libdatadog/.github/workflows/lint.yml at 1d229c6997cf0275d62e5d1f300ff60d8cd54be9 · DataDog/libdatadog · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
name: Lint
on:
  push:
env:
  CARGO_TERM_COLOR: always

jobs:
  actionlint:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout sources
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2
      - name: Run actionlint
        uses: devops-actions/actionlint@c6744a34774e4e1c1df0ff66bdb07ec7ee480ca0 # 0.1.9
        with:
          shellcheck_opts: '-e SC2086'
  rustfmt:
    runs-on: ubuntu-latest
    env:
      CARGO_TERM_COLOR: always
      CARGO_INCREMENTAL: 0
    steps:
      - name: Checkout sources
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2
      - name: Install nightly-2024-12-16 toolchain and rustfmt
        run: rustup install nightly-2024-12-16 && rustup default nightly-2024-12-16 && rustup component add rustfmt
      - name: Cache [rust]
        uses: Swatinem/rust-cache@f13886b937689c021905a6b90929199931d60db1 # 2.8.1
        with:
          cache-targets: true # cache build artifacts
          cache-bin: true # cache the ~/.cargo/bin directory
      - run: cargo fmt --all -- --check
  clippy:
    name: "clippy #${{ matrix.platform }} ${{ matrix.rust_version }}"
    runs-on: ${{ matrix.platform }}
    strategy:
      fail-fast: false
      matrix:
        rust_version: ["1.84.1", "stable", "nightly-2024-12-16"]
        platform: [windows-latest, ubuntu-latest]
    steps:
      - name: Checkout sources
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2
      - name: Install ${{ matrix.rust_version }} toolchain and clippy
        run: rustup install ${{ matrix.rust_version }} && rustup default ${{ matrix.rust_version }} && rustup component add clippy
      - name: Cache [rust]
        uses: Swatinem/rust-cache@f13886b937689c021905a6b90929199931d60db1 # 2.8.1
        with:
          cache-targets: true # cache build artifacts
          cache-bin: true # cache the ~/.cargo/bin directory
      - name: Run clippy on ${{ matrix.platform }} ${{ matrix.rust_version }}
        shell: bash
        run: |
          if [[ "${{ matrix.platform }}" == "windows-latest" ]]; then
            export AWS_LC_FIPS_SYS_NO_ASM=1
          fi
          # shellcheck disable=SC2046
          cargo clippy --workspace --all-targets --all-features -- -D warnings

  licensecheck:
    runs-on: ubuntu-latest
    name: "Presence of licence headers"
    steps:
      - name: Checkout sources
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2
      - name: Install licensecheck
        run: sudo apt-get install -y licensecheck
      - name: Check licenses
        # Exclude symbolizer-ffi from the checks (mostly imported code)
        run: '! find . \( -name "*.rs" -o -name "*.c" -o -name "*.sh" \)  -not -path "./symbolizer-ffi/*" -not -path "./datadog-ipc/plugins/*" -not -path "./datadog-ipc/tarpc/*" -print0 | xargs -0 licensecheck -c ".*" | grep -v "Apache License 2.0"'

  # todo: fix upstream warnings; from the readme:
  # The most common cause of missing licenses seems to be workspaces that
  # don't include forward their license files. Go to the repo for the
  # workspace and copy the relevant files from there.
  # A package license may receive a confidence warning stating that
  # cargo-bundle-licenses is "unsure" or "semi" confident. This means that
  # when the found license was compared to a template license it was found to
  # have diverged in more than a few words. You should verify that the licence
  #  text is in fact correct in these cases.
  license-3rdparty:
    runs-on: ubuntu-latest
    name: "Valid LICENSE-3rdparty.yml"
    steps:
      - name: Checkout sources
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2
      - run: stat LICENSE-3rdparty.yml
      - name: Cache
        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # 4.2.2
        with:
          path: |
            ~/.cargo/registry/
            ~/.cargo/git/db/
            ~/.cargo/bin/
            ~/.cargo/.crates.toml
          # cache key contains current version of cargo-bundle-licenses
          # when upstream version is updated we can bump the cache key version,
          # to cache the latest version of the tool
          key: "v1-4.0.0"
      # cargo-bundle-licenses v2.0 doesn't understand path differences due to
      # sparse vs git index, so force git.
      - run: mkdir -p .cargo && printf "[registries.crates-io]\nprotocol = \"git\"\n" > .cargo/config.toml
      - run: cargo install --version "4.0.0" cargo-bundle-licenses
      - name: "Generate new LICENSE-3rdparty.yml and check against the previous"
        env:
          CARGO_HOME: "/tmp/dd-cargo"
        run: |
          # Run cargo bundle-licenses without directly checking against a previous snapshot
          cargo bundle-licenses \
            --format yaml \
            --output /tmp/CI.yaml

          # Normalize the paths in both files to ignore registry differences
          sed -E 's/(registry\/src\/)[^\/]+/\1normalized_path/g' /tmp/CI.yaml > /tmp/CI_normalized.yaml
          sed -E 's/(registry\/src\/)[^\/]+/\1normalized_path/g' LICENSE-3rdparty.yml > /tmp/LICENSE-3rdparty_normalized.yml

          # Now perform the diff on the normalized files
          if ! diff /tmp/CI_normalized.yaml /tmp/LICENSE-3rdparty_normalized.yml; then
            echo "Differences detected (see above). You probably need to manually update the license files. To do so:"
            echo "cargo install cargo-bundle-licenses"
            echo "./scripts/update_license_3rdparty.sh"
            echo "...and push a commit with the result. Also, bonus points if someone automates this, wink wink nudge nudge."
            exit 1
          fi

          echo "No differences found."


      - name: export the generated license file on failure
        if: failure()
        uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # 4.6.1
        with:
          name: LICENSE-3rdparty.yml
          path: /tmp/CI.yaml
          overwrite: true

  codeowners-validator:
    runs-on: ubuntu-latest
    name: "Validate CODEOWNERS"
    steps:
      - name: Checkout sources
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2
      - name: GitHub CODEOWNERS Validator
        uses: mszostok/codeowners-validator@7f3f5e28c6d7b8dfae5731e54ce2272ca384592f #v0.7.4
        # input parameters
        with:
          github_app_id: ${{ secrets.CODEOWNERS_VALIDATOR_APP_ID }}
          github_app_installation_id: ${{ secrets.CODEOWNERS_VALIDATOR_APP_INSTALLATION_ID }}
          github_app_private_key: ${{ secrets.CODEOWNERS_VALIDATOR_APP_PRIVATE_KEY }}

          # "The list of checks that will be executed. By default, all checks are executed. Possible values: files,owners,duppatterns,syntax"
          checks: "files,duppatterns,syntax"
          # "The comma-separated list of experimental checks that should be executed. By default, all experimental checks are turned off. Possible values: notowned."
          experimental_checks: "notowned"
          # The repository path in which CODEOWNERS file should be validated."
          repository_path: "."