fix: remove worst-wins escalation logic #31
+15
-10
@@ -266,9 +266,12 @@ func main() {
|
||||
if err != nil {
|
||||
log.Printf("Warning: could not list existing reviews: %v", err)
|
||||
} else {
|
||||
// Detect shared-token misconfiguration: warn if sibling sentinel exists from same user
|
||||
warnSharedToken(existingReviews, sentinel)
|
||||
|
||||
// Detect shared-token misconfiguration: if detected, skip all
|
||||
|
|
||||
// update logic (PATCH/supersede) to avoid clobbering a sibling's review.
|
||||
aweiker
commented
this should also make it fall into a mode where it only writes new reviews; never updates any review as we don't want to do that logic. What about review state? That might get clobbered too. this should also make it fall into a mode where it only writes new reviews; never updates any review as we don't want to do that logic. What about review state? That might get clobbered too.
|
||||
sharedToken := hasSharedToken(existingReviews, sentinel)
|
||||
if sharedToken {
|
||||
log.Printf("Shared token mode: skipping update-in-place logic to avoid clobbering sibling review")
|
||||
} else {
|
||||
existing := findOwnReview(existingReviews, sentinel)
|
||||
|
||||
if existing != nil {
|
||||
@@ -307,6 +310,7 @@ func main() {
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// POST new review (first run, or state transition fallthrough)
|
||||
log.Printf("Posting review (event=%s)...", event)
|
||||
@@ -490,11 +494,11 @@ func reviewUnchanged(reviews []gitea.Review, newBody, newEvent, sentinel string)
|
||||
return false
|
||||
sonnet-review-bot
commented
[MINOR] hasSharedToken does not filter out stale reviews when detecting shared-token misuse. If a stale sibling review from a prior misconfiguration remains under the same user, this may trigger a false positive and permanently skip update-in-place logic even after the configuration is fixed. Consider ignoring r.Stale in the detection loop. **[MINOR]** hasSharedToken does not filter out stale reviews when detecting shared-token misuse. If a stale sibling review from a prior misconfiguration remains under the same user, this may trigger a false positive and permanently skip update-in-place logic even after the configuration is fixed. Consider ignoring r.Stale in the detection loop.
|
||||
}
|
||||
|
||||
// warnSharedToken logs a warning if another review-bot role posted under the
|
||||
// same Gitea user. This detects misconfiguration where two roles share a token
|
||||
// instead of having separate Gitea accounts. The bot continues normally (posts
|
||||
// its own honest verdict) but warns operators to fix the token setup.
|
||||
func warnSharedToken(reviews []gitea.Review, ownSentinel string) {
|
||||
// hasSharedToken detects if another review-bot role posted under the same
|
||||
// Gitea user. This indicates misconfiguration where two roles share a token
|
||||
// instead of having separate Gitea accounts. Returns true if shared token
|
||||
// detected (caller should skip update-in-place logic to avoid clobbering).
|
||||
func hasSharedToken(reviews []gitea.Review, ownSentinel string) bool {
|
||||
ownLogin := ""
|
||||
for _, r := range reviews {
|
||||
if strings.Contains(r.Body, ownSentinel) {
|
||||
@@ -503,14 +507,15 @@ func warnSharedToken(reviews []gitea.Review, ownSentinel string) {
|
||||
}
|
||||
}
|
||||
if ownLogin == "" {
|
||||
return
|
||||
return false
|
||||
}
|
||||
for _, r := range reviews {
|
||||
if r.User.Login == ownLogin && strings.Contains(r.Body, "<!-- review-bot:") && !strings.Contains(r.Body, ownSentinel) {
|
||||
log.Printf("WARNING: shared token detected — another review-bot role (%s) is using the same Gitea user %q. Each role should have its own token/user for proper multi-reviewer blocking.", extractSentinelName(r.Body), ownLogin)
|
||||
return
|
||||
return true
|
||||
}
|
||||
}
|
||||
return false
|
||||
}
|
||||
|
||||
// extractSentinelName pulls the reviewer name from a sentinel comment.
