this repo has no description
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

internal/ci: enforce Signed-off-by temporarily

Until Gerrit fixes the bug where it does not apply the restriction to
admin accounts.

Change-Id: Iadf68723367aa06798aa2b54d8d1eecf68e5b12a
Signed-off-by: Daniel Martí <mvdan@mvdan.cc>
Reviewed-on: https://review.gerrithub.io/c/cue-lang/cue/+/537156
Reviewed-by: Paul Jolly <paul@myitcv.io>

+135 -18
+17
.github/workflows/test.yml
··· 59 59 go-version: ${{ matrix.go-version }} 60 60 - name: Checkout code 61 61 uses: actions/checkout@v3 62 + - if: matrix.go-version == '1.18.x' && matrix.os == 'ubuntu-20.04' 63 + name: Early git and code sanity checks 64 + run: |- 65 + # Ensure the recent commit messages have Signed-off-by headers. 66 + # TODO: Remove once this is enforced for admins too; 67 + # see https://bugs.chromium.org/p/gerrit/issues/detail?id=15229 68 + # TODO: Our --max-count here is just 1, because we've made mistakes very 69 + # recently. Increase it to 5 or 10 soon, to also cover CL chains. 70 + for commit in $(git rev-list --max-count=1 HEAD); do 71 + if ! git rev-list --format=%B --max-count=1 $commit | grep -q '^Signed-off-by:'; then 72 + echo -e " 73 + Recent commit is lacking Signed-off-by: 74 + " 75 + git show --quiet $commit 76 + exit 1 77 + fi 78 + done 62 79 - name: Cache Go modules 63 80 uses: actions/cache@v3 64 81 with:
+38 -1
cmd/cue/cmd/testdata/script/cmd_github.txt
··· 185 185 go-version: ${{ matrix.go-version }} 186 186 - name: Checkout code 187 187 uses: actions/checkout@v3 188 + - if: matrix.go-version == '1.18.x' && matrix.os == 'ubuntu-20.04' 189 + name: Early git and code sanity checks 190 + run: |- 191 + # Ensure the recent commit messages have Signed-off-by headers. 192 + # TODO: Remove once this is enforced for admins too; 193 + # see https://bugs.chromium.org/p/gerrit/issues/detail?id=15229 194 + # TODO: Our --max-count here is just 1, because we've made mistakes very 195 + # recently. Increase it to 5 or 10 soon, to also cover CL chains. 196 + for commit in $(git rev-list --max-count=1 HEAD); do 197 + if ! git rev-list --format=%B --max-count=1 $commit | grep -q '^Signed-off-by:'; then 198 + echo -e " 199 + Recent commit is lacking Signed-off-by: 200 + " 201 + git show --quiet $commit 202 + exit 1 203 + fi 204 + done 188 205 - name: Cache Go modules 189 206 uses: actions/cache@v3 190 207 with: ··· 1122 1139 needs: "start" 1123 1140 strategy: _#testStrategy 1124 1141 "runs-on": "${{ matrix.os }}" 1125 - steps: [_#writeNetrcFile, _#installGo, _#checkoutCode, _#cacheGoModules, _#step & { 1142 + steps: [_#writeNetrcFile, _#installGo, _#checkoutCode, _#earlyChecks, _#cacheGoModules, _#step & { 1126 1143 if: "${{ \(_#isMaster) }}" 1127 1144 run: "echo CUE_LONG=true >> $GITHUB_ENV" 1128 1145 }, _#goGenerate, _#goTest, _#goTestRace & { ··· 1349 1366 _#checkoutCode: _#step & { 1350 1367 name: "Checkout code" 1351 1368 uses: "actions/checkout@v3" 1369 + } 1370 + _#earlyChecks: _#step & { 1371 + name: "Early git and code sanity checks" 1372 + run: """ 1373 + # Ensure the recent commit messages have Signed-off-by headers. 