Update copyright year and binary files check

tuhaihe · tuhaihe · commit 60a01d09f6fe · 2026-01-14T11:22:18.000+08:00
diff --git a/.github/workflows/apache-rat-audit.yml b/.github/workflows/apache-rat-audit.yml
@@ -17,10 +17,15 @@
 # permissions and limitations under the License.
 #
 # --------------------------------------------------------------------
-# Apache Rat Audit Workflow
-# Checks if all files comply with Apache licensing requirements
-# This workflow is based on the Apache Rat tool, you can run it locally
-# using the command: `mvn clean verify -Drat.consoleOutput=true`
+# Apache Cloudberry (Incubating) Compliance Workflow
+#
+# Comprehensive compliance checks for Apache Cloudberry:
+# 1. Apache RAT license header validation
+# 2. Copyright year verification (NOTICE and psql help.c)
+# 3. Binary file presence detection with approved whitelist
+#
+# Based on Apache Rat tool, run locally with:
+# `mvn clean verify -Drat.consoleOutput=true`
 # --------------------------------------------------------------------
 
 name: Apache Rat License Check
@@ -74,61 +79,117 @@ jobs:
           echo "rat_failed=false" >> $GITHUB_OUTPUT
           echo "Apache Rat check passed successfully"
 
-      - name: Check NOTICE year is up-to-date
+      - name: Check copyright years are up-to-date
         run: |
-          echo "📅 Checking NOTICE file year..."
+          echo "Checking copyright years..."
           current_year=$(date -u +"%Y")
           echo "CURRENT_YEAR=$current_year" >> $GITHUB_ENV
-          # Check if the NOTICE file contains the current year
+
+          # Check NOTICE file
+          echo "Checking NOTICE file..."
           if ! grep -q "Copyright 2024-$current_year The Apache Software Foundation" NOTICE; then
-            echo "❌ NOTICE file does not contain the current year ($current_year)"
             echo "::error::NOTICE file does not contain the current year ($current_year)"
             echo "NOTICE_CHECK=fail" >> $GITHUB_ENV
             exit 1
           else
-            echo "✅ NOTICE file contains the current year ($current_year)"
+            echo "PASS: NOTICE file contains the current year ($current_year)"
             echo "NOTICE_CHECK=pass" >> $GITHUB_ENV
           fi
+          
+          # Check psql help.c file
+          echo "Checking src/bin/psql/help.c..."
+          if ! grep -q "Copyright 2024-$current_year The Apache Software Foundation" src/bin/psql/help.c; then
+            echo "::error::src/bin/psql/help.c does not contain the current year ($current_year)"
+            echo "PSQL_HELP_CHECK=fail" >> $GITHUB_ENV
+            exit 1
+          else
+            echo "PASS: src/bin/psql/help.c contains the current year ($current_year)"
+            echo "PSQL_HELP_CHECK=pass" >> $GITHUB_ENV
+          fi
+          
+          echo "All copyright year checks passed"
 
       - name: Check for binary files
         run: |
-          echo "📦 Checking for binary files..."
-          echo "Checking extensions: class, jar, tar, tgz, zip, exe, dll, so"
+          echo "Checking for binary files..."
+          echo "Checking extensions: class, jar, tar, tgz, zip, exe, dll, so, gz, bz2"
           echo "----------------------------------------------------------------------"
           
+          # Binary file whitelist, see README.apache.md
+          WHITELIST=(
+            "contrib/formatter_fixedwidth/data/fixedwidth_small_correct.tbl.gz"
+            "gpMgmt/demo/gppkg/sample-sources.tar.gz"
+            "src/bin/gpfdist/regress/data/exttab1/nation.tbl.gz"
+            "src/bin/gpfdist/regress/data/gpfdist2/gz_multi_chunk.tbl.gz"
+            "src/bin/gpfdist/regress/data/gpfdist2/gz_multi_chunk_2.tbl.gz"
+            "src/bin/gpfdist/regress/data/gpfdist2/lineitem.tbl.bz2"
+            "src/bin/gpfdist/regress/data/gpfdist2/lineitem.tbl.gz"
+          )
+          
           # Check for specific binary file extensions
-          binary_extensions="class jar tar tgz zip exe dll so"
+          binary_extensions="class jar tar tgz zip exe dll so gz bz2"
           echo "BINARY_EXTENSIONS=${binary_extensions}" >> $GITHUB_ENV
           binary_results=""
           binaryfiles_found=false
           
