makit 0.0.177 → 0.0.178

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fc386dde3db0fe6432b9b85b3b00dc999c20196e3efb93fd9d29d18db82f8350
-  data.tar.gz: c1714543dc6bdfad90b7d27f8216a8d16e1e036f3d6d8caba995e5f3de904379
+  metadata.gz: f937ec1cf935ad85175afeb03a0581f9aa4ad4c25eb110b0e6dd3270d11450b7
+  data.tar.gz: 07cf1f1a0066881d547e4ab630100fc114d69598a61f70655cdea1b677cb6a79
 SHA512:
-  metadata.gz: 34345e6eb386707bf6e77c3cffeccb9570b374633b9a2a4731215a6a7dfb796d9dbf75b77b291563bbc09f569a4eafdfaa04cadf7ca89313bb00e2f77c46d14d
-  data.tar.gz: 7d77300973c442e66266990be6e5e80ba345b8ea72480e8f76dd63784e40a9a7121bdb30a62ae820b2e44c0fa38f37f65bcfea5ba470037063fa6b00189c0822
+  metadata.gz: 074e28f520cd60a88ca3e19334a55b904defcb467f2f85d27cae574f34d6fb712e1c4aece3ac38bc4cd74acbf7bf3f321a5d849cfacf0e49921050e988cc0c14
+  data.tar.gz: 03b2ee40a67e007774d59c8d5a01c62d23cd5465a02f50df5c5d786116f785aab79efd7f7c1438d6ae0fa1970a739f36b0e3ccd3e85276413f696cb649067a04

data/lib/makit/azure-pipelines.rb

@@ -1,6 +1,15 @@
+# frozen_string_literal: true
+
 module Makit
-    class AzurePipelines
-      def self.status(project_name: nil, org: nil, project: nil, pipeline_id: nil, pipeline_name: nil, pat: nil)
+  # @deprecated Use {Makit::AzureDevOps} for pipeline run status, timeline, failed steps, and syncing results.
+  #   This class will be removed in a future version. For NuGet publish to Azure DevOps feeds,
+  #   consider using Makit::NuGet or dotnet nuget push directly.
+  class AzurePipelines
+    DEPRECATION_MESSAGE = "Makit::AzurePipelines is deprecated; use Makit::AzureDevOps for pipeline run status and results. " \
+      "See Makit::AzureDevOps#sync_pipelines and #report."
+
+    def self.status(project_name: nil, org: nil, project: nil, pipeline_id: nil, pipeline_name: nil, pat: nil)
+      warn "[DEPRECATION] #{DEPRECATION_MESSAGE}"
         require "net/http"
         require "uri"
         require "json"
@@ -134,7 +143,7 @@ module Makit
           exit 1
         end
       end
-      # Publishes a NuGet package to an Azure DevOps feed
+    # Publishes a NuGet package to an Azure DevOps feed
     #
     # @param package_name [String] The name of the NuGet package
     # @param package_version [String] The version of the package
@@ -142,7 +151,9 @@ module Makit
     # @param feed_source [String] The name of the Azure DevOps feed
     # @param api_key [String, nil] Optional API key (defaults to "az" for Azure CLI)
     # @raise [RuntimeError] If the push fails and it's not a duplicate package error
+    # @deprecated Makit::AzurePipelines is deprecated; for pipeline status use Makit::AzureDevOps. This method remains for NuGet publish only.
     def self.publish(package_name:, package_version:, package_file:, feed_source:, api_key: "az")
+      warn "[DEPRECATION] #{DEPRECATION_MESSAGE}"
         puts "  Checking if package #{package_name} version #{package_version} already exists in feed..."
   