1374 + # TODO: Remove once this is enforced for admins too; 1375 + # see https://bugs.chromium.org/p/gerrit/issues/detail?id=15229 1376 + # TODO: Our --max-count here is just 1, because we've made mistakes very 1377 + # recently. Increase it to 5 or 10 soon, to also cover CL chains. 1378 + for commit in $(git rev-list --max-count=1 HEAD); do 1379 + if ! git rev-list --format=%B --max-count=1 $commit | grep -q '^Signed-off-by:'; then 1380 + echo -e "\nRecent commit is lacking Signed-off-by:\n" 1381 + git show --quiet $commit 1382 + exit 1 1383 + fi 1384 + done 1385 + """ 1386 + // These checks don't vary based on the Go version or OS, 1387 + // so we only need to run them on one of the matrix jobs. 1388 + if: "matrix.go-version == '\(_#latestStableGo)' && matrix.os == '\(_#linuxMachine)'" 1352 1389 } 1353 1390 _#cacheGoModules: _#step & { 1354 1391 name: "Cache Go modules"
+58 -17
cue/testdata/eval/github.txtar
··· 55 55 needs: "start" 56 56 strategy: _#testStrategy 57 57 "runs-on": "${{ matrix.os }}" 58 - steps: [_#writeNetrcFile, _#installGo, _#checkoutCode, _#cacheGoModules, _#step & { 58 + steps: [_#writeNetrcFile, _#installGo, _#checkoutCode, _#earlyChecks, _#cacheGoModules, _#step & { 59 59 if: "${{ \(_#isMaster) }}" 60 60 run: "echo CUE_LONG=true >> $GITHUB_ENV" 61 61 }, _#goGenerate, _#goTest, _#goTestRace & { ··· 282 282 _#checkoutCode: _#step & { 283 283 name: "Checkout code" 284 284 uses: "actions/checkout@v3" 285 + } 286 + _#earlyChecks: _#step & { 287 + name: "Early git and code sanity checks" 288 + run: """ 289 + # Ensure the recent commit messages have Signed-off-by headers. 290 + # TODO: Remove once this is enforced for admins too; 291 + # see https://bugs.chromium.org/p/gerrit/issues/detail?id=15229 292 + # TODO: Our --max-count here is just 1, because we've made mistakes very 293 + # recently. Increase it to 5 or 10 soon, to also cover CL chains. 294 + for commit in $(git rev-list --max-count=1 HEAD); do 295 + if ! git rev-list --format=%B --max-count=1 $commit | grep -q '^Signed-off-by:'; then 296 + echo -e "\nRecent commit is lacking Signed-off-by:\n" 297 + git show --quiet $commit 298 + exit 1 299 + fi 300 + done 301 + """ 302 + // These checks don't vary based on the Go version or OS, 303 + // so we only need to run them on one of the matrix jobs. 304 + if: "matrix.go-version == '\(_#latestStableGo)' && matrix.os == '\(_#linuxMachine)'" 285 305 } 286 306 _#cacheGoModules: _#step & { 287 307 name: "Cache Go modules" ··· 1107 1127 uses: (string){ "actions/checkout@v3" } 1108 1128 } 1109 1129 3: (#struct){ 1130 + name: (string){ "Early git and code sanity checks" } 1131 + run: (string){ "# Ensure the recent commit messages have Signed-off-by headers.\n# TODO: Remove once this is enforced for admins too;\n# see https://bugs.chromium.org/p/gerrit/issues/detail?id=15229\n# TODO: Our --max-count here is just 1, because we've made mistakes very\n# recently. Increase it to 5 or 10 soon, to also cover CL chains.