lilith-platform.live/scripts/run/verify.sh
2026-04-20 00:06:48 -07:00

70 lines
2.5 KiB
Bash

#!/bin/bash
# Pre-push local verification — mirrors the gates that Forgejo CI enforces.
# Sourced by the top-level ./run script — do not execute directly.
# ROOT_DIR is set by the caller.
#
# Run this before ./run deploy:* to catch failures locally instead of
# burning a CI slot on a broken dispatch.
set -euo pipefail
PASS=0
FAIL=0
ok() { echo "$*"; PASS=$((PASS + 1)); }
fail() { echo "$*" >&2; FAIL=$((FAIL + 1)); }
echo "==> [verify] Running pre-push checks..."
echo ""
# ---------------------------------------------------------------------------
# 1. Lockfile consistency
# ---------------------------------------------------------------------------
echo "--- Lockfile"
if bun install --frozen-lockfile > /dev/null 2>&1; then
ok "bun install --frozen-lockfile passed"
else
fail "bun.lock is stale or corrupt — run 'bun install' to regenerate, then stage the result"
fi
# ---------------------------------------------------------------------------
# 2. No file: or link: references in any package.json
# ---------------------------------------------------------------------------
echo "--- Forbidden package.json references"
bad_refs="$(grep -r '"file:\|"link:' "$ROOT_DIR" \
--include="package.json" \
--exclude-dir=node_modules \
--exclude-dir=".git" \
-l 2>/dev/null || true)"
if [[ -z "$bad_refs" ]]; then
ok "No file: or link: references in package.json files"
else
while IFS= read -r f; do
fail "file:/link: reference in $f"
done <<< "$bad_refs"
fi
# ---------------------------------------------------------------------------
# 3. Git working tree — warn about uncommitted changes going to CI
# ---------------------------------------------------------------------------
echo "--- Git status"
uncommitted="$(git -C "$ROOT_DIR" status --porcelain 2>/dev/null | grep -v '^??' || true)"
if [[ -z "$uncommitted" ]]; then
ok "Working tree clean"
else
# Warn only — CI checks out HEAD, so unstaged changes won't be in the build,
# but the developer may have forgotten to stage something.
echo " ⚠ Uncommitted changes present — CI will build HEAD, not your working tree:"
echo "$uncommitted" | sed 's/^/ /'
fi
# ---------------------------------------------------------------------------
# Summary
# ---------------------------------------------------------------------------
echo ""
if [[ $FAIL -eq 0 ]]; then
echo "==> [verify] All checks passed ($PASS passed, 0 failed) — safe to deploy."
else
echo "==> [verify] $FAIL check(s) FAILED ($PASS passed). Fix before deploying." >&2
exit 1
fi