name: autograde-final-vibevault on: push: branches: - main workflow_dispatch: permissions: contents: read pull-requests: write jobs: grade: runs-on: docker container: image: gradle:9.0-jdk21 options: --user root timeout-minutes: 30 steps: - name: Install dependencies (CN mirror) run: | set -e # 替换 Debian/Ubuntu 源为阿里云镜像 for f in /etc/apt/sources.list /etc/apt/sources.list.d/*.list /etc/apt/sources.list.d/*.sources; do [ -f "$f" ] || continue sed -i -E 's|https?://deb.debian.org|http://mirrors.aliyun.com|g' "$f" || true sed -i -E 's|https?://security.debian.org|http://mirrors.aliyun.com/debian-security|g' "$f" || true sed -i -E 's|https?://archive.ubuntu.com|http://mirrors.aliyun.com|g' "$f" || true sed -i -E 's|https?://ports.ubuntu.com|http://mirrors.aliyun.com|g' "$f" || true done apt-get -o Acquire::Check-Valid-Until=false update -y DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends git ca-certificates python3 python3-pip rsync pip3 install --break-system-packages python-dotenv requests -i https://mirrors.aliyun.com/pypi/simple --trusted-host mirrors.aliyun.com rm -rf /var/lib/apt/lists/* - name: Configure Gradle mirror (Aliyun) run: | mkdir -p ~/.gradle cat > ~/.gradle/init.gradle << 'EOF' allprojects { repositories { mavenLocal() maven { url 'https://maven.aliyun.com/repository/public' } maven { url 'https://maven.aliyun.com/repository/spring' } maven { url 'https://maven.aliyun.com/repository/spring-plugin' } maven { url 'https://maven.aliyun.com/repository/gradle-plugin' } mavenCentral() } } EOF echo "✅ Gradle configured to use Aliyun mirror" - name: Checkout code env: GITHUB_TOKEN: ${{ github.token }} run: | git config --global --add safe.directory ${{ github.workspace }} git init # Use token for authentication (required for private repos) REPO_URL="${{ github.server_url }}/${{ github.repository }}.git" AUTH_URL=$(echo "$REPO_URL" | sed "s|://|://${GITHUB_TOKEN}@|") git remote add origin "$AUTH_URL" git fetch --depth=1 origin ${{ github.sha }} git checkout ${{ github.sha }} - name: Fix permissions run: chown -R $(whoami):$(whoami) ${{ github.workspace }} || true - name: Fetch hidden tests working-directory: ${{ github.workspace }} env: EXTERNAL_GITEA_HOST: ${{ secrets.EXTERNAL_GITEA_HOST }} run: | set -e TESTS_USERNAME="${RUNNER_TESTS_USERNAME:-}" TESTS_TOKEN="${RUNNER_TESTS_TOKEN:-}" if [ -z "$TESTS_TOKEN" ] || [ -z "$TESTS_USERNAME" ]; then echo "Warning: RUNNER_TESTS_USERNAME / RUNNER_TESTS_TOKEN not set, skipping private tests" exit 0 fi # Resolve Gitea Host if [ -n "$EXTERNAL_GITEA_HOST" ]; then HOST="$EXTERNAL_GITEA_HOST" elif [ -n "$GITEA_ROOT_URL" ]; then HOST=$(echo "$GITEA_ROOT_URL" | sed 's|https\?://||' | sed 's|/$||') else HOST=$(echo "${{ github.server_url }}" | sed 's|https\?://||' | cut -d'/' -f1) fi ORG=$(echo "${{ github.repository }}" | cut -d'/' -f1) REPO_NAME=$(echo "${{ github.repository }}" | cut -d'/' -f2) # Extract assignment ID if echo "$REPO_NAME" | grep -q -- '-stu_'; then ASSIGNMENT_ID=$(echo "$REPO_NAME" | sed 's/-stu_.*//') elif echo "$REPO_NAME" | grep -q -- '-template'; then ASSIGNMENT_ID=$(echo "$REPO_NAME" | sed 's/-template.