         # Check if package version already exists

data/lib/makit/azure_devops.rb

@@ -0,0 +1,378 @@
+# frozen_string_literal: true
+
+# Azure DevOps Pipelines API client for querying run status and saving results.
+# Requires: AZURE_DEVOPS_ORG, AZURE_DEVOPS_PROJECT, AZURE_DEVOPS_PIPELINE_ID, AZURE_DEVOPS_TOKEN (PAT with Build Read).
+require "fileutils"
+require "json"
+require "net/http"
+require "stringio"
+require "time"
+require "uri"
+require "zlib"
+
+module Makit
+  class AzureDevOps
+    API_VERSION = "7.1"
+    BASE_URL = "https://dev.azure.com"
+
+    def initialize(org:, project:, pipeline_id:, token:)
+      @org = org
+      @project = project
+      @pipeline_id = pipeline_id.to_s
+      @token = token
+    end
+
+    def base_uri(path)
+      URI("#{BASE_URL}/#{URI.encode_www_form_component(@org)}/#{URI.encode_www_form_component(@project)}/_apis/#{path}?api-version=#{API_VERSION}")
+    end
+
+    def get(path)
+      uri = base_uri(path)
+      request(uri)
+    end
+
+    # GET a full URL (e.g. log URL); uses same PAT auth. Returns response body as string.
+    def get_url(full_url)
+      uri = URI(full_url)
+      request(uri, parse_json: false)
+    end
+
+    def request(uri, parse_json: true)
+      req = Net::HTTP::Get.new(uri)
+      req.basic_auth("", @token)
+      req["Accept"] = parse_json ? "application/json" : "text/plain"
+      resp = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") { |http| http.request(req) }
+      raise "HTTP #{resp.code}: #{resp.body}" unless resp.is_a?(Net::HTTPSuccess)
+
+      parse_json ? JSON.parse(resp.body) : resp.body
+    end
+
+    # List recent runs; returns array of runs (newest first).
+    def list_runs(top: 10)
+      path = "pipelines/#{@pipeline_id}/runs"
+      data = get(path)
+      runs = data["value"] || []
+      runs.first(top)
+    end
+
+    # Get the latest run (first in list).
+    def latest_run
+      list_runs(top: 1).first
+    end
+
+    # Get the latest run that has completed (state == "completed").
+    # If the latest run is not yet completed, returns the most recent completed run from the list.
+    # Optional date_scope: "YYYY-MM-DD" to only consider runs from that date (finishedDate or createdDate).
+    def latest_run_or_latest_completed(top: 20, date_scope: nil)
+      runs = list_runs(top: top)
+      latest = runs.first
+      if latest && latest["state"]&.downcase == "completed"
+        return latest if !date_scope || run_on_date?(latest, date_scope)
+      end
+
+      completed = runs.find { |r| r["state"]&.downcase == "completed" && (!date_scope || run_on_date?(r, date_scope)) }
+      completed || latest
+    end
+
+    def run_on_date?(run, date_scope)
+      return true unless date_scope
+
+      ts = run["finishedDate"] || run["createdDate"].to_s
+      ts.start_with?(date_scope)
+    end
+
+    # Build a timestamp-based directory name from a run (for organizing results by run time).
+    # Uses finishedDate if set, else createdDate; format: 20260224T205001Z (safe for dirs).
+    def run_timestamp_dir(run)
+      return "unknown" unless run
+
+      ts = run["finishedDate"] || run["createdDate"]
+      return "unknown" unless ts
+
+      # Parse ISO8601 and format as compact: 20260224T205001Z
+      begin
+        t = Time.parse(ts)
+        t.utc.strftime("%Y%m%dT%H%M%SZ")
+      rescue ArgumentError
+        "unknown"
+      end
+    end
+
+    # Get a single run by id.
+    def get_run(run_id)
+      path = "pipelines/#{@pipeline_id}/runs/#{run_id}"
+      get(path)
+    end
+
+    # Get timeline for a run (uses Build API; run_id often equals build_id for YAML pipelines).
+    # Returns timeline hash with "records" or nil if not available (e.g. 404).
+    def get_timeline(build_id)
+      path = "build/builds/#{build_id}/timeline"
+      get(path)
+    rescue StandardError => e
+      return nil if e.message.include?("404")
+
+      raise
+    end
+
+    # True if the run result is succeeded (or succeeded with issues/warnings).
+    def run_passed?(run)
+      run && %w[succeeded succeededwithissues].include?(run["result"]&.downcase)
+    end
+
+    # Extract detailed info for all failed steps from the timeline (for storage and display).
+    # Returns array of hashes: name, type, identifier, result, resultCode, issues, logUrl, logSnippet (if fetched).
+    def failed_steps_details(timeline, fetch_log_snippet: true, log_snippet_lines: 80)
+      return [] unless timeline && timeline["records"].is_a?(Array)
+
+      failed = timeline["records"].select { |r| r["result"]&.downcase == "failed" }
+      failed.map do |r|
+        detail = {
+          "name" => r["name"] || r["identifier"] || "Unknown",
+          "type" => r["type"],
+          "identifier" => r["identifier"],
+          "result" => r["result"],
+          "resultCode" => r["resultCode"],
+          "workerName" => r["workerName"],
+          "startTime" => r["startTime"],
