openwrt/.github/workflows/formal.yml
Alex Low 3a9f927c2f
build: harden GitHub workflow permissions
Grant pull-requests write permission to the labeler workflow and
read-only to everything else.

Signed-off-by: Alex Low <aleksandrosansan@gmail.com>
[ wrap to 80 columns and fix wrong author as requested by author itself ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 7152599407)
2022-12-04 16:26:59 +01:00

74 lines
2.2 KiB
YAML

name: Test Formalities
on:
pull_request:
permissions:
contents: read
jobs:
build:
name: Test Formalities
runs-on: ubuntu-latest
strategy:
fail-fast: false
steps:
- uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.sha }}
fetch-depth: 0
- name: Determine branch name
run: |
BRANCH="${GITHUB_BASE_REF#refs/heads/}"
echo "Building for $BRANCH"
echo "BRANCH=$BRANCH" >> $GITHUB_ENV
- name: Test formalities
run: |
source .github/workflows/ci_helpers.sh
RET=0
for commit in $(git rev-list HEAD ^origin/$BRANCH); do
info "=== Checking commit '$commit'"
if git show --format='%P' -s $commit | grep -qF ' '; then
err "Pull request should not include merge commits"
RET=1
fi
author="$(git show -s --format=%aN $commit)"
if echo $author | grep -q '\S\+\s\+\S\+'; then
success "Author name ($author) seems ok"
else
err "Author name ($author) need to be your real name 'firstname lastname'"
RET=1
fi
subject="$(git show -s --format=%s $commit)"
if echo "$subject" | grep -q -e '^[0-9A-Za-z,+/_\.-]\+: ' -e '^Revert '; then
success "Commit subject line seems ok ($subject)"
else
err "Commit subject line MUST start with '<area>: ' ($subject)"
RET=1
fi
body="$(git show -s --format=%b $commit)"
sob="$(git show -s --format='Signed-off-by: %aN <%aE>' $commit)"
if echo "$body" | grep -qF "$sob"; then
success "Signed-off-by match author"
else
err "Signed-off-by is missing or doesn't match author (should be '$sob')"
RET=1
fi
if echo "$body" | grep -v "Signed-off-by:"; then
success "A commit message exists"
else
err "Missing commit message. Please describe your changes"
RET=1
fi
done
exit $RET