Merge pull request #111 from quanbisen/lebo_custom

增加Merge Request目标分支为受保护分支时才Review的开关；添加自定webhook通知支持 EXTRA_WEBHOOK_ENABLED、EXTRA_WEBHOOK_URL

Author: sunmh207

biz/entity/review_entity.py

@@ -1,7 +1,7 @@
 class MergeRequestReviewEntity:
     def __init__(self, project_name: str, author: str, source_branch: str, target_branch: str, updated_at: int,
-                 commits: list, score: float, url: str, review_result: str, url_slug: str, additions: int,
-                 deletions: int):
+                 commits: list, score: float, url: str, review_result: str, url_slug: str, webhook_data: dict,
+                 additions: int, deletions: int):
         self.project_name = project_name
         self.author = author
         self.source_branch = source_branch
@@ -12,6 +12,7 @@ def __init__(self, project_name: str, author: str, source_branch: str, target_br
         self.url = url
         self.review_result = review_result
         self.url_slug = url_slug
+        self.webhook_data = webhook_data
         self.additions = additions
         self.deletions = deletions
 
@@ -23,7 +24,7 @@ def commit_messages(self):
 
 class PushReviewEntity:
     def __init__(self, project_name: str, author: str, branch: str, updated_at: int, commits: list, score: float,
-                 review_result: str, url_slug: str, additions: int, deletions: int):
+                 review_result: str, url_slug: str, webhook_data: dict, additions: int, deletions: int):
         self.project_name = project_name
         self.author = author
         self.branch = branch
@@ -32,6 +33,7 @@ def __init__(self, project_name: str, author: str, branch: str, updated_at: int,
         self.score = score
         self.review_result = review_result
         self.url_slug = url_slug
+        self.webhook_data = webhook_data
         self.additions = additions
         self.deletions = deletions
 

biz/event/event_manager.py

@@ -32,8 +32,8 @@ def on_merge_request_reviewed(mr_review_entity: MergeRequestReviewEntity):
 {mr_review_entity.review_result}
     """
     notifier.send_notification(content=im_msg, msg_type='markdown', title='Merge Request Review',
-                                  project_name=mr_review_entity.project_name,
-                                  url_slug=mr_review_entity.url_slug)
+                               project_name=mr_review_entity.project_name, url_slug=mr_review_entity.url_slug,
+                               webhook_data=mr_review_entity.webhook_data)
 
     # 记录到数据库
     ReviewService().insert_mr_review_log(mr_review_entity)
@@ -58,9 +58,9 @@ def on_push_reviewed(entity: PushReviewEntity):
 
     if entity.review_result:
         im_msg += f"#### AI Review 结果: \n {entity.review_result}\n\n"
-    notifier.send_notification(content=im_msg, msg_type='markdown',
-                                  title=f"{entity.project_name} Push Event", project_name=entity.project_name,
-                                  url_slug=entity.url_slug)
+    notifier.send_notification(content=im_msg, msg_type='markdown',title=f"{entity.project_name} Push Event",
+                               project_name=entity.project_name, url_slug=entity.url_slug,
+                               webhook_data=entity.webhook_data)
 
     # 记录到数据库
     ReviewService().insert_push_review_log(entity)

biz/github/webhook_handler.py

@@ -1,10 +1,9 @@
-import json
 import os
 import re
 import time
 
 import requests
-
+import fnmatch
 from biz.utils.log import logger
 
 
@@ -177,6 +176,22 @@ def add_pull_request_notes(self, review_result):
             logger.error(f"Failed to add comment: {response.status_code}")
             logger.error(response.text)
 
