refactor(git-gate): split git_gate.py into render / provision / control
git_gate.py (699 LOC) mixed three responsibilities. Split into: - git_gate_render.py — pure host-side rendering: the gate constants, GitGateUpstream, gitconfig/known-hosts rendering, and the entrypoint / pre-receive / access-hook script builders. - git_gate_provision.py — the gitea deploy-key lifecycle (_provision_dynamic_key / revoke / _resolve_identity_file). - git_gate.py — the GitGate ABC + GitGatePlan, now 169 LOC, re-exporting all moved names (see __all__) so the 19 importers are unchanged. Host-side only (not flat-bundled), so no sidecar import shim. The one test that patched the internal `_provision_dynamic_key` lookup is repointed to its new module (public API unchanged). The two new modules are added to scripts/critical-modules.txt so the decompose doesn't move security code out of the measured core — critical aggregate stays 95% (git_gate 100%, render 100%, provision 97%). Closes #303 Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01NkwFXLFff9PYPy4wgVBJp9
This commit was merged in pull request #309.
This commit is contained in:
@@ -17,6 +17,8 @@ bot_bottle/manifest_egress.py
|
||||
bot_bottle/manifest_agent.py
|
||||
bot_bottle/manifest_schema.py
|
||||
bot_bottle/git_gate.py
|
||||
bot_bottle/git_gate_render.py
|
||||
bot_bottle/git_gate_provision.py
|
||||
bot_bottle/git_http_backend.py
|
||||
bot_bottle/supervise.py
|
||||
bot_bottle/yaml_subset.py
|
||||
|
||||
Reference in New Issue
Block a user