ci_guard.py

import json
import sys
def run_ci():
    """
    UI-safe CI Guard
    Returns:
        (passed: bool, failed_rules: list)
    """

    rules_path = "artifacts/normalized_rules.json"
    findings_path = "artifacts/rule_findings.json"

    if not os.path.exists(rules_path) or not os.path.exists(findings_path):
        return False, ["CI setup incomplete"]

    rules = json.load(open(rules_path, "r", encoding="utf-8"))
    findings = json.load(open(findings_path, "r", encoding="utf-8"))

    critical_rules = {
        r["id"]
        for r in rules.get("rules", [])
        if r.get("severity") == "critical"
    }

    violated_rules = {
        f["rule"]
        for f in findings
        if f.get("status") == "VIOLATED"
    }

    failed = sorted(critical_rules & violated_rules)

    if failed:
        return False, failed

    return True, []