diff --git a/.github/workflows/compliance.yml b/.github/workflows/compliance.yml index ecd874dd486..f3c371424ad 100644 --- a/.github/workflows/compliance.yml +++ b/.github/workflows/compliance.yml @@ -1,15 +1,20 @@ name: Compliance Checks on: - pull_request: - types: - - edited - - opened - - reopened - - synchronize + workflow_call: jobs: + check_compliance_push: + if: github.event_name == 'push' + runs-on: ubuntu-22.04 + name: Run compliance checks on patch series (PR) + steps: + - name: Do nothing + run: | + echo "Doing nothing" + check_compliance: + if: github.event_name == 'pull_request' runs-on: ubuntu-22.04 name: Run compliance checks on patch series (PR) steps: @@ -62,14 +67,6 @@ jobs: west config manifest.group-filter -- +ci,-optional west update -o=--depth=1 -n 2>&1 1> west.update.log || west update -o=--depth=1 -n 2>&1 1> west.update2.log - - name: Check for PR description - if: ${{ github.event.pull_request.body == '' }} - continue-on-error: true - id: pr_description - run: | - echo "Pull request description cannot be empty." - exit 1 - - name: Run Compliance Tests continue-on-error: true id: compliance @@ -93,6 +90,8 @@ jobs: path: compliance.xml - name: check-warns + id: check-warns + continue-on-error: true run: | if [[ ! -s "compliance.xml" ]]; then exit 1; @@ -121,10 +120,12 @@ jobs: if [ "${exit}" == "1" ]; then echo "Compliance error, check for error messages in the \"Run Compliance Tests\" step" echo "You can run this step locally with the ./scripts/ci/check_compliance.py script." + echo "exit_code=${exit}" >> $GITHUB_OUTPUT exit 1; fi - - if [ "${{ steps.pr_description.outcome }}" == "failure" ]; then - echo "PR description cannot be empty" - exit 1; - fi + - name: resolve + if: | + steps.check-warns.outputs.exit_code != 0 && + ! contains(github.event.pull_request.labels.*.name, 'Compliance: False Positive') + run: | + exit ${{ steps.check-warns.outputs.exit_code }} diff --git a/.github/workflows/do_not_merge.yml b/.github/workflows/pr_metadata_check.yml similarity index 60% rename from .github/workflows/do_not_merge.yml rename to .github/workflows/pr_metadata_check.yml index b6954e288c9..4de0defe85d 100644 --- a/.github/workflows/do_not_merge.yml +++ b/.github/workflows/pr_metadata_check.yml @@ -1,8 +1,14 @@ -name: Do Not Merge +name: PR Metadata Check on: pull_request: - types: [synchronize, opened, reopened, labeled, unlabeled] + types: + - synchronize + - opened + - reopened + - labeled + - unlabeled + - edited jobs: do-not-merge: @@ -18,3 +24,13 @@ jobs: echo "Pull request is labeled as 'DNM', 'TSC', 'Architecture Review' or 'dev-review'." echo "This workflow fails so that the pull request cannot be merged." exit 1 + + empty_pr_description: + if: ${{ github.event.pull_request.body == '' }} + name: PR Description + runs-on: ubuntu-22.04 + steps: + - name: Check for PR description + run: | + echo "Pull request description cannot be empty." + exit 1 diff --git a/.github/workflows/twister-prep.yaml b/.github/workflows/twister-prep.yaml index 4c8b03a5418..a54609668b5 100644 --- a/.github/workflows/twister-prep.yaml +++ b/.github/workflows/twister-prep.yaml @@ -15,7 +15,7 @@ on: jobs: prep_pr: - if: github.repository_owner == 'zephyrproject-rtos' && github.event_name == 'pull_request_target' + if: github.repository_owner == 'zephyrproject-rtos' && github.event_name == 'pull_request' runs-on: group: zephyr-runner-v2-linux-x64-4xlarge container: diff --git a/.github/workflows/twister-publish.yaml b/.github/workflows/twister-publish.yaml index f59a3edca3d..4e02047a33e 100644 --- a/.github/workflows/twister-publish.yaml +++ b/.github/workflows/twister-publish.yaml @@ -12,7 +12,7 @@ jobs: upload-to-elasticsearch: if: | github.repository == 'zephyrproject-rtos/zephyr' && - github.event.workflow_run.event != 'pull_request_target' + github.event.workflow_run.event != 'pull_request' env: ELASTICSEARCH_KEY: ${{ secrets.ELASTICSEARCH_KEY }} ELASTICSEARCH_SERVER: "https://elasticsearch.zephyrproject.io:443" diff --git a/.github/workflows/twister.yaml b/.github/workflows/twister.yaml index 0fa810b3dd7..801030b2ab2 100644 --- a/.github/workflows/twister.yaml +++ b/.github/workflows/twister.yaml @@ -6,7 +6,7 @@ on: - main - v*-branch - collab-* - pull_request_target: + pull_request: branches: - main - v*-branch @@ -20,7 +20,11 @@ concurrency: cancel-in-progress: true jobs: + compliance-check: + uses: ./.github/workflows/compliance.yml + twister-build-prep: + needs: compliance-check uses: ./.github/workflows/twister-prep.yaml twister-build: @@ -80,7 +84,7 @@ jobs: - name: Environment Setup run: | - if [ "${{github.event_name}}" = "pull_request_target" ]; then + if [ "${{github.event_name}}" = "pull_request" ]; then git config --global user.email "bot@zephyrproject.org" git config --global user.name "Zephyr Builder" rm -fr ".git/rebase-apply" @@ -141,7 +145,7 @@ jobs: fi fi - - if: github.event_name == 'pull_request_target' + - if: github.event_name == 'pull_request' name: Run Tests with Twister (Pull Request) id: run_twister_pr run: | @@ -245,6 +249,7 @@ jobs: if: always() name: "Check Twister Status" needs: + - compliance-check - twister-build-prep - twister-build uses: ./.github/workflows/ready-to-merge.yml diff --git a/tests/kernel/semaphore/semaphore/testcase.yaml b/tests/kernel/semaphore/semaphore/testcase.yaml index a756990ebac..1a41fd8a08b 100644 --- a/tests/kernel/semaphore/semaphore/testcase.yaml +++ b/tests/kernel/semaphore/semaphore/testcase.yaml @@ -3,4 +3,5 @@ tests: tags: - kernel - userspace + - blah ignore_faults: true