\nfor commit in $(git rev-list --max-count=1 HEAD); do\n\tif ! git rev-list --format=%B --max-count=1 $commit | grep -q '^Signed-off-by:'; then\n\t\techo -e \"\nRecent commit is lacking Signed-off-by:\n\"\n\t\tgit show --quiet $commit\n\t\texit 1\n\tfi\ndone" } 1132 + if: (string){ "matrix.go-version == '1.18.x' && matrix.os == 'ubuntu-20.04'" } 1133 + } 1134 + 4: (#struct){ 1110 1135 name: (string){ "Cache Go modules" } 1111 1136 uses: (string){ "actions/cache@v3" } 1112 1137 with: (#struct){ ··· 1115 1140 "restore-keys": (string){ "${{ runner.os }}-${{ matrix.go-version }}-go-" } 1116 1141 } 1117 1142 } 1118 - 4: (#struct){ 1143 + 5: (#struct){ 1119 1144 if: (string){ "${{ github.ref == 'refs/heads/master' }}" } 1120 1145 run: (string){ "echo CUE_LONG=true >> $GITHUB_ENV" } 1121 1146 } 1122 - 5: (#struct){ 1147 + 6: (#struct){ 1123 1148 name: (string){ "Generate" } 1124 1149 run: (string){ "go generate ./..." } 1125 1150 if: (string){ "matrix.go-version == '1.16.x' && matrix.os == 'ubuntu-20.04'" } 1126 1151 } 1127 - 6: (#struct){ 1152 + 7: (#struct){ 1128 1153 name: (string){ "Test" } 1129 1154 run: (string){ "go test ./..." } 1130 1155 } 1131 - 7: (#struct){ 1156 + 8: (#struct){ 1132 1157 name: (string){ "Test with -race" } 1133 1158 run: (string){ "go test -race ./..." } 1134 1159 if: (string){ "${{ matrix.go-version == '1.18.x' && matrix.os == 'ubuntu-20.04' }}" } 1135 1160 } 1136 - 8: (#struct){ 1161 + 9: (#struct){ 1137 1162 name: (string){ "gorelease check" } 1138 1163 run: (string){ "go run golang.org/x/exp/cmd/gorelease" } 1139 1164 } 1140 - 9: (#struct){ 1165 + 10: (#struct){ 1141 1166 name: (string){ "Check that git is clean post generate and tests" } 1142 1167 run: (string){ "test -z \"$(git status --porcelain)\" || (git status; git diff; false)" } 1143 1168 } 1144 - 10: (#struct){ 1169 + 11: (#struct){ 1145 1170 name: (string){ "Pull this commit through the proxy on master" } 1146 1171 run: (string){ "v=$(git rev-parse HEAD)\ncd $(mktemp -d)\ngo mod init mod.com\nGOPROXY=https://proxy.golang.org go get -d cuelang.org/go/cmd/cue@$v" } 1147 1172 if: (string){ "${{ github.ref == 'refs/heads/master' }}" } 1148 1173 } 1149 - 11: (#struct){ 1174 + 12: (#struct){ 1150 1175 if: (string){ "${{ startsWith(github.ref, 'refs/heads/ci/') && failure() }}" } 1151 1176 name: (string){ "Post any failures for this matrix entry" } 1152 1177 run: (string){ "curl -f -s -n -H \"Content-Type: application/json\" --request POST --data \"{\\\"tag\\\":\\\"trybot\\\",\\\"message\\\":\\\"Build failed for ${{ runner.os }}-${{ matrix.go-version }}; see ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }} for more details\\\",\\\"labels\\\":{\\\"TryBot-Result\\\":-1}}\" https://review.gerrithub.io/a/changes/$(basename $(dirname $GITHUB_REF))/revisions/$(basename $GITHUB_REF)/review" } ··· 1623 1648 uses: (string){ "actions/checkout@v3" } 1624 1649 } 1625 1650 3: (#struct){ 1651 + name: (string){ "Early git and code sanity checks" } 1652 + run: (string){ "# Ensure the recent commit messages have Signed-off-by headers.\n# TODO: Remove once this is enforced for admins too;\n# see https://bugs.chromium.org/p/gerrit/issues/detail?id=15229\n# TODO: Our --max-count here is just 1, because we've made mistakes very\n# recently. Increase it to 5 or 10 soon, to also cover CL chains.