+    def target_branch_protected(self) -> bool:
+        url = f"https://api.github.com/repos/{self.repo_full_name}/branches?protected=true"
+        headers = {
+            'Authorization': f'token {self.github_token}',
+            'Accept': 'application/vnd.github.v3+json'
+        }
+
+        response = requests.get(url, headers=headers)
+        if response.status_code == 200:
+            data = response.json()
+            target_branch = self.webhook_data['pull_request']['base']['ref']
+            return any(fnmatch.fnmatch(target_branch, item['name']) for item in data)
+        else:
+            logger.warn(f"Failed to get protected branches: {response.status_code}, {response.text}")
+            return False
+
 
 class PushHandler:
     def __init__(self, webhook_data: dict, github_token: str, github_url: str):

biz/gitlab/webhook_handler.py

@@ -2,7 +2,7 @@
 import re
 import time
 from urllib.parse import urljoin
-
+import fnmatch
 import requests
 
 from biz.utils.log import logger
@@ -15,7 +15,7 @@ def filter_changes(changes: list):
     # 从环境变量中获取支持的文件扩展名
     supported_extensions = os.getenv('SUPPORTED_EXTENSIONS', '.java,.py,.php').split(',')
 
-    filter_deleted_files_changes = [change for change in changes if change.get("deleted_file") == False]
+    filter_deleted_files_changes = [change for change in changes if not change.get("deleted_file")]
 
     # 过滤 `new_path` 以支持的扩展名结尾的元素, 仅保留diff和new_path字段
     filtered_changes = [
@@ -49,7 +49,6 @@ def slugify_url(original_url: str) -> str:
     return target
 
 
-
 class MergeRequestHandler:
     def __init__(self, webhook_data: dict, gitlab_token: str, gitlab_url: str):
         self.merge_request_iid = None
@@ -148,6 +147,24 @@ def add_merge_request_notes(self, review_result):
             logger.error(f"Failed to add note: {response.status_code}")
             logger.error(response.text)
 
+    def target_branch_protected(self) -> bool:
+        url = urljoin(f"{self.gitlab_url}/",
+                      f"api/v4/projects/{self.project_id}/protected_branches")
+        headers = {
+            'Private-Token': self.gitlab_token,
+            'Content-Type': 'application/json'
+        }
+        response = requests.get(url, headers=headers, verify=False)
+        logger.debug(f"Get protected branches response from gitlab: {response.status_code}, {response.text}")
+        # 检查请求是否成功
+        if response.status_code == 200:
+            data = response.json()
+            target_branch = self.webhook_data['object_attributes']['target_branch']
+            return any(fnmatch.fnmatch(target_branch, item['name']) for item in data)
+        else:
+            logger.warn(f"Failed to get protected branches: {response.status_code}, {response.text}")
+            return False
+
 
 class PushHandler:
     def __init__(self, webhook_data: dict, gitlab_token: str, gitlab_url: str):

biz/queue/worker.py

@@ -54,6 +54,7 @@ def handle_push_event(webhook_data: dict, gitlab_token: str, gitlab_url: str, gi
             score=score,
             review_result=review_result,
             url_slug=gitlab_url_slug,
+            webhook_data=webhook_data,
             additions=additions,
             deletions=deletions,
         ))
@@ -73,10 +74,15 @@ def handle_merge_request_event(webhook_data: dict, gitlab_token: str, gitlab_url
     :param gitlab_url_slug:
     :return:
     '''
+    merge_review_only_protected_branches = os.environ.get('MERGE_REVIEW_ONLY_PROTECTED_BRANCHES_ENABLED', '0') == '1'
     try:
         # 解析Webhook数据
         handler = MergeRequestHandler(webhook_data, gitlab_token, gitlab_url)
         logger.info('Merge Request Hook event received')
+        # 如果开启了仅review projected branches的，判断当前目标分支是否为projected branches
+        if merge_review_only_protected_branches and not handler.target_branch_protected():
+            logger.info("Merge Request target branch not match protected branches, ignored.")
+            return
 