+          "finishTime" => r["finishTime"],
+          "issues" => (r["issues"] || []).map { |i| { "type" => i["type"], "category" => i["category"], "message" => i["message"], "data" => i["data"] } },
+          "logUrl" => r.dig("log", "url")
+        }
+        if fetch_log_snippet && detail["logUrl"]
+          snippet = fetch_log_snippet_content(detail["logUrl"], lines: log_snippet_lines)
+          detail["logSnippet"] = snippet.to_s.encode("UTF-8", invalid: :replace, undef: :replace) if snippet && !snippet.to_s.empty?
+        end
+        detail.delete("logSnippet") if detail["logSnippet"].to_s.empty?
+        detail
+      end
+    end
+
+    def fetch_log_snippet_content(log_url, lines: 80)
+      raw = get_url(log_url)
+      return nil if raw.to_s.empty?
+
+      body = decompress_log_body(raw)
+      body = body.encode("UTF-8", invalid: :replace, undef: :replace) unless body.encoding == Encoding::UTF_8
+
+      all_lines = body.split("\n")
+      snippet = all_lines.size <= lines ? body : "... (#{all_lines.size - lines} lines omitted) ...\n" + all_lines.last(lines).join("\n")
+      snippet
+    rescue StandardError => e
+      "[Log fetch error: #{e.message}]"
+    end
+
+    # Azure DevOps may return log content gzip-compressed; decompress if so.
+    def decompress_log_body(raw)
+      raw = raw.to_s
+      return raw if raw.empty?
+      return raw unless raw.bytesize >= 2 && raw.getbyte(0) == 0x1F && raw.getbyte(1) == 0x8B
+
+      io = StringIO.new(raw)
+      Zlib::GzipReader.new(io).read
+    rescue Zlib::Error
+      raw
+    end
+
+    # Extract warning issues from all timeline records.
+    # Returns array of hashes: name, type, issues (warning-only).
+    def warning_details(timeline)
+      return [] unless timeline && timeline["records"].is_a?(Array)
+
+      warnings = []
+      timeline["records"].each do |r|
+        next unless r["issues"].is_a?(Array)
+
+        warn_issues = r["issues"].select { |i| i["type"]&.downcase&.include?("warning") }
+        next if warn_issues.empty?
+
+        warnings << {
+          "name" => r["name"] || r["identifier"] || "Unknown",
+          "type" => r["type"],
+          "issues" => warn_issues.map { |i| { "type" => i["type"], "message" => i["message"] } }
+        }
+      end
+      warnings
+    end
+
+    # Human-readable summary of warnings.
+    def format_warnings(warnings)
+      return "" if warnings.nil? || warnings.empty?
+
+      out = []
+      warnings.each do |w|
+        (w["issues"] || []).each do |iss|
+          out << "  [#{w['name']}] #{iss['message']}"
+        end
+      end
+      out.join("\n")
+    end
+
+    # Human-readable summary of failed steps (for display and pipeline_failures.txt).
+    def format_failed_steps(failures)
+      return "" if failures.nil? || failures.empty?
+
+      out = []
+      failures.each_with_index do |f, i|
+        out << "--- Failed step #{i + 1}: #{f['name']} (#{f['type']}) ---"
+        out << "  Result: #{f['result']}"
+        out << "  Worker: #{f['workerName']}" if f["workerName"]
+        (f["issues"] || []).each do |iss|
+          out << "  [#{iss['type']}] #{iss['message']}"
+        end
+        if f["logSnippet"]
+          out << "  Log (last lines):"
+          f["logSnippet"].to_s.each_line { |line| out << "    #{line.rstrip}" }
+        end
+        out << ""
+      end
+      out.join("\n")
+    end
+
+    # Extract the first failure message from run + timeline (job/record name + result/issue).
+    def first_failure(run, timeline = nil)
+      if timeline && timeline["records"]
+        records = timeline["records"].is_a?(Array) ? timeline["records"] : []
+        failed = records.find { |r| r["result"]&.downcase == "failed" }
+        if failed
+          name = failed["name"] || failed["identifier"] || "Unknown"
+          msg = failed["issues"]&.first&.dig("message") || failed["resultCode"] || failed["result"]
+          return "#{name}: #{msg}"
+        end
+      end
+      return "Run result: #{run['result'] || 'unknown'}" if run && run["result"]&.downcase != "succeeded" && run["result"]&.downcase != "succeededwithissues"
+
+      nil
+    end
+
+    # Save run (and optional timeline) to artifacts dir for visibility.
+    # Also writes pipeline_failures.json and pipeline_failures.txt when there are failed steps.
+    def save_pipeline_result(run, timeline, artifacts_dir, fetch_log_snippet: true)
+      FileUtils.mkdir_p(artifacts_dir)
+      run_path = File.join(artifacts_dir, "pipeline_run.json")
+      File.write(run_path, JSON.pretty_generate(run || {}))
+      timeline_path = File.join(artifacts_dir, "pipeline_timeline.json")
+      File.write(timeline_path, JSON.pretty_generate(timeline || {}))
+      summary_path = File.join(artifacts_dir, "pipeline_result.txt")
+      summary = build_summary(run, timeline)
+      File.write(summary_path, summary)
