11name : Compliance
22
3- # Controls when the workflow will run
4- on :
5- pull_request :
6- types : [opened, synchronize, reopened]
3+ on : pull_request
74
8- # Allows you to run this workflow manually from the Actions tab
9- workflow_dispatch :
5+ permissions :
6+ contents : read
107
11- # A workflow run is made up of one or more jobs that can run sequentially or in parallel
128jobs :
13- # This workflow contains a single job called "build"
149 compliance_job :
15- # The type of runner that the job will run on
16- runs-on : ubuntu-latest
10+ runs-on : ubuntu-24.04
1711 name : Run compliance checks on patch series (PR)
18-
19- # Steps represent a sequence of tasks that will be executed as part of the job
2012 steps :
21- # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
22- - name : Checkout the code
23- uses : actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
13+ - name : Update PATH for west
14+ run : |
15+ echo "$HOME/.local/bin" >> $GITHUB_PATH
16+
17+ - name : Checkout sources
18+ uses : nrfconnect/action-checkout-west-update@main
2419 with :
25- path : nrf-bm
26- ref : ${{ github.event.pull_request.head.sha }}
27- fetch-depth : 0
20+ git-fetch-depth : 0
21+ git-ref : ${{ github.event.pull_request.head.sha }}
22+ rebase : true
23+ path : ncs/nrf-bm
2824
2925 - name : cache-pip
30- uses : actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4
26+ uses : actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4
3127 with :
3228 path : ~/.cache/pip
3329 key : ${{ runner.os }}-doc-pip
3430
35- - name : Install python prerequisites
36- working-directory : nrf-bm
37- run : |
38- export PATH="$HOME/.local/bin:$PATH"
39- pip3 install -U -r scripts/requirements.txt
40- pip3 show -f west
41-
42- - name : West init and update
43- env :
44- BASE_REF : ${{ github.base_ref }}
45- working-directory : nrf-bm
46- run : |
47- git config --global user.email "[email protected] " 48- git config --global user.name "Your Name"
49- git remote -v
50- # Ensure there's no merge commits in the PR
51- #[[ "$(git rev-list --merges --count origin/${BASE_REF}..)" == "0" ]] || \
52- #(echo "::error ::Merge commits not allowed, rebase instead";false)
53- git rebase origin/${BASE_REF}
54- # debug
55- git log --pretty=oneline | head -n 10
56- west init -l . || true
57- west config manifest.group-filter -- +ci,-optional
58- west update -o=--depth=1 -n 2>&1 1> west.update.log || west update -o=--depth=1 -n 2>&1 1> west.update2.log
59-
6031 - name : Install python dependencies
61- working-directory : nrf
32+ working-directory : ncs/ nrf
6233 run : |
6334 pip3 install -U pip
6435 pip3 install -U wheel
6536 grep -E "^setuptools" scripts/requirements-fixed.txt | cut -d ' ' -f '1' | xargs pip3 install -U
66- grep -E "^python-magic=|^junitparser|^lxml|^gitlint|^pylint|^python-dotenv|^tabulate|^pykwalify|^yamllint|^unidiff " scripts/requirements-fixed.txt | cut -d ' ' -f '1' | xargs pip3 install -U
37+ grep -E "^python-magic=|^junitparser|^lxml|^gitlint|^pylint|^pykwalify|^yamllint|^unidiff|^vermin|^python-dotenv|^tabulate " scripts/requirements-fixed.txt | cut -d ' ' -f '1' | xargs pip3 install -U
6738 grep -E "^west" scripts/requirements-fixed.txt | cut -d ' ' -f '1' | xargs pip3 install -U
6839 pip3 show -f west
6940
41+ - name : Run merge commits test
42+ env :
43+ BASE_REF : ${{ github.base_ref }}
44+ working-directory : ncs/nrf-bm
45+ run : |
46+ # Ensure there's no merge commits in the PR
47+ [[ "$(git rev-list --merges --count origin/${BASE_REF}..)" == "0" ]] || \
48+ (echo "::error ::Merge commits not allowed, rebase instead";false)
49+
7050 - name : Run CODEOWNERS test
7151 id : codeowners
7252 env :
7353 BASE_REF : ${{ github.base_ref }}
74- working-directory : nrf-bm
54+ working-directory : ncs/ nrf-bm
7555 if : contains(github.event.pull_request.user.login, 'dependabot[bot]') != true
7656 run : |
7757 ../nrf/scripts/ci/codeowners.py -c origin/${BASE_REF}..
@@ -81,32 +61,29 @@ jobs:
8161 id : compliance
8262 env :
8363 BASE_REF : ${{ github.base_ref }}
84- working-directory : nrf-bm
64+ working-directory : ncs/ nrf-bm
8565 if : contains(github.event.pull_request.user.login, 'dependabot[bot]') != true
8666 run : |
8767 export ZEPHYR_BASE="$(dirname "$(pwd)")/zephyr"
8868 # debug
8969 ls -la
9070 git log --pretty=oneline | head -n 10
91- exec 2> compliance_errors.txt
9271 $ZEPHYR_BASE/scripts/ci/check_compliance.py --annotate \
93- -e KconfigBasicNoModules -e ClangFormat -e SysbuildKconfigBasicNoModules \
72+ -e KconfigBasicNoModules -e ClangFormat \
73+ -e SysbuildKconfigBasicNoModules \
9474 -c origin/${BASE_REF}..
95- if [[ $? -ne 0 ]]; then
96- echo "$?" >&2
97- fi
9875
9976 - name : upload-results
100- uses : actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
101- continue-on-error : True
77+ uses : actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4
78+ continue-on-error : true
10279 if : contains(github.event.pull_request.user.login, 'dependabot[bot]') != true
10380 with :
10481 name : compliance.xml
105- path : nrf-bm/compliance.xml
82+ path : ncs/ nrf-bm/compliance.xml
10683 overwrite : true
10784
10885 - name : check-warns
109- working-directory : nrf-bm
86+ working-directory : ncs/ nrf-bm
11087 if : contains(github.event.pull_request.user.login, 'dependabot[bot]') != true
11188 run : |
11289 export ZEPHYR_BASE="$(dirname "$(pwd)")/zephyr"
0 commit comments