mirror of
https://github.com/shankar0123/certctl.git
synced 2026-06-07 12:21:31 +00:00
shankar0123
3fe511189f
scripts/ci-guards/doc-rot-detector.sh — walks every *.md under docs/,
parses the '> Last reviewed: YYYY-MM-DD' blockquote convention
established by the 2026-05-04 docs overhaul, emits:
- ::warning:: GitHub annotation when a doc is >= 90 days old
(heads-up; non-blocking).
- ::error:: + exit 1 when >= 120 days (build-blocking).
Uses HEAD commit timestamp (git log -1 --format=%cs) as 'now' rather
than wall clock — keeps the guard reproducible on a release that's
been on a shelf.
Verified in sandbox:
- Clean run: 90 docs scanned, 88 dated (2 in docs/archive/
allowlisted in bulk), 0 missing field, 0 warns, 0 fails.
- Negative test (backdated docs/README.md to 2025-12-01, 162d):
fires with '::error::Docs older than 120 days (build-blocking)'
+ three remediation paths listed.
Allowlist at scripts/ci-guards/doc-rot-detector-exceptions.yaml:
- 'docs/archive/' bulk-allowlisted (intentionally frozen content)
- Per-doc entries require name + justification + expiration date;
expired entries fail the guard.
Bootstrap sweep NOT required — baseline survey at branch creation
shows oldest doc is 7 days old (2026-05-05); zero docs over either
threshold today. Forward-looking insurance only.
Audit-Closes: post-v2.1.0-anti-rot/item-5
27 lines
968 B
YAML
27 lines
968 B
YAML
# scripts/ci-guards/doc-rot-detector-exceptions.yaml
|
|
#
|
|
# Allowlist for the doc-rot detector
|
|
# (scripts/ci-guards/doc-rot-detector.sh).
|
|
#
|
|
# Two entry shapes:
|
|
#
|
|
# A. Directory bulk-allowlist (path ends with "/"):
|
|
#
|
|
# - path: "docs/archive/"
|
|
# justification: "frozen historical content; intentionally not reviewed"
|
|
#
|
|
# B. Per-doc allowlist with expiration:
|
|
#
|
|
# - path: "docs/reference/some-doc.md"
|
|
# justification: "why this doc is exempt from the age check"
|
|
# expires: "YYYY-MM-DD" # required for per-doc; the guard
|
|
# # rejects entries whose expires date
|
|
# # has passed.
|
|
#
|
|
# DO NOT add per-doc entries here to silence the gate on a doc that's
|
|
# legitimately drifted. If the doc is wrong, fix it.
|
|
|
|
exceptions:
|
|
- path: "docs/archive/"
|
|
justification: "frozen historical content (per the 2026-05-04 docs overhaul) — intentionally not subject to the freshness gate"
|