+      result = { run: run_path, timeline: timeline_path, summary: summary_path }
+
+      failures = failed_steps_details(timeline, fetch_log_snippet: fetch_log_snippet)
+      if failures.any?
+        failures_path = File.join(artifacts_dir, "pipeline_failures.json")
+        File.write(failures_path, JSON.pretty_generate(failures))
+        failures_txt_path = File.join(artifacts_dir, "pipeline_failures.txt")
+        File.write(failures_txt_path, format_failed_steps(failures))
+        result[:failures] = failures_txt_path
+        result[:failures_json] = failures_path
+        result[:failures_detail] = failures
+      end
+      result
+    end
+
+    def build_summary(run, timeline)
+      lines = []
+      if run
+        lines << "Run: #{run['name']} (id=#{run['id']})"
+        lines << "State: #{run['state']}"
+        lines << "Result: #{run['result']}"
+        lines << "Created: #{run['createdDate']}"
+        lines << "Finished: #{run['finishedDate']}"
+      end
+      if timeline && timeline["records"]
+        lines << ""
+        lines << "Records:"
+        (timeline["records"] || []).each do |r|
+          lines << "  - #{r['name'] || r['identifier']}: #{r['state']} / #{r['result']}"
+        end
+      end
+      lines.join("\n")
+    end
+
+    # Timestamp dir pattern: 20260224T205001Z (from run_timestamp_dir).
+    TIMESTAMP_DIR_PATTERN = /\A\d{8}T\d{6}Z\z/
+
+    # Cull older pipeline data under base_dir: delete all timestamp-named subdirs except keep_timestamp_dir.
+    # Only call when the latest pipeline run is successful so that we keep history while failing, then purge once green.
+    def cull_old_pipeline_data(base_dir, keep_timestamp_dir)
+      return unless File.directory?(base_dir)
+      return if keep_timestamp_dir.to_s.empty?
+
+      Dir.children(base_dir).each do |name|
+        next unless name.match?(TIMESTAMP_DIR_PATTERN)
+        next if name == keep_timestamp_dir
+
+        path = File.join(base_dir, name)
+        next unless File.directory?(path)
+
+        FileUtils.rm_rf(path)
+        puts "Culled old pipeline data: #{path}"
+      end
+    end
+
+    # Sync pipeline run data to a directory: fetch latest (or latest completed) run, save to base_dir/<timestamp>/,
+    # cull old data if run passed. Returns a result hash for report(); does not output. Set CI_FETCH_LOG_SNIPPET=0 to skip log snippets.
+    def sync_pipelines(base_dir, top: 20)
+      run = latest_run_or_latest_completed(top: top, date_scope: nil)
+      return { passed: false, failure_message: "check_ci: no pipeline run found" } unless run
+
+      timestamp_dir = run_timestamp_dir(run)
+      output_dir = File.join(base_dir, timestamp_dir)
+      timeline = get_timeline(run["id"])
+      fetch_log = ENV["CI_FETCH_LOG_SNIPPET"] != "0"
+      paths = save_pipeline_result(run, timeline, output_dir, fetch_log_snippet: fetch_log)
+
+      if run_passed?(run)
+        cull_old_pipeline_data(base_dir, timestamp_dir)
+        warnings = warning_details(timeline)
+        return { passed: true, paths: paths, warnings: warnings }
+      else
+        msg = first_failure(run, timeline) || "Pipeline result: #{run['result']}"
+        return { passed: false, failure_message: msg, paths: paths, failures_detail: paths[:failures_detail] }
+      end
+    rescue RuntimeError => e
+      return { error: e.message } if e.message.include?("HTTP 401")
+      raise
+    end
+
+    # Report sync result to stdout and abort on failure or 401. Result comes from sync_pipelines.
+    def report(result)
+      if result[:error]
+        if result[:error].include?("HTTP 401")
+          abort([
+            "check_ci: Azure DevOps returned 401 Unauthorized.",
+            "Use a valid PAT with Build (Read): https://dev.azure.com → User Settings → Personal access tokens.",
+            "Set AZURE_DEVOPS_TOKEN or MUSCO_AZURE_DEVOPS_TOKEN. To skip CI check: SKIP_CHECK_CI=1 rake"
+          ].join("\n"))
+        end
+        abort(result[:error])
+      end
+
+      if result[:passed] == false && result[:paths].nil?
+        abort(result[:failure_message])
+      end
+
+      paths = result[:paths] || {}
+      puts "Pipeline result written to #{paths[:summary]}"
+      puts "Failed steps detail written to #{paths[:failures]}" if paths[:failures]
+
+      if result[:passed]
+        # For successful runs, always show warnings when present (from sync_pipelines warning_details).
+        warnings = result[:warnings] || []
+        if warnings.any?
+          puts "\n--- Pipeline warnings ---"
+          puts format_warnings(warnings)
+          puts ""
+        end
+        puts "success"
+      else
+        failures_detail = result[:failures_detail]
+        puts "\n--- Failed build steps ---" if failures_detail&.any?
+        puts format_failed_steps(failures_detail) if failures_detail&.any?
+        puts result[:failure_message]
+        abort(result[:failure_message])
+      end
+    end
+  end
+end

