From 5bd698047fa59f225e4e6282d6dc5529a55f5598 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 1 Sep 2024 20:35:05 -0400 Subject: [PATCH] Add nocommit linter (#5905) * Add nocommit linter * Combine minor linters into one workflow with different jobs --------- Signed-off-by: dependabot[bot] Signed-off-by: Yuri Shkuro Signed-off-by: Yuri Shkuro Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Yuri Shkuro Co-authored-by: Yuri Shkuro --- .github/workflows/ci-lint-checks.yaml | 88 +++++++++++++++++++-- .github/workflows/ci-lint-protogen.yml | 42 ---------- .github/workflows/ci-lint-shell-scripts.yml | 40 ---------- Makefile | 10 +++ 4 files changed, 92 insertions(+), 88 deletions(-) delete mode 100644 .github/workflows/ci-lint-protogen.yml delete mode 100644 .github/workflows/ci-lint-shell-scripts.yml diff --git a/.github/workflows/ci-lint-checks.yaml b/.github/workflows/ci-lint-checks.yaml index 2729e2b612b..65f6764fbdd 100644 --- a/.github/workflows/ci-lint-checks.yaml +++ b/.github/workflows/ci-lint-checks.yaml @@ -26,9 +26,45 @@ jobs: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + with: + go-version: 1.23.x + + - name: Print Jaeger version for no reason + run: make echo-v1 echo-v2 + + - name: Install tools + run: make install-test-tools + + - name: Lint + run: make lint + + pull-request-preconditions: + runs-on: ubuntu-latest + steps: + - name: Harden Runner + uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 + with: + egress-policy: audit # TODO: change to 'egress-policy: block' after a couple of runs + + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - name: Ensure PR is not on main branch uses: ./.github/actions/block-pr-not-on-main + - name: lint-nocommit + run: make lint-nocommit + + dco-check: + runs-on: ubuntu-latest + steps: + - name: Harden Runner + uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 + with: + egress-policy: audit # TODO: change to 'egress-policy: block' after a couple of runs + + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - name: Set up Python 3.x for DCO check uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: @@ -39,15 +75,55 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + generated-files-check: + runs-on: ubuntu-latest + steps: + - name: Harden Runner + uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 + with: + egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs + + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + with: + submodules: recursive + - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version: 1.23.x - - name: Print Jaeger version for no reason - run: make echo-v1 echo-v2 + - name: Verify Protobuf types are up to date + run: make proto && git diff --name-status --exit-code - - name: Install tools - run: make install-test-tools + - name: Verify Thrift types are up to date + run: make thrift && git diff --name-status --exit-code - - name: Lint - run: make lint + - name: Verify Mockery types are up to date + run: make generate-mocks && git diff --name-status --exit-code + + lint-shell-scripts: + runs-on: ubuntu-latest + + steps: + - name: Harden Runner + uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 + with: + egress-policy: audit + + - name: Check out code + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + + - name: Install shellcheck + run: sudo apt-get install shellcheck + + - name: Run shellcheck + run: shellcheck scripts/*.sh + + - name: Install shunit2 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + with: + repository: kward/shunit2 + path: .tools/shunit2 + + - name: Run unit tests for scripts + run: | + SHUNIT2=.tools/shunit2 bash scripts/compute-tags.test.sh diff --git a/.github/workflows/ci-lint-protogen.yml b/.github/workflows/ci-lint-protogen.yml deleted file mode 100644 index d9d23613677..00000000000 --- a/.github/workflows/ci-lint-protogen.yml +++ /dev/null @@ -1,42 +0,0 @@ -name: Generated Files Validation - -on: - push: - branches: [main] - - pull_request: - branches: [main] - -concurrency: - group: ${{ github.workflow }}-${{ (github.event.pull_request && github.event.pull_request.number) || github.ref || github.run_id }} - cancel-in-progress: true - -# See https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions -permissions: # added using https://github.com/step-security/secure-workflows - contents: read - -jobs: - generated-files-check: - runs-on: ubuntu-latest - steps: - - name: Harden Runner - uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 - with: - egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - with: - submodules: recursive - - - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 - with: - go-version: 1.23.x - - - name: Verify Protobuf types are up to date - run: make proto && git diff --name-status --exit-code - - - name: Verify Thrift types are up to date - run: make thrift && git diff --name-status --exit-code - - - name: Verify Mockery types are up to date - run: make generate-mocks && git diff --name-status --exit-code diff --git a/.github/workflows/ci-lint-shell-scripts.yml b/.github/workflows/ci-lint-shell-scripts.yml deleted file mode 100644 index b2f3c3a1185..00000000000 --- a/.github/workflows/ci-lint-shell-scripts.yml +++ /dev/null @@ -1,40 +0,0 @@ -name: Lint Shell Scripts - -on: - push: - branches: [main] - - pull_request: - branches: [main] - -permissions: - contents: read - -jobs: - link-shell-scripts: - runs-on: ubuntu-latest - - steps: - - name: Harden Runner - uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 - with: - egress-policy: audit - - - name: Check out code - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - - name: Install shellcheck - run: sudo apt-get install shellcheck - - - name: Run shellcheck - run: shellcheck scripts/*.sh - - - name: Install shunit2 - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - with: - repository: kward/shunit2 - path: .tools/shunit2 - - - name: Run unit tests for scripts - run: | - SHUNIT2=.tools/shunit2 bash scripts/compute-tags.test.sh diff --git a/Makefile b/Makefile index 7af029d1a51..ffad18dee8d 100644 --- a/Makefile +++ b/Makefile @@ -151,6 +151,16 @@ lint-license: @./scripts/updateLicense.py $(ALL_SRC) $(SCRIPTS_SRC) > $(FMT_LOG) @[ ! -s "$(FMT_LOG)" ] || (echo "License check failures, run 'make fmt'" | cat - $(FMT_LOG) && false) +.PHONY: lint-nocommit +lint-nocommit: + @if git diff main | grep '@no''commit' ; then \ + echo "❌ Cannot merge PR that contains @no""commit string" ; \ + GIT_PAGER=cat git diff -G '@no''commit' main ; \ + false ; \ + else \ + echo "✅ Changes do not contain @no""commit string" ; \ + fi + .PHONY: lint-imports lint-imports: @echo Verifying that all Go files have correctly ordered imports