           for extension in ${binary_extensions}; do
             printf "Checking *.%-4s files..." "${extension}"
-            found=$(find . -name "*.${extension}" || true)
+            found=$(find . -name "*.${extension}" -type f || true)
+            
+            # Filter out whitelisted files
             if [ -n "$found" ]; then
-              echo "❌ FOUND"
-              echo "::error::${extension} files should not exist"
-              echo "For ASF compatibility: the source tree should not contain"
-              echo "binary files as users have a hard time verifying their contents."
-              echo "Found files:"
-              echo "$found" | sed 's/^/  /'
-              echo "${extension}:${found}" >> binary_results.txt
-              binaryfiles_found=true
+              filtered_found=""
+              while IFS= read -r file; do
+                is_whitelisted=false
+                for whitelist_file in "${WHITELIST[@]}"; do
+                  if [ "$file" = "./$whitelist_file" ]; then
+                    is_whitelisted=true
+                    echo "Whitelisted: $file" >> binary_whitelist.txt
+                    break
+                  fi
+                done
+                if [ "$is_whitelisted" = false ]; then
+                  filtered_found+="$file"$'\n'
+                fi
+              done <<< "$found"
+              
+              filtered_found=$(echo "$filtered_found" | sed '/^$/d')
+              
+              if [ -n "$filtered_found" ]; then
+                echo "FOUND"
+                echo "::error::${extension} files should not exist"
+                echo "For ASF compatibility: the source tree should not contain"
+                echo "binary files as users have a hard time verifying their contents."
+                echo "Found files:"
+                echo "$filtered_found" | sed 's/^/  /'
+                echo "${extension}:${filtered_found}" >> binary_results.txt
+                binaryfiles_found=true
+              else
+                echo "NONE (all whitelisted)"
+                echo "${extension}:none" >> binary_results.txt
+              fi
             else
-              echo "✅ NONE"
+              echo "NONE"
               echo "${extension}:none" >> binary_results.txt
             fi
           done
           
           echo "----------------------------------------------------------------------"
           if [ "$binaryfiles_found" = true ]; then
-            echo "❌ Binary files were found in the source tree"
+            echo "ERROR: Non-whitelisted binary files were found in the source tree"
             echo "BINARY_CHECK=fail" >> $GITHUB_ENV
             exit 1
           else
-            echo "✅ No binary files found"
+            echo "PASS: No non-whitelisted binary files found"
             echo "BINARY_CHECK=pass" >> $GITHUB_ENV
           fi
+          
+          # Show whitelist summary if any whitelisted files were found
+          if [ -f binary_whitelist.txt ]; then
+            echo ""
+            echo "Whitelisted binary files (approved):"
+            cat binary_whitelist.txt | sed 's/^/  /'
+          fi
 
       - name: Upload Rat check results
         if: always()
@@ -146,38 +207,57 @@ jobs:
             echo "- Run Time: $(date -u +'%Y-%m-%d %H:%M:%S UTC')"
             echo ""
             
-            # NOTICE Year Check Summary
-            echo "### 📅 NOTICE Year Check"
+            # Copyright Year Check Summary
+            echo "### Copyright Year Checks"
+            echo "**NOTICE file:**"
             if [ "$NOTICE_CHECK" = "pass" ]; then
-              echo "✅ NOTICE file contains the current year ($CURRENT_YEAR)"
+              echo "PASS: Contains current year ($CURRENT_YEAR)"
             else
-              echo "❌ NOTICE file does not contain the current year ($CURRENT_YEAR)"
+              echo "ERROR: Does not contain current year ($CURRENT_YEAR)"
+            fi
+            echo ""
+            echo "**psql help.c:**"
+            if [ "$PSQL_HELP_CHECK" = "pass" ]; then
+              echo "PASS: Contains current year ($CURRENT_YEAR)"
+            else
+              echo "ERROR: Does not contain current year ($CURRENT_YEAR)"
             fi
             echo ""
 
