| name: Compliance Checks |
| |
| on: |
| pull_request: |
| types: |
| - edited |
| - opened |
| - reopened |
| - synchronize |
| |
| jobs: |
| check_compliance: |
| runs-on: ubuntu-22.04 |
| name: Run compliance checks on patch series (PR) |
| steps: |
| - name: Update PATH for west |
| run: | |
| echo "$HOME/.local/bin" >> $GITHUB_PATH |
| |
| - name: Checkout the code |
| uses: actions/checkout@v4 |
| with: |
| ref: ${{ github.event.pull_request.head.sha }} |
| fetch-depth: 0 |
| |
| - name: Set up Python |
| uses: actions/setup-python@v5 |
| with: |
| python-version: 3.11 |
| |
| - name: cache-pip |
| uses: actions/cache@v4 |
| with: |
| path: ~/.cache/pip |
| key: ${{ runner.os }}-pip-${{ hashFiles('.github/workflows/compliance.yml') }} |
| |
| - name: Install python dependencies |
| run: | |
| pip3 install setuptools |
| pip3 install wheel |
| pip3 install python-magic lxml junitparser gitlint pylint pykwalify yamllint clang-format unidiff sphinx-lint ruff |
| pip3 install west |
| |
| - name: west setup |
| env: |
| BASE_REF: ${{ github.base_ref }} |
| run: | |
| git config --global user.email "you@example.com" |
| git config --global user.name "Your Name" |
| git remote -v |
| # Ensure there's no merge commits in the PR |
| [[ "$(git rev-list --merges --count origin/${BASE_REF}..)" == "0" ]] || \ |
| (echo "::error ::Merge commits not allowed, rebase instead";false) |
| git rebase origin/${BASE_REF} |
| git clean -f -d |
| # debug |
| git log --pretty=oneline | head -n 10 |
| west init -l . || true |
| west config manifest.group-filter -- +ci,-optional |
| west update -o=--depth=1 -n 2>&1 1> west.update.log || west update -o=--depth=1 -n 2>&1 1> west.update2.log |
| |
| - name: Check for PR description |
| if: ${{ github.event.pull_request.body == '' }} |
| continue-on-error: true |
| id: pr_description |
| run: | |
| echo "Pull request description cannot be empty." |
| exit 1 |
| |
| - name: Run Compliance Tests |
| continue-on-error: true |
| id: compliance |
| env: |
| BASE_REF: ${{ github.base_ref }} |
| run: | |
| export ZEPHYR_BASE=$PWD |
| # debug |
| ls -la |
| git log --pretty=oneline | head -n 10 |
| # Increase rename limit to allow for large PRs |
| git config diff.renameLimit 10000 |
| ./scripts/ci/check_compliance.py --annotate -e KconfigBasic \ |
| -c origin/${BASE_REF}.. |
| |
| - name: upload-results |
| uses: actions/upload-artifact@v4 |
| continue-on-error: true |
| with: |
| name: compliance.xml |
| path: compliance.xml |
| |
| - name: check-warns |
| run: | |
| if [[ ! -s "compliance.xml" ]]; then |
| exit 1; |
| fi |
| |
| warns=("ClangFormat") |
| files=($(./scripts/ci/check_compliance.py -l)) |
| |
| for file in "${files[@]}"; do |
| f="${file}.txt" |
| if [[ -s $f ]]; then |
| results=$(cat $f) |
| results="${results//'%'/'%25'}" |
| results="${results//$'\n'/'%0A'}" |
| results="${results//$'\r'/'%0D'}" |
| |
| if [[ "${warns[@]}" =~ "${file}" ]]; then |
| echo "::warning file=${f}::$results" |
| else |
| echo "::error file=${f}::$results" |
| exit=1 |
| fi |
| fi |
| done |
| |
| if [ "${exit}" == "1" ]; then |
| echo "Compliance error, check for error messages in the \"Run Compliance Tests\" step" |
| echo "You can run this step locally with the ./scripts/ci/check_compliance.py script." |
| exit 1; |
| fi |
| |
| if [ "${{ steps.pr_description.outcome }}" == "failure" ]; then |
| echo "PR description cannot be empty" |
| exit 1; |
| fi |