feat: implement force push prevention and commit message validation

[kp45]

feat: implement force push prevention and commit message validation

---

Overview

This PR introduces two major validators to improve repository safety and commit quality. With these validators in place, no one can skip commits or rewrite history unnoticed.

Additionally, this PR includes improvements to commit message length validation, enhanced logging, and refined violation handling. These serve as foundational changes that can be extended further as needed.

---

New Features Implemented

1. Force Push Prevention Validator – Blocks force pushes to protected branches.
2. Commit Message Length Validation – Ensures commit messages meet minimum length.
3. Enhanced Logging – Provides comprehensive debugging for push events.
4. Violation Extraction Fix – Proper violation detection and reporting.

---

Technical Improvements

• Fixed RuleEngineAgent violation extraction.
• Added proper error handling and logging.
• Updated push processor with forced flag and installation data.

---

Files Modified

• src/rules/validators.py – New validators
• src/event_processors/push.py – Enhanced push processing
• src/agents/engine_agent/agent.py – Fixed violation extraction
• src/webhooks/router.py – Added push event logging
• src/webhooks/handlers/push.py – Enhanced handler logging
• .watchflow/rules.yaml – Sample rules for testing

---

Ready for Testing

With these changes, Watchflow can now:

• Detect and block force pushes to protected branches.
• Validate commit message lengths.
• Provide detailed logging for debugging.

---

Details of the Validators Introduced

1. Force Push Prevention

• Validator Name: AllowForcePushCondition

• Changes Introduced:

  • Added AllowForcePushCondition validator with branch protection.
  • Detects force pushes and raises a GitHub check run with an appropriate message.
  • Fixed violation extraction issue in RuleEngineAgent, ensuring violations are properly returned in responses.
  • Updated push processor to handle forced flag and installation data.

• Pros:

  • Ensures organizations maintain full commit history.
  • Prevents data loss from amend/rebase/reset.
  • Improves reliability of violation reporting.

• Cons:

  • Rules file must explicitly define which branches to enforce.

Use Case Example – Rules Configuration

- id: force-push-prevention
  name: Force Push Prevention
  description: Prevent force pushes to protected branches
  enabled: true
  severity: critical
  event_types: [push]
  parameters:
    allow_force_push: false
    protected_branches: [main, development, force-demo]
    detect_non_ff: false
    message: "Force pushes are not allowed to protected branches"

2. Commit Message Validation

• Validator Name: CommitCountLimitCondition
• Changes Introduced:
  • Added CommitCountLimitCondition to enforce commit message/commit count limits.
  • Ensures standardized commit practices.

Pros

• Improves commit quality.
• Enhances readability and consistency of commit history.

Use Case Example – Rules Configuration

- id: commit-count-limit
  name: Commit Count Limit
  description: Limit number of commits per push
  enabled: true
  severity: medium
  event_types: [push]
  parameters:
    max_commits: 10
    message: "Too many commits in a single push"```

[dkargatzis]

Hey @kp45, welcome onboard! Please just update the description including the expected outcome and adding a use case example so it'll be easier for maintainers to test your proposed functionality.

Also, please use conventional commit messages, phrased in the imperative form (e.g., add feature instead of added feature).

[dkargatzis]

@kp45 I had a look and your proposed changes look really good - please update the description or send me to have a call if you prefer just to be on the same page!

[kp45]

@kp45 I had a look and your proposed changes look really good - please update the description or send me to have a call if you prefer just to be on the same page!

@dkargatzis Thanks, I’ll update the description now and am happy to jump on a call if needed.

[codecov-commenter]

Welcome to Codecov 🎉

Once you merge this PR into your default branch, you're all set! Codecov will compare coverage reports and display results in all future pull requests.

ℹ️ You can also turn on project coverage checks and project coverage reporting on Pull Request comment

Thanks for integrating Codecov - We've got you covered ☂️

[dkargatzis]

Are you available for a call on Friday? Ideally, between 11am and 3pm UK time. if yes, give me your email so I can send the invitation.

[kp45]

Are you available for a call on Friday? Ideally, between 11am and 3pm UK time. if yes, give me your email so I can send the invitation.

Yes, I am available at 11 AM UK time on Friday. Here is my email [email protected], could you please also send the invite to Project Manager ([email protected]) and Sales Person ([email protected])?