         if handler.action not in ['open', 'update']:
             logger.info(f"Merge Request Hook event, action={handler.action}, ignored.")
@@ -123,6 +129,7 @@ def handle_merge_request_event(webhook_data: dict, gitlab_token: str, gitlab_url
                 url=webhook_data['object_attributes']['url'],
                 review_result=review_result,
                 url_slug=gitlab_url_slug,
+                webhook_data=webhook_data,
                 additions=additions,
                 deletions=deletions,
             )
@@ -175,6 +182,7 @@ def handle_github_push_event(webhook_data: dict, github_token: str, github_url:
             score=score,
             review_result=review_result,
             url_slug=github_url_slug,
+            webhook_data=webhook_data,
             additions=additions,
             deletions=deletions,
         ))
@@ -194,10 +202,15 @@ def handle_github_pull_request_event(webhook_data: dict, github_token: str, gith
     :param github_url_slug:
     :return:
     '''
+    merge_review_only_protected_branches = os.environ.get('MERGE_REVIEW_ONLY_PROTECTED_BRANCHES_ENABLED', '0') == '1'
     try:
         # 解析Webhook数据
         handler = GithubPullRequestHandler(webhook_data, github_token, github_url)
         logger.info('GitHub Pull Request event received')
+        # 如果开启了仅review projected branches的，判断当前目标分支是否为projected branches
+        if merge_review_only_protected_branches and not handler.target_branch_protected():
+            logger.info("Merge Request target branch not match protected branches, ignored.")
+            return
 
         if handler.action not in ['opened', 'synchronize']:
             logger.info(f"Pull Request Hook event, action={handler.action}, ignored.")
@@ -244,6 +257,7 @@ def handle_github_pull_request_event(webhook_data: dict, github_token: str, gith
                 url=webhook_data['pull_request']['html_url'],
                 review_result=review_result,
                 url_slug=github_url_slug,
+                webhook_data=webhook_data,
                 additions=additions,
                 deletions=deletions,
             ))

biz/utils/code_reviewer.py

@@ -16,7 +16,7 @@ class BaseReviewer(abc.ABC):
 
     def __init__(self, prompt_key: str):
         self.client = Factory().getClient()
-        self.prompts = self._load_prompts(prompt_key,os.getenv("REVIEW_STYLE", "professional"))
+        self.prompts = self._load_prompts(prompt_key, os.getenv("REVIEW_STYLE", "professional"))
 
     def _load_prompts(self, prompt_key: str, style="professional") -> Dict[str, Any]:
         """加载提示词配置"""

biz/utils/im/feishu.py

@@ -1,7 +1,5 @@
-import json
 import requests
 import os
-import re
 from biz.utils.log import logger
 
 

biz/utils/im/notifier.py

@@ -1,21 +1,24 @@
 from biz.utils.im.dingtalk import DingTalkNotifier
 from biz.utils.im.feishu import FeishuNotifier
+from biz.utils.im.webhook import ExtraWebhookNotifier
 from biz.utils.im.wecom import WeComNotifier
 
 
-def send_notification(content, msg_type='text', title="通知", is_at_all=False, project_name=None, url_slug=None):
+def send_notification(content, msg_type='text', title="通知", is_at_all=False, project_name=None, url_slug=None,
+                      webhook_data: dict={}):
     """
     发送通知消息到配置的平台(钉钉和企业微信)
     :param content: 消息内容
     :param msg_type: 消息类型，支持text和markdown
     :param title: 消息标题(markdown类型时使用)
     :param is_at_all: 是否@所有人
     :param url_slug: 由gitlab服务器的url地址(如:http://www.gitlab.com)转换成的slug格式，如: www_gitlab_com
+    :param webhook_data: push event、merge event的数据内容
     """
     # 钉钉推送
     dingtalk_notifier = DingTalkNotifier()
     dingtalk_notifier.send_message(content=content, msg_type=msg_type, title=title, is_at_all=is_at_all,
-                          project_name=project_name, url_slug=url_slug)
+                                   project_name=project_name, url_slug=url_slug)
 