\nfor commit in $(git rev-list --max-count=1 HEAD); do\n\tif ! git rev-list --format=%B --max-count=1 $commit | grep -q '^Signed-off-by:'; then\n\t\techo -e \"\nRecent commit is lacking Signed-off-by:\n\"\n\t\tgit show --quiet $commit\n\t\texit 1\n\tfi\ndone" } 1653 + if: (string){ "matrix.go-version == '1.18.x' && matrix.os == 'ubuntu-20.04'" } 1654 + } 1655 + 4: (#struct){ 1626 1656 name: (string){ "Cache Go modules" } 1627 1657 uses: (string){ "actions/cache@v3" } 1628 1658 with: (#struct){ ··· 1631 1661 "restore-keys": (string){ "${{ runner.os }}-${{ matrix.go-version }}-go-" } 1632 1662 } 1633 1663 } 1634 - 4: (#struct){ 1664 + 5: (#struct){ 1635 1665 if: (string){ "${{ github.ref == 'refs/heads/master' }}" } 1636 1666 run: (string){ "echo CUE_LONG=true >> $GITHUB_ENV" } 1637 1667 } 1638 - 5: (#struct){ 1668 + 6: (#struct){ 1639 1669 name: (string){ "Generate" } 1640 1670 run: (string){ "go generate ./..." } 1641 1671 if: (string){ "matrix.go-version == '1.16.x' && matrix.os == 'ubuntu-20.04'" } 1642 1672 } 1643 - 6: (#struct){ 1673 + 7: (#struct){ 1644 1674 name: (string){ "Test" } 1645 1675 run: (string){ "go test ./..." } 1646 1676 } 1647 - 7: (#struct){ 1677 + 8: (#struct){ 1648 1678 name: (string){ "Test with -race" } 1649 1679 run: (string){ "go test -race ./..." } 1650 1680 if: (string){ "${{ matrix.go-version == '1.18.x' && matrix.os == 'ubuntu-20.04' }}" } 1651 1681 } 1652 - 8: (#struct){ 1682 + 9: (#struct){ 1653 1683 name: (string){ "gorelease check" } 1654 1684 run: (string){ "go run golang.org/x/exp/cmd/gorelease" } 1655 1685 } 1656 - 9: (#struct){ 1686 + 10: (#struct){ 1657 1687 name: (string){ "Check that git is clean post generate and tests" } 1658 1688 run: (string){ "test -z \"$(git status --porcelain)\" || (git status; git diff; false)" } 1659 1689 } 1660 - 10: (#struct){ 1690 + 11: (#struct){ 1661 1691 name: (string){ "Pull this commit through the proxy on master" } 1662 1692 run: (string){ "v=$(git rev-parse HEAD)\ncd $(mktemp -d)\ngo mod init mod.com\nGOPROXY=https://proxy.golang.org go get -d cuelang.org/go/cmd/cue@$v" } 1663 1693 if: (string){ "${{ github.ref == 'refs/heads/master' }}" } 1664 1694 } 1665 - 11: (#struct){ 1695 + 12: (#struct){ 1666 1696 if: (string){ "${{ startsWith(github.ref, 'refs/heads/ci/') && failure() }}" } 1667 1697 name: (string){ "Post any failures for this matrix entry" } 1668 1698 run: (string){ "curl -f -s -n -H \"Content-Type: application/json\" --request POST --data \"{\\\"tag\\\":\\\"trybot\\\",\\\"message\\\":\\\"Build failed for ${{ runner.os }}-${{ matrix.go-version }}; see ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }} for more details\\\",\\\"labels\\\":{\\\"TryBot-Result\\\":-1}}\" https://review.gerrithub.io/a/changes/$(basename $(dirname $GITHUB_REF))/revisions/$(basename $GITHUB_REF)/review" } ··· 2132 2162 name: (string){ "Checkout code" } 2133 2163 uses: (string){ "actions/checkout@v3" } 2134 2164 } 2165 + _#earlyChecks(:ci): (#struct){ 2166 + name: (string){ "Early git and code sanity checks" } 2167 + run: (string){ "# Ensure the recent commit messages have Signed-off-by headers.