data/lib/makit/gitlab_devops.rb

@@ -0,0 +1,343 @@
+# frozen_string_literal: true
+
+# GitLab CI/CD Pipelines API client for querying pipeline status and saving results.
+# Requires: GITLAB_URL (optional, default https://gitlab.com), GITLAB_PROJECT (path e.g. "gems-rb/makit"),
+#           GITLAB_TOKEN (personal or project access token with read_api scope).
+require "fileutils"
+require "json"
+require "net/http"
+require "time"
+require "uri"
+
+module Makit
+  class GitLabDevOps
+    API_VERSION = "v4"
+    DEFAULT_BASE_URL = "https://gitlab.com"
+
+    def initialize(project:, token:, base_url: nil)
+      @project = project.to_s
+      @project_encoded = URI.encode_www_form_component(@project)
+      @token = token
+      @base_url = (base_url || ENV["GITLAB_URL"] || DEFAULT_BASE_URL).to_s.sub(%r{/+$}, "")
+    end
+
+    def base_uri(path, query = {})
+      q = query.empty? ? "" : "?#{URI.encode_www_form(query)}"
+      URI("#{@base_url}/api/#{API_VERSION}/projects/#{@project_encoded}/#{path}#{q}")
+    end
+
+    def get(path, query = {})
+      uri = path.start_with?("http") ? URI(path) : base_uri(path, query)
+      request(uri)
+    end
+
+    def get_url(full_url)
+      uri = URI(full_url)
+      request(uri, parse_json: false)
+    end
+
+    def request(uri, parse_json: true)
+      req = Net::HTTP::Get.new(uri)
+      req["PRIVATE-TOKEN"] = @token
+      req["Accept"] = parse_json ? "application/json" : "text/plain"
+      resp = Net::HTTP.start(uri.hostname, uri.port, use_ssl: uri.scheme == "https") { |http| http.request(req) }
+      raise "HTTP #{resp.code}: #{resp.body}" unless resp.is_a?(Net::HTTPSuccess)
+
+      parse_json ? JSON.parse(resp.body) : resp.body
+    end
+
+    # List recent pipeline runs; returns array of runs (newest first).
+    # GitLab returns array directly; we normalize to a run-like hash with id, status, created_at, updated_at, finished_at.
+    def list_runs(top: 10)
+      data = get("pipelines", { per_page: [top, 100].min, order_by: "updated_at", sort: "desc" })
+      runs = data.is_a?(Array) ? data : []
+      runs.first(top)
+    end
+
+    def latest_run
+      list_runs(top: 1).first
+    end
+
+    # Get the latest run that has completed (status in success, failed, canceled, skipped).
+    # If the latest run is not yet completed, returns the most recent completed run from the list.
+    def latest_run_or_latest_completed(top: 20, date_scope: nil)
+      runs = list_runs(top: top)
+      latest = runs.first
+      completed_statuses = %w[success failed canceled skipped]
+      if latest && completed_statuses.include?(latest["status"]&.downcase)
+        return latest if !date_scope || run_on_date?(latest, date_scope)
+      end
+
+      completed = runs.find { |r| completed_statuses.include?(r["status"]&.downcase) && (!date_scope || run_on_date?(r, date_scope)) }
+      completed || latest
+    end
+
+    def run_on_date?(run, date_scope)
+      return true unless date_scope
+
+      ts = run["finished_at"] || run["updated_at"] || run["created_at"].to_s
+      ts.to_s.start_with?(date_scope)
+    end
+
+    # Build a timestamp-based directory name from a run.
+    # Uses finished_at, updated_at, or created_at; format: 20260224T205001Z.
+    def run_timestamp_dir(run)
+      return "unknown" unless run
+
+      ts = run["finished_at"] || run["updated_at"] || run["created_at"]
+      return "unknown" unless ts
+
+      begin
+        t = Time.parse(ts)
+        t.utc.strftime("%Y%m%dT%H%M%SZ")
+      rescue ArgumentError
+        "unknown"
+      end
+    end
+
+    def get_run(pipeline_id)
+      get("pipelines/#{pipeline_id}")
+    end
+
+    # Get jobs for a pipeline (GitLab equivalent of timeline). Returns hash with "records" (array of jobs)
+    # so callers can use the same pattern as Azure DevOps (timeline["records"]).
+    def get_timeline(pipeline_id)
+      jobs = get("pipelines/#{pipeline_id}/jobs", { per_page: 100 })
+      jobs = jobs.is_a?(Array) ? jobs : []
+      { "records" => jobs }
+    rescue StandardError => e
+      return nil if e.message.include?("404")
+
+      raise
+    end
+
+    # True if pipeline status is success.
+    def run_passed?(run)
+      run && run["status"]&.downcase == "success"
+    end
+
+    # Extract detailed info for all failed jobs from the timeline.
+    # Returns array of hashes: name, type (stage), identifier (id), result (status), failure_reason, logUrl, logSnippet (if fetched).