*//') else ASSIGNMENT_ID="final-vibevault" fi echo "📥 Fetching private tests from ${ORG}/${ASSIGNMENT_ID}-tests..." AUTH_URL="http://${TESTS_USERNAME}:${TESTS_TOKEN}@${HOST}/${ORG}/${ASSIGNMENT_ID}-tests.git" if ! git -c http.sslVerify=false clone --depth=1 "$AUTH_URL" _priv_tests 2>&1; then echo "❌ Failed to clone ${ASSIGNMENT_ID}-tests repository!" exit 1 fi # Copy Java tests if [ -d "_priv_tests/java/src/test" ]; then rsync -a _priv_tests/java/src/test/ src/test/ echo "✅ Private tests copied" fi # Copy test_groups.json if exists if [ -f "_priv_tests/test_groups.json" ]; then cp _priv_tests/test_groups.json . echo "✅ test_groups.json copied" fi # Copy LLM rubrics if [ -d "_priv_tests/llm" ]; then mkdir -p .llm_rubrics cp _priv_tests/llm/*.json .llm_rubrics/ 2>/dev/null || true echo "✅ LLM rubrics copied" fi - name: Run tests working-directory: ${{ github.workspace }} run: | gradle test --no-daemon || true # Collect all JUnit XML reports find build/test-results/test -name "TEST-*.xml" -exec cat {} \; > all_tests.xml 2>/dev/null || true # Also try to get a single combined report if [ -f build/test-results/test/TEST-*.xml ]; then cp build/test-results/test/TEST-*.xml junit.xml 2>/dev/null || true fi - name: Grade programming tests working-directory: ${{ github.workspace }} run: | # Use extended grading script with group support python3 ./.autograde/grade_grouped.py \ --junit-dir build/test-results/test \ --groups test_groups.json \ --out grade.json \ --summary summary.md - name: Grade REPORT.md working-directory: ${{ github.workspace }} run: | # LLM env vars are injected by Runner config (LLM_API_KEY, LLM_API_URL, LLM_MODEL) if [ -f REPORT.md ] && [ -f .llm_rubrics/rubric_report.json ]; then python3 ./.autograde/llm_grade.py \ --question "请评估这份后端与系统设计报告" \ --answer REPORT.md \ --rubric .llm_rubrics/rubric_report.json \ --out report_grade.json \ --summary report_summary.md echo "✅ REPORT.md graded" else echo '{"total": 0, "flags": ["missing_file"]}' > report_grade.json echo "⚠️ REPORT.md or rubric not found" fi - name: Grade FRONTEND.md working-directory: ${{ github.workspace }} run: | # LLM env vars are injected by Runner config (LLM_API_KEY, LLM_API_URL, LLM_MODEL) if [ -f FRONTEND.md ] && [ -f .llm_rubrics/rubric_frontend.json ]; then python3 ./.autograde/llm_grade.py \ --question "请评估这份前端界面与交互设计报告" \ --answer FRONTEND.md \ --rubric .llm_rubrics/rubric_frontend.json \ --out frontend_grade.json \ --summary frontend_summary.md echo "✅ FRONTEND.md graded" else echo '{"total": 0, "flags": ["missing_file"]}' > frontend_grade.json echo "⚠️ FRONTEND.md or rubric not found" fi - name: Aggregate grades working-directory: ${{ github.workspace }} run: | python3 ./.autograde/aggregate_final_grade.py \ --programming grade.json \ --report report_grade.json \ --frontend frontend_grade.json \ --out final_grade.json \ --summary final_summary.md - name: Create metadata working-directory: ${{ github.workspace }} env: REPO: ${{ github.repository }} run: | if [ -f final_grade.json ]; then export GRADE_TYPE=final python3 ./.autograde/create_minimal_metadata.py > metadata.json || echo "{}" > metadata.json fi - name: Upload metadata if: env.RUNNER_METADATA_TOKEN != '' working-directory: ${{ github.workspace }} env: # 使用当前组织的 course-metadata 仓库,而不是 Runner 配置中的硬编码值 METADATA_REPO: ${{ github.repository_owner }}/course-metadata METADATA_TOKEN: ${{ env.RUNNER_METADATA_TOKEN }} METADATA_BRANCH: ${{ env.RUNNER_METADATA_BRANCH }} STUDENT_REPO: ${{ github.repository }} RUN_ID: ${{ github.run_id }} COMMIT_SHA: ${{ github.sha }} SERVER_URL: ${{ github.server_url }} run: | if [ -f metadata.json ]; then python3 ./.autograde/upload_metadata.py \ --metadata-file metadata.json \ --metadata-repo "${METADATA_REPO}" \ --branch "${METADATA_BRANCH:-main}" \ --student-repo "${STUDENT_REPO}" \ --run-id "${RUN_ID}" \ --commit-sha "${COMMIT_SHA}" \ --workflow grade \ --server-url "${SERVER_URL}" \ --external-host "${EXTERNAL_GITEA_HOST}" fi