\n# TODO: Remove once this is enforced for admins too;\n# see https://bugs.chromium.org/p/gerrit/issues/detail?id=15229\n# TODO: Our --max-count here is just 1, because we've made mistakes very\n# recently. Increase it to 5 or 10 soon, to also cover CL chains.\nfor commit in $(git rev-list --max-count=1 HEAD); do\n\tif ! git rev-list --format=%B --max-count=1 $commit | grep -q '^Signed-off-by:'; then\n\t\techo -e \"\nRecent commit is lacking Signed-off-by:\n\"\n\t\tgit show --quiet $commit\n\t\texit 1\n\tfi\ndone" } 2168 + if: (string){ "matrix.go-version == '1.18.x' && matrix.os == 'ubuntu-20.04'" } 2169 + } 2135 2170 _#cacheGoModules(:ci): (#struct){ 2136 2171 name: (string){ "Cache Go modules" } 2137 2172 uses: (string){ "actions/cache@v3" } ··· 2232 2267 〈4;_#writeNetrcFile〉, 2233 2268 〈4;_#installGo〉, 2234 2269 〈4;_#checkoutCode〉, 2270 + 〈4;_#earlyChecks〉, 2235 2271 〈4;_#cacheGoModules〉, 2236 2272 (〈4;_#step〉 & { 2237 2273 if: "${{ \(〈4;_#isMaster〉) }}" ··· 2507 2543 _#checkoutCode: (〈0;_#step〉 & { 2508 2544 name: "Checkout code" 2509 2545 uses: "actions/checkout@v3" 2546 + }) 2547 + _#earlyChecks: (〈0;_#step〉 & { 2548 + name: "Early git and code sanity checks" 2549 + run: "# Ensure the recent commit messages have Signed-off-by headers.\n# TODO: Remove once this is enforced for admins too;\n# see https://bugs.chromium.org/p/gerrit/issues/detail?id=15229\n# TODO: Our --max-count here is just 1, because we've made mistakes very\n# recently. Increase it to 5 or 10 soon, to also cover CL chains.\nfor commit in $(git rev-list --max-count=1 HEAD); do\n\tif ! git rev-list --format=%B --max-count=1 $commit | grep -q '^Signed-off-by:'; then\n\t\techo -e \"\nRecent commit is lacking Signed-off-by:\n\"\n\t\tgit show --quiet $commit\n\t\texit 1\n\tfi\ndone" 2550 + if: "matrix.go-version == '\(〈1;_#latestStableGo〉)' && matrix.os == '\(〈1;_#linuxMachine〉)'" 2510 2551 }) 2511 2552 _#cacheGoModules: (〈0;_#step〉 & { 2512 2553 name: "Cache Go modules"
+22
internal/ci/workflows.cue
··· 73 73 _#writeNetrcFile, 74 74 _#installGo, 75 75 _#checkoutCode, 76 + _#earlyChecks, 76 77 _#cacheGoModules, 77 78 _#step & { 78 79 if: "${{ \(_#isMaster) }}" ··· 364 365 _#checkoutCode: _#step & { 365 366 name: "Checkout code" 366 367 uses: "actions/checkout@v3" 368 + } 369 + 370 + _#earlyChecks: _#step & { 371 + name: "Early git and code sanity checks" 372 + run: """ 373 + # Ensure the recent commit messages have Signed-off-by headers. 374 + # TODO: Remove once this is enforced for admins too; 375 + # see https://bugs.chromium.org/p/gerrit/issues/detail?id=15229 376 + # TODO: Our --max-count here is just 1, because we've made mistakes very 377 + # recently. Increase it to 5 or 10 soon, to also cover CL chains. 378 + for commit in $(git rev-list --max-count=1 HEAD); do 379 + if ! git rev-list --format=%B --max-count=1 $commit | grep -q '^Signed-off-by:'; then 380 + echo -e "\nRecent commit is lacking Signed-off-by:\n" 381 + git show --quiet $commit 382 + exit 1 383 + fi 384 + done 385 + """ 386 + // These checks don't vary based on the Go version or OS, 387 + // so we only need to run them on one of the matrix jobs. 388 + if: "matrix.go-version == '\(_#latestStableGo)' && matrix.os == '\(_#linuxMachine)'" 367 389 } 368 390 369 391 _#cacheGoModules: _#step & {