-
Notifications
You must be signed in to change notification settings - Fork 1.3k
133 lines (116 loc) · 4.29 KB
/
compliance.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
name: Compliance
on: pull_request
jobs:
compliance_job:
runs-on: ubuntu-24.04
name: Run compliance checks on patch series (PR)
steps:
- name: Update PATH for west
run: |
echo "$HOME/.local/bin" >> $GITHUB_PATH
- name: Checkout sources
uses: nrfconnect/action-checkout-west-update@main
with:
git-fetch-depth: 0
git-ref: ${{ github.event.pull_request.head.sha }}
- name: cache-pip
uses: actions/cache@v3
with:
path: ~/.cache/pip
key: ${{ runner.os }}-doc-pip
- name: Install python dependencies
working-directory: ncs/nrf
run: |
pip3 install -U pip
pip3 install -U wheel
grep -E "^setuptools" scripts/requirements-fixed.txt | cut -d ' ' -f '1' | xargs pip3 install -U
grep -E "^python-magic=|^junitparser|^lxml|^gitlint|^pylint|^pykwalify|^yamllint|^unidiff" scripts/requirements-fixed.txt | cut -d ' ' -f '1' | xargs pip3 install -U
grep -E "^west" scripts/requirements-fixed.txt | cut -d ' ' -f '1' | xargs pip3 install -U
pip3 show -f west
- name: Run merge commits test
env:
BASE_REF: ${{ github.base_ref }}
working-directory: ncs/nrf
run: |
git remote -v
# Ensure there's no merge commits in the PR
[[ "$(git rev-list --merges --count origin/${BASE_REF}..)" == "0" ]] || \
(echo "::error ::Merge commits not allowed, rebase instead";false)
git rebase origin/${BASE_REF}
# debug
git log --pretty=oneline | head -n 10
- name: Run CODEOWNERS test
id: codeowners
env:
BASE_REF: ${{ github.base_ref }}
working-directory: ncs/nrf
if: contains(github.event.pull_request.user.login, 'dependabot[bot]') != true
run: |
./scripts/ci/codeowners.py -c origin/${BASE_REF}..
- name: Run Compliance Tests
continue-on-error: true
id: compliance
env:
BASE_REF: ${{ github.base_ref }}
working-directory: ncs/nrf
if: contains(github.event.pull_request.user.login, 'dependabot[bot]') != true
run: |
export ZEPHYR_BASE="$(dirname "$(pwd)")/zephyr"
# debug
ls -la
git log --pretty=oneline | head -n 10
# For now we run KconfigBasic, but we should transition to Kconfig
$ZEPHYR_BASE/scripts/ci/check_compliance.py --annotate -e Kconfig \
-e KconfigBasicNoModules -e ClangFormat -e Ruff -c origin/${BASE_REF}..
- name: upload-results
uses: actions/upload-artifact@v4
continue-on-error: true
if: contains(github.event.pull_request.user.login, 'dependabot[bot]') != true
with:
name: compliance.xml
path: ncs/nrf/compliance.xml
overwrite: true
- name: check-warns
working-directory: ncs/nrf
if: contains(github.event.pull_request.user.login, 'dependabot[bot]') != true
run: |
export ZEPHYR_BASE="$(dirname "$(pwd)")/zephyr"
if [[ ! -s "compliance.xml" ]]; then
exit 1;
fi
files=($($ZEPHYR_BASE/scripts/ci/check_compliance.py -l))
for file in "${files[@]}"; do
f="${file}.txt"
if [[ -s $f ]]; then
errors=$(cat $f)
errors="${errors//'%'/'%25'}"
errors="${errors//$'\n'/'%0A'}"
errors="${errors//$'\r'/'%0D'}"
echo "::error file=${f}::$errors"
exit=1
fi
done
if [ "${exit}" == "1" ]; then
exit 1;
fi
- name: Check added or updated links
working-directory: ncs/nrf
run: |
RE=".. _\`(.*)\`: (.*)"
LINKS=$(git diff --unified=0 "${{ github.event.pull_request.base.sha }}..HEAD" -- "doc/nrf/links.txt" | \
grep "^+" || true | \
grep -Ev "^(---|\+\+\+)" || true)
while IFS= read -r link; do
if [[ $link =~ $RE ]]; then
NAME=${BASH_REMATCH[1]}
URL=${BASH_REMATCH[2]}
echo -n "Checking URL for '$NAME' ($URL)... "
status=$(curl --write-out "%{http_code}" --output /dev/null --silent --head "$URL" || true)
if [[ "$status" -ne 200 ]]; then
echo "FAIL (HTTP code: ${status})"
exit 1
else
echo "OK"
fi
fi
done <<< "$LINKS"