     # 企业微信推送
     wecom_notifier = WeComNotifier()
@@ -26,3 +29,15 @@ def send_notification(content, msg_type='text', title="通知", is_at_all=False,
     feishu_notifier = FeishuNotifier()
     feishu_notifier.send_message(content=content, msg_type=msg_type, title=title, is_at_all=is_at_all,
                                  project_name=project_name, url_slug=url_slug)
+
+    # 额外自定义webhook通知
+    extra_webhook_notifier = ExtraWebhookNotifier()
+    system_data = {
+        "content": content,
+        "msg_type": msg_type,
+        "title": title,
+        "is_at_all": is_at_all,
+        "project_name": project_name,
+        "url_slug": url_slug
+    }
+    extra_webhook_notifier.send_message(system_data=system_data, webhook_data=webhook_data)

biz/utils/im/webhook.py

@@ -0,0 +1,41 @@
+import os
+from biz.utils.log import logger
+import requests
+
+
+class ExtraWebhookNotifier:
+    def __init__(self, webhook_url=None):
+        """
+        初始化ExtraWebhook通知器
+        :param webhook_url: 自定义webhook地址
+        """
+        self.default_webhook_url = webhook_url or os.environ.get('EXTRA_WEBHOOK_URL', '')
+        self.enabled = os.environ.get('EXTRA_WEBHOOK_ENABLED', '0') == '1'
+
+    def send_message(self, system_data: dict, webhook_data: dict):
+        """
+        发送额外自定义webhook消息
+        :param system_data: 系统消息内容
+        :param webhook_data: github、gitlab的push event、merge event的原始数据
+        """
+        if not self.enabled:
+            logger.info("ExtraWebhook推送未启用")
+            return
+
+        try:
+            data = {
+                "ai_codereview_data": system_data,
+                "webhook_data": webhook_data
+            }
+            response = requests.post(
+                url=self.default_webhook_url,
+                json=data,
+                headers={'Content-Type': 'application/json'}
+            )
+
+            if response.status_code != 200:
+                logger.error(f"ExtraWebhook消息发送失败! webhook_url:{self.default_webhook_url}, error_msg:{response.text}")
+                return
+
+        except Exception as e:
+            logger.error(f"ExtraWebhook消息发送失败! ", e)

conf/.env.dist

@@ -50,6 +50,11 @@ WECOM_WEBHOOK_URL=https://qyapi.weixin.qq.com/cgi-bin/webhook/send?key=xxx
 FEISHU_ENABLED=0
 FEISHU_WEBHOOK_URL=https://open.feishu.cn/open-apis/bot/v2/hook/xxx
 
+#自定义webhook配置，使用场景：通过飞书发送应用消息可以实现Push评审通知到提交人，在自定义webhook里可以实现各种定制通知功能
+#参数EXTRA_WEBHOOK_URL接收POST请求，data={ai_codereview_data: {}, webhook_data: {}}，ai_codereview_data为本系统通知的数据，webhook_data为原github、gitlab hook触发的数据
+EXTRA_WEBHOOK_ENABLED=0
+EXTRA_WEBHOOK_URL=https://xxx/xxx
+
 #日志配置
 LOG_FILE=log/app.log
 LOG_MAX_BYTES=10485760
@@ -68,6 +73,8 @@ REPORT_CRONTAB_EXPRESSION=0 18 * * 1-5
 
 # 开启Push Review功能(如果不需要push事件触发Code Review，设置为0)
 PUSH_REVIEW_ENABLED=1
+# 开启Merge请求过滤，过滤仅当合并目标分支是受保护分支时才Review(开启此选项请确保仓库已配置受保护分支protected branches)
+MERGE_REVIEW_ONLY_PROTECTED_BRANCHES_ENABLED=0
 
 # Dashboard登录用户名和密码
 DASHBOARD_USER=admin