+    def failed_steps_details(timeline, fetch_log_snippet: true, log_snippet_lines: 80)
+      return [] unless timeline && timeline["records"].is_a?(Array)
+
+      failed = timeline["records"].select { |r| r["status"]&.downcase == "failed" }
+      failed.map do |r|
+        job_id = r["id"]
+        detail = {
+          "name" => r["name"] || "job_#{job_id}",
+          "type" => r["stage"] || "job",
+          "identifier" => job_id,
+          "result" => r["status"],
+          "resultCode" => r["failure_reason"],
+          "workerName" => r.dig("runner", "description").to_s,
+          "startTime" => r["started_at"],
+          "finishTime" => r["finished_at"],
+          "issues" => r["failure_reason"] ? [{ "type" => "failure", "message" => r["failure_reason"] }] : [],
+          "logUrl" => job_id ? "#{@base_url}/api/#{API_VERSION}/projects/#{@project_encoded}/jobs/#{job_id}/trace" : nil
+        }
+        if fetch_log_snippet && detail["logUrl"]
+          snippet = fetch_log_snippet_content(detail["logUrl"], lines: log_snippet_lines)
+          detail["logSnippet"] = snippet.to_s.encode("UTF-8", invalid: :replace, undef: :replace) if snippet && !snippet.to_s.empty?
+        end
+        detail.delete("logSnippet") if detail["logSnippet"].to_s.empty?
+        detail
+      end
+    end
+
+    def fetch_log_snippet_content(trace_url, lines: 80)
+      raw = get_url(trace_url)
+      return nil if raw.to_s.empty?
+
+      body = raw.to_s.encode("UTF-8", invalid: :replace, undef: :replace)
+      all_lines = body.split("\n")
+      snippet = all_lines.size <= lines ? body : "... (#{all_lines.size - lines} lines omitted) ...\n" + all_lines.last(lines).join("\n")
+      snippet
+    rescue StandardError => e
+      "[Log fetch error: #{e.message}]"
+    end
+
+    # GitLab jobs don't have a separate "issues" array for warnings; we could parse log or use allow_failure.
+    # Return empty array for compatibility with report().
+    def warning_details(timeline)
+      return [] unless timeline && timeline["records"].is_a?(Array)
+
+      timeline["records"].select { |r| r["allow_failure"] && r["status"]&.downcase == "failed" }.map do |r|
+        {
+          "name" => r["name"] || r["id"].to_s,
+          "type" => r["stage"] || "job",
+          "issues" => [{ "type" => "allow_failure", "message" => (r["failure_reason"] || "Job failed but allow_failure is true") }]
+        }
+      end
+    end
+
+    def format_warnings(warnings)
+      return "" if warnings.nil? || warnings.empty?
+
+      out = []
+      warnings.each do |w|
+        (w["issues"] || []).each do |iss|
+          out << "  [#{w['name']}] #{iss['message']}"
+        end
+      end
+      out.join("\n")
+    end
+
+    def format_failed_steps(failures)
+      return "" if failures.nil? || failures.empty?
+
+      out = []
+      failures.each_with_index do |f, i|
+        out << "--- Failed step #{i + 1}: #{f['name']} (#{f['type']}) ---"
+        out << "  Result: #{f['result']}"
+        out << "  Failure: #{f['resultCode']}" if f["resultCode"]
+        out << "  Worker: #{f['workerName']}" if f["workerName"]
+        (f["issues"] || []).each do |iss|
+          out << "  [#{iss['type']}] #{iss['message']}"
+        end
+        if f["logSnippet"]
+          out << "  Log (last lines):"
+          f["logSnippet"].to_s.each_line { |line| out << "    #{line.rstrip}" }
+        end
+        out << ""
+      end
+      out.join("\n")
+    end
+
+    def first_failure(run, timeline = nil)
+      if timeline && timeline["records"]
+        failed = timeline["records"].find { |r| r["status"]&.downcase == "failed" }
+        if failed
+          name = failed["name"] || failed["id"].to_s
+          msg = failed["failure_reason"] || failed["status"]
+          return "#{name}: #{msg}"
+        end
+      end
+      return "Pipeline result: #{run['status'] || 'unknown'}" if run && run["status"]&.downcase != "success"
+
+      nil
+    end
+
+    def save_pipeline_result(run, timeline, artifacts_dir, fetch_log_snippet: true)
+      FileUtils.mkdir_p(artifacts_dir)
+      run_path = File.join(artifacts_dir, "pipeline_run.json")
+      File.write(run_path, JSON.pretty_generate(run || {}))
+      timeline_path = File.join(artifacts_dir, "pipeline_timeline.json")
+      File.write(timeline_path, JSON.pretty_generate(timeline || {}))
+      summary_path = File.join(artifacts_dir, "pipeline_result.txt")