|
||||
|
||||
@@ -189,48 +189,63 @@ func TestFindOwnReview(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
func TestWarnSharedToken(t *testing.T) {
|
||||
// warnSharedToken should not panic and should handle edge cases gracefully.
|
||||
// It only logs — we verify it doesn't crash.
|
||||
func TestHasSharedToken(t *testing.T) {
|
||||
tests := []struct {
|
||||
name string
|
||||
reviews []gitea.Review
|
||||
sentinel string
|
||||
want bool
|
||||
}{
|
||||
{
|
||||
name: "no reviews",
|
||||
reviews: nil,
|
||||
sentinel: "<!-- review-bot:sonnet -->",
|
||||
want: false,
|
||||
},
|
||||
{
|
||||
name: "no own review yet",
|
||||
name: "no own review yet - cannot detect",
|
||||
reviews: []gitea.Review{
|
||||
{ID: 1, User: struct{ Login string `json:"login"` }{Login: "other"}, Body: "<!-- review-bot:gpt --> body"},
|
||||
},
|
||||
sentinel: "<!-- review-bot:sonnet -->",
|
||||
want: false,
|
||||
},
|
||||
{
|
||||
name: "separate users - no warning",
|
||||
name: "separate users - no shared token",
|
||||
reviews: []gitea.Review{
|
||||
{ID: 1, User: struct{ Login string `json:"login"` }{Login: "sonnet-review-bot"}, Body: "<!-- review-bot:sonnet --> body"},
|
||||
{ID: 2, User: struct{ Login string `json:"login"` }{Login: "security-review-bot"}, Body: "<!-- review-bot:security --> body"},
|
||||
},
|
||||
sentinel: "<!-- review-bot:sonnet -->",
|
||||
want: false,
|
||||
},
|
||||
{
|
||||
name: "shared token detected",
|
||||
name: "shared token detected - same user different sentinels",
|
||||
reviews: []gitea.Review{
|
||||
{ID: 1, User: struct{ Login string `json:"login"` }{Login: "sonnet-review-bot"}, Body: "<!-- review-bot:sonnet --> body"},
|
||||
{ID: 2, User: struct{ Login string `json:"login"` }{Login: "sonnet-review-bot"}, Body: "<!-- review-bot:security --> body"},
|
||||
},
|
||||
sentinel: "<!-- review-bot:sonnet -->",
|
||||
want: true,
|
||||
},
|
||||
{
|
||||
name: "three roles same user",
|
||||
reviews: []gitea.Review{
|
||||
{ID: 1, User: struct{ Login string `json:"login"` }{Login: "bot"}, Body: "<!-- review-bot:sonnet --> body"},
|
||||
{ID: 2, User: struct{ Login string `json:"login"` }{Login: "bot"}, Body: "<!-- review-bot:security --> body"},
|
||||
{ID: 3, User: struct{ Login string `json:"login"` }{Login: "bot"}, Body: "<!-- review-bot:gpt --> body"},
|
||||
},
|
||||
sentinel: "<!-- review-bot:sonnet -->",
|
||||
want: true,
|
||||
},
|
||||
}
|
||||
|
||||
for _, tc := range tests {
|
||||
t.Run(tc.name, func(t *testing.T) {
|
||||
// Should not panic
|
||||
warnSharedToken(tc.reviews, tc.sentinel)
|
||||
got := hasSharedToken(tc.reviews, tc.sentinel)
|
||||
if got != tc.want {
|
||||
t.Errorf("hasSharedToken() = %v, want %v", got, tc.want)
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user
[MINOR] When shared-token mode is detected, the code skips all update-in-place logic but also skips checking reviewUnchanged. This can lead to duplicate identical reviews being posted under the same login and sentinel. Consider still performing a reviewUnchanged check and returning early to avoid re-posting in this misconfiguration scenario.