             # Binary Files Check Summary
-            echo "### 📦 Binary Files Check"
+            echo "### Binary Files Check"
             echo "Checked extensions: \`${BINARY_EXTENSIONS}\`"
             echo ""
             echo "Results:"
             echo "\`\`\`"
             if [ -f binary_results.txt ]; then
               while IFS=: read -r ext files; do
                 if [ "$files" = "none" ]; then
-                  echo "✅ No .${ext} files found"
+                  echo "PASS: No .${ext} files found"
                 else
-                  echo "❌ Found .${ext} files:"
+                  echo "ERROR: Found .${ext} files:"
                   echo "$files" | sed 's/^/  /'
                 fi
               done < binary_results.txt
             fi
             echo "\`\`\`"
             echo ""
+            
+            # Whitelist summary
+            if [ -f binary_whitelist.txt ]; then
+              echo "#### Whitelisted Binary Files"
+              echo "The following binary files are approved for testing purposes:"
+              echo "You can see [README.apache.md](https://github.com/apache/cloudberry/blob/main/README.apache.md) for details."
+              echo "\`\`\`"
+              cat binary_whitelist.txt | sed 's/Whitelisted: //'
+              echo "\`\`\`"
+              echo ""
+            fi
 
             if [[ -f rat-output.log ]]; then
               # First extract and display summary statistics (only once)
               if grep -q "Rat check: Summary over all files" rat-output.log; then
-                echo "#### 📊 License Summary"
+                echo "#### License Summary"
                 summary_line=$(grep "Rat check: Summary over all files" rat-output.log)
                 echo "\`\`\`"
                 echo "$summary_line"
@@ -187,12 +267,12 @@ jobs:
 
               # Then determine the result status
               if grep -q "\[INFO\] BUILD FAILURE" rat-output.log; then
-                echo "### ❌ Check Failed - License Compliance Issues Detected"
+                echo "### Check Failed - License Compliance Issues Detected"
                 echo ""
 
                 # Extract and display files with unapproved licenses
                 if grep -q "Files with unapproved licenses:" rat-output.log; then
-                  echo "#### 🚫 Files with Unapproved Licenses"
+                  echo "#### Files with Unapproved Licenses"
                   echo "\`\`\`"
                   # Get the line with "Files with unapproved licenses:" and all following lines until the dashed line
                   sed -n '/Files with unapproved licenses:/,/\[INFO\] ------------------------------------------------------------------------/p' rat-output.log | \
@@ -203,7 +283,7 @@ jobs:
                   echo ""
                 fi
 
-                echo "💡 **How to fix:**"
+                echo "**How to fix:**"
                 echo ""
                 echo "**For new original files you created:**"
                 echo "- Add the standard Apache License header to each file"
@@ -218,14 +298,14 @@ jobs:
                 echo "- Email dev@cloudberry.apache.org if you have questions about license compatibility"
 
               elif grep -q "\[INFO\] BUILD SUCCESS" rat-output.log; then
-                echo "### ✅ Check Passed - All Files Comply with Apache License Requirements"
+                echo "### Check Passed - All Files Comply with Apache License Requirements"
 
               else
-                echo "### ⚠️ Indeterminate Result"
+                echo "### Indeterminate Result"
                 echo "Check the uploaded log file for details."
               fi
             else
-              echo "### ⚠️ No Output Log Found"
+              echo "### No Output Log Found"
               echo "The rat-output.log file was not generated."
             fi
           } >> "$GITHUB_STEP_SUMMARY"
