)
7982
$(GOLANGCI) run ./... --timeout=5m
@@ -93,7 +96,7 @@ tidy: ## Tidy go.mod / go.sum.
9396
# ---------------------------------------------------------------------------
9497
# Composite gate used by CI and pre-push.
9598
# ---------------------------------------------------------------------------
96-
ci: tidy fmt vet lint test-race security ## Run everything CI runs.
99+
ci: tidy fmt vet boundary-guard lint test-race security ## Run everything CI runs.
97100
@echo "All CI checks passed."
98101

99102
# ---------------------------------------------------------------------------

README.md

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -50,6 +50,13 @@ fmt.Println(resp.Response)
5050

5151
See the [examples/](examples/) directory for complete runnable examples.
5252

53+
## Ecosystem Boundaries
54+
55+
- `hawk-sdk-go` is a consumer of Hawk public APIs and contracts.
56+
- Do not import support engine repos such as `eyrie`, `yaad`, `tok`, `trace`, `sight`, or `inspect`.
57+
- Do not import `hawk/internal/*` or removed legacy path `hawk/shared/types`.
58+
- Cross-repo shared vocabulary should come from Hawk public surfaces or `hawk-core-contracts`, not engine internals.
59+
5360
## API Reference
5461

5562
### Client Methods

lefthook.yml

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -110,3 +110,18 @@ commit-msg:
110110
echo " full guide: https://www.conventionalcommits.org/"
111111
exit 1
112112
fi
113+
114+
strip-co-authored-by:
115+
run: |
116+
# Strip Co-authored-by: trailers that AI tools (Claude, Cursor, etc.) add.
117+
# This enforces the rule that commits list only the human author.
118+
sed '/^[Cc]o-[Aa]uthored-[Bb]y:/d' "{1}" > "{1}.tmp" && mv "{1}.tmp" "{1}"
119+
120+
# ---------------------------------------------------------------------------
121+
# prepare-commit-msg — strip AI co-author trailers after tools inject them.
122+
# ---------------------------------------------------------------------------
123+
prepare-commit-msg:
124+
commands:
125+
strip-co-authored-by:
126+
run: |
127+
sed '/^[Cc]o-[Aa]uthored-[Bb]y:/d' "{1}" > "{1}.tmp" && mv "{1}.tmp" "{1}"
Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
#!/usr/bin/env bash
2+
set -euo pipefail
3+
4+
ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
5+
cd "$ROOT_DIR"
6+
7+
violations="$(
8+
grep -RInE --include='*.go' \
9+
'github\.com/GrayCodeAI/(eyrie|inspect|sight|tok|trace|yaad)(/|")|github\.com/GrayCodeAI/hawk/(internal/|shared/types)' \
10+
. || true
11+
)"
12+
13+
if [[ -n "${violations}" ]]; then
14+
echo "forbidden Hawk consumer imports found:"
15+
echo "${violations}"
16+
echo
17+
echo "hawk-sdk-go must depend on Hawk public APIs/contracts only; do not import support engines, hawk/internal, or removed hawk/shared/types"
18+
exit 1
19+
fi
20+
21+
echo "consumer boundary guard passed"

0 commit comments

Comments
 (0)