+      summary = build_summary(run, timeline)
+      File.write(summary_path, summary)
+      result = { run: run_path, timeline: timeline_path, summary: summary_path }
+
+      failures = failed_steps_details(timeline, fetch_log_snippet: fetch_log_snippet)
+      if failures.any?
+        failures_path = File.join(artifacts_dir, "pipeline_failures.json")
+        File.write(failures_path, JSON.pretty_generate(failures))
+        failures_txt_path = File.join(artifacts_dir, "pipeline_failures.txt")
+        File.write(failures_txt_path, format_failed_steps(failures))
+        result[:failures] = failures_txt_path
+        result[:failures_json] = failures_path
+        result[:failures_detail] = failures
+      end
+      result
+    end
+
+    def build_summary(run, timeline)
+      lines = []
+      if run
+        lines << "Pipeline: #{run['id']} (#{run['ref']} @ #{run['sha']&.slice(0, 8)})"
+        lines << "Status: #{run['status']}"
+        lines << "Created: #{run['created_at']}"
+        lines << "Updated: #{run['updated_at']}"
+        lines << "Finished: #{run['finished_at']}"
+        lines << "Web: #{run['web_url']}" if run["web_url"]
+      end
+      if timeline && timeline["records"]
+        lines << ""
+        lines << "Jobs:"
+        (timeline["records"] || []).each do |r|
+          lines << "  - #{r['name'] || r['id']} (#{r['stage']}): #{r['status']}"
+        end
+      end
+      lines.join("\n")
+    end
+
+    TIMESTAMP_DIR_PATTERN = /\A\d{8}T\d{6}Z\z/
+
+    def cull_old_pipeline_data(base_dir, keep_timestamp_dir)
+      return unless File.directory?(base_dir)
+      return if keep_timestamp_dir.to_s.empty?
+
+      Dir.children(base_dir).each do |name|
+        next unless name.match?(TIMESTAMP_DIR_PATTERN)
+        next if name == keep_timestamp_dir
+
+        path = File.join(base_dir, name)
+        next unless File.directory?(path)
+
+        FileUtils.rm_rf(path)
+        puts "Culled old pipeline data: #{path}"
+      end
+    end
+
+    def sync_pipelines(base_dir, top: 20)
+      run = latest_run_or_latest_completed(top: top, date_scope: nil)
+      return { passed: false, failure_message: "check_ci: no pipeline run found" } unless run
+
+      timestamp_dir = run_timestamp_dir(run)
+      output_dir = File.join(base_dir, timestamp_dir)
+      timeline = get_timeline(run["id"])
+      fetch_log = ENV["CI_FETCH_LOG_SNIPPET"] != "0"
+      paths = save_pipeline_result(run, timeline, output_dir, fetch_log_snippet: fetch_log)
+
+      if run_passed?(run)
+        cull_old_pipeline_data(base_dir, timestamp_dir)
+        warnings = warning_details(timeline)
+        return { passed: true, paths: paths, warnings: warnings }
+      else
+        msg = first_failure(run, timeline) || "Pipeline result: #{run['status']}"
+        return { passed: false, failure_message: msg, paths: paths, failures_detail: paths[:failures_detail] }
+      end
+    rescue RuntimeError => e
+      return { error: e.message } if e.message.include?("401") || e.message.include?("403")
+      raise
+    end
+
+    def report(result)
+      if result[:error]
+        if result[:error].include?("401") || result[:error].include?("403")
+          abort([
+            "check_ci: GitLab returned 401/403 Unauthorized.",
+            "Use a valid token with read_api scope: GitLab → User Settings → Access Tokens.",
+            "Set GITLAB_TOKEN or CI_JOB_TOKEN (in CI). To skip CI check: SKIP_CHECK_CI=1 rake"
+          ].join("\n"))
+        end
+        abort(result[:error])
+      end
+
+      if result[:passed] == false && result[:paths].nil?
+        abort(result[:failure_message])
+      end
+
+      paths = result[:paths] || {}
+      puts "Pipeline result written to #{paths[:summary]}"
+      puts "Failed steps detail written to #{paths[:failures]}" if paths[:failures]
+
+      if result[:passed]
+        warnings = result[:warnings] || []
+        if warnings.any?
+          puts "\n--- Pipeline warnings ---"
+          puts format_warnings(warnings)
+          puts ""
+        end
+        puts "success"
+      else
+        failures_detail = result[:failures_detail]
+        puts "\n--- Failed build steps ---" if failures_detail&.any?
+        puts format_failed_steps(failures_detail) if failures_detail&.any?
+        puts result[:failure_message]
+        abort(result[:failure_message])
+      end
+    end
+  end
+end

