|
| 1 | +name: Compliance Checks |
| 2 | + |
| 3 | +on: pull_request |
| 4 | + |
| 5 | +permissions: |
| 6 | + contents: read |
| 7 | + |
| 8 | +jobs: |
| 9 | + check_compliance: |
| 10 | + runs-on: ubuntu-24.04 |
| 11 | + name: Run compliance checks on patch series (PR) |
| 12 | + steps: |
| 13 | + - name: Set up Python |
| 14 | + uses: actions/setup-python@v5 |
| 15 | + with: |
| 16 | + python-version: 3.12 |
| 17 | + |
| 18 | + - name: Checkout the code |
| 19 | + uses: actions/checkout@v4 |
| 20 | + with: |
| 21 | + ref: ${{ github.event.pull_request.head.sha }} |
| 22 | + path: example-application |
| 23 | + fetch-depth: 0 |
| 24 | + |
| 25 | + - name: Rebase onto the target branch |
| 26 | + working-directory: example-application |
| 27 | + env: |
| 28 | + BASE_REF: ${{ github.base_ref }} |
| 29 | + run: | |
| 30 | + git config --global user.email "you@example.com" |
| 31 | + git config --global user.name "Your Name" |
| 32 | + git config --global --add safe.directory $PWD |
| 33 | + git remote -v |
| 34 | + # Ensure there's no merge commits in the PR |
| 35 | + [[ "$(git rev-list --merges --count origin/${BASE_REF}..)" == "0" ]] || \ |
| 36 | + (echo "::error ::Merge commits not allowed, rebase instead";false) |
| 37 | + rm -fr ".git/rebase-apply" |
| 38 | + rm -fr ".git/rebase-merge" |
| 39 | + git rebase origin/${BASE_REF} |
| 40 | + git clean -f -d |
| 41 | + # debug |
| 42 | + git log --pretty=oneline | head -n 10 |
| 43 | +
|
| 44 | + - name: Install west |
| 45 | + shell: bash |
| 46 | + run: | |
| 47 | + if ! command -v west &> /dev/null; then |
| 48 | + echo "west could not be found, installing..." |
| 49 | + python -m pip install west==1.5.0 |
| 50 | + fi |
| 51 | +
|
| 52 | + - name: Initialize west workspace |
| 53 | + shell: bash |
| 54 | + run: | |
| 55 | + west init -l example-application |
| 56 | +
|
| 57 | + - name: Update west workspace |
| 58 | + shell: bash |
| 59 | + run: | |
| 60 | + west update -o=--depth=1 -n |
| 61 | +
|
| 62 | + - name: Install Python dependencies |
| 63 | + shell: bash |
| 64 | + run: | |
| 65 | + pip install -r zephyr/scripts/requirements-compliance.txt |
| 66 | +
|
| 67 | + - name: Run Compliance Tests |
| 68 | + continue-on-error: true |
| 69 | + id: compliance |
| 70 | + working-directory: example-application |
| 71 | + env: |
| 72 | + BASE_REF: ${{ github.base_ref }} |
| 73 | + UNDEF_KCONFIG_OUTSIDE_ALLOWLIST_FILE: |
| 74 | + ${{ github.workspace }}/example-application/scripts/undef_kconfig_allowlist.txt |
| 75 | + run: | |
| 76 | + export ZEPHYR_BASE=$PWD/../zephyr |
| 77 | + # debug |
| 78 | + ls -la |
| 79 | + git log --pretty=oneline | head -n 10 |
| 80 | + ./scripts/repo_compliance.py --annotate -e SysbuildKconfig \ |
| 81 | + -c origin/${BASE_REF}.. |
| 82 | +
|
| 83 | + - name: upload-results |
| 84 | + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 |
| 85 | + continue-on-error: true |
| 86 | + with: |
| 87 | + name: example-application/compliance.xml |
| 88 | + path: example-application/compliance.xml |
| 89 | + |
| 90 | + - name: check-warns |
| 91 | + shell: bash |
| 92 | + working-directory: example-application |
| 93 | + run: | |
| 94 | + if [[ ! -s "compliance.xml" ]]; then |
| 95 | + exit 1; |
| 96 | + fi |
| 97 | +
|
| 98 | + warns=("ClangFormat" "LicenseAndCopyrightCheck") |
| 99 | + files=($(./scripts/repo_compliance.py -l)) |
| 100 | +
|
| 101 | + for file in "${files[@]}"; do |
| 102 | + f="${file}.txt" |
| 103 | + if [[ -s $f ]]; then |
| 104 | + results=$(cat $f) |
| 105 | + results="${results//'%'/'%25'}" |
| 106 | + results="${results//$'\n'/'%0A'}" |
| 107 | + results="${results//$'\r'/'%0D'}" |
| 108 | + if [[ "${warns[@]}" =~ "${file}" ]]; then |
| 109 | + echo "::warning file=${f}::$results" |
| 110 | + else |
| 111 | + echo "::error file=${f}::$results" |
| 112 | + exit=1 |
| 113 | + fi |
| 114 | + fi |
| 115 | + done |
| 116 | +
|
| 117 | + if [ "${exit}" == "1" ]; then |
| 118 | + exit 1; |
| 119 | + fi |
0 commit comments