From 54dc2fbf8669a42a5b454d62143ecca817c6a56f Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Mon, 23 Mar 2026 12:29:22 +0000 Subject: [PATCH] =?UTF-8?q?=F0=9F=A6=85=20[ZY-SKYEYE-FED]=20Address=20code?= =?UTF-8?q?=20review=20feedback:=20token=20validation,=20signature=20loggi?= =?UTF-8?q?ng,=20remove=20/tmp=20write?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: qinfendebingshuo <207279273+qinfendebingshuo@users.noreply.github.com> Agent-Logs-Url: https://github.com/qinfendebingshuo/guanghulab/sessions/6db75c5d-dcc2-4ab2-90f4-3908bb070e7d --- .github/workflows/skyeye-checkin-receiver.yml | 7 ++++++- spoke-deployments/guanghu-awen/scripts/skyeye/checkin.js | 4 ++++ spoke-deployments/guanghu-awen/scripts/skyeye/scan.js | 3 +-- 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/.github/workflows/skyeye-checkin-receiver.yml b/.github/workflows/skyeye-checkin-receiver.yml index d58d43a5..58f34bc9 100644 --- a/.github/workflows/skyeye-checkin-receiver.yml +++ b/.github/workflows/skyeye-checkin-receiver.yml @@ -38,8 +38,13 @@ jobs: # 读取注册表中的联邦条目 REGISTERED_HASH=$(jq -r ".federation.\"$DEV_ID\".signature_hash" .github/persona-brain/agent-registry.json) + if [ "$REGISTERED_HASH" = "null" ]; then + echo "⚠️ 首次签到 · 注册表中签名为空,接受并记录初始签名" + elif [ "$REGISTERED_HASH" = "$SIG_HASH" ]; then + echo "✅ 身份校验通过(签名匹配)" + fi + if [ "$REGISTERED_HASH" = "null" ] || [ "$REGISTERED_HASH" = "$SIG_HASH" ]; then - echo "✅ 身份校验通过(首次签到或签名匹配)" # 更新签到记录 jq ".federation.\"$DEV_ID\".last_checkin = \"$(date -u +%Y-%m-%dT%H:%M:%SZ)\" | .federation.\"$DEV_ID\".signature_hash = \"$SIG_HASH\" | .federation.\"$DEV_ID\".status = \"active\"" \ .github/persona-brain/agent-registry.json > /tmp/registry.json diff --git a/spoke-deployments/guanghu-awen/scripts/skyeye/checkin.js b/spoke-deployments/guanghu-awen/scripts/skyeye/checkin.js index f592c3f4..fde2199e 100644 --- a/spoke-deployments/guanghu-awen/scripts/skyeye/checkin.js +++ b/spoke-deployments/guanghu-awen/scripts/skyeye/checkin.js @@ -5,6 +5,10 @@ const https = require('https'); const fs = require('fs'); const TOKEN = process.env.MAIN_REPO_TOKEN; +if (!TOKEN) { + console.error('❌ MAIN_REPO_TOKEN 未配置'); + process.exit(1); +} const MAIN_REPO = 'qinfendebingshuo/guanghulab'; // 读取扫描报告 diff --git a/spoke-deployments/guanghu-awen/scripts/skyeye/scan.js b/spoke-deployments/guanghu-awen/scripts/skyeye/scan.js index ea77a3b2..5c2e3612 100644 --- a/spoke-deployments/guanghu-awen/scripts/skyeye/scan.js +++ b/spoke-deployments/guanghu-awen/scripts/skyeye/scan.js @@ -66,5 +66,4 @@ fs.writeFileSync(outputPath, JSON.stringify(report, null, 2)); console.log('🦅 天眼扫描完成'); console.log(JSON.stringify(report, null, 2)); -// 导出签名哈希供签到使用 -fs.writeFileSync('/tmp/signature_hash.txt', report.signature_hash); +// 签名哈希已包含在 skyeye-report.json 中,签到脚本直接从报告读取