data/lib/makit/version.rb

@@ -2,7 +2,7 @@
 
 module Makit
   # Static version for now to avoid circular dependency issues
-  #VERSION = "0.0.177"
+  #VERSION = "0.0.178"
 
   # Version management utilities for various file formats
   #

data/lib/makit.rb

@@ -24,6 +24,8 @@ require_relative "makit/rubygems"
 require_relative "makit/azure/cli"
 require_relative "makit/azure/blob_storage"
 require_relative "makit/azure-pipelines"
+require_relative "makit/azure_devops"
+require_relative "makit/gitlab_devops"
 require_relative "makit/github_actions"
 require_relative "makit/humanize"
 require_relative "makit/directories"

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: makit
 version: !ruby/object:Gem::Version
-  version: 0.0.177
+  version: 0.0.178
 platform: ruby
 authors:
 - Lou Parslow
@@ -238,6 +238,7 @@ files:
 - lib/makit/azure-pipelines.rb
 - lib/makit/azure/blob_storage.rb
 - lib/makit/azure/cli.rb
+- lib/makit/azure_devops.rb
 - lib/makit/cli/base.rb
 - lib/makit/cli/build_commands.rb
 - lib/makit/cli/generators/base_generator.rb
@@ -315,6 +316,7 @@ files:
 - lib/makit/github_actions.rb
 - lib/makit/gitlab/pipeline.rb
 - lib/makit/gitlab/pipeline_service_impl.rb
+- lib/makit/gitlab_devops.rb
 - lib/makit/gitlab_runner.rb
 - lib/makit/humanize.rb
 - lib/makit/indexer.rb