From 43f1d533e5b672c7fc556b6337fbedbc0b83cc22 Mon Sep 17 00:00:00 2001 From: Anas Nashif Date: Wed, 20 Nov 2024 19:02:39 -0500 Subject: [PATCH 1/5] ci: twister: convert to pull_request Convert twister workflow to use pull_request. Signed-off-by: Anas Nashif --- .github/workflows/twister-prep.yaml | 2 +- .github/workflows/twister-publish.yaml | 2 +- .github/workflows/twister.yaml | 6 +++--- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/twister-prep.yaml b/.github/workflows/twister-prep.yaml index 4c8b03a5418..a54609668b5 100644 --- a/.github/workflows/twister-prep.yaml +++ b/.github/workflows/twister-prep.yaml @@ -15,7 +15,7 @@ on: jobs: prep_pr: - if: github.repository_owner == 'zephyrproject-rtos' && github.event_name == 'pull_request_target' + if: github.repository_owner == 'zephyrproject-rtos' && github.event_name == 'pull_request' runs-on: group: zephyr-runner-v2-linux-x64-4xlarge container: diff --git a/.github/workflows/twister-publish.yaml b/.github/workflows/twister-publish.yaml index f59a3edca3d..4e02047a33e 100644 --- a/.github/workflows/twister-publish.yaml +++ b/.github/workflows/twister-publish.yaml @@ -12,7 +12,7 @@ jobs: upload-to-elasticsearch: if: | github.repository == 'zephyrproject-rtos/zephyr' && - github.event.workflow_run.event != 'pull_request_target' + github.event.workflow_run.event != 'pull_request' env: ELASTICSEARCH_KEY: ${{ secrets.ELASTICSEARCH_KEY }} ELASTICSEARCH_SERVER: "https://elasticsearch.zephyrproject.io:443" diff --git a/.github/workflows/twister.yaml b/.github/workflows/twister.yaml index 0fa810b3dd7..6634ebb9a3a 100644 --- a/.github/workflows/twister.yaml +++ b/.github/workflows/twister.yaml @@ -6,7 +6,7 @@ on: - main - v*-branch - collab-* - pull_request_target: + pull_request: branches: - main - v*-branch @@ -80,7 +80,7 @@ jobs: - name: Environment Setup run: | - if [ "${{github.event_name}}" = "pull_request_target" ]; then + if [ "${{github.event_name}}" = "pull_request" ]; then git config --global user.email "bot@zephyrproject.org" git config --global user.name "Zephyr Builder" rm -fr ".git/rebase-apply" @@ -141,7 +141,7 @@ jobs: fi fi - - if: github.event_name == 'pull_request_target' + - if: github.event_name == 'pull_request' name: Run Tests with Twister (Pull Request) id: run_twister_pr run: | From ecb1139c423ef20de48f11527cb62dfd767c7cdc Mon Sep 17 00:00:00 2001 From: Anas Nashif Date: Sat, 23 Nov 2024 06:49:54 -0500 Subject: [PATCH 2/5] ci: compliance: convert compliance to workflow_call Add compliance to twister workflow as a the first step. If compliance fials, no twister will run. Signed-off-by: Anas Nashif --- .github/workflows/compliance.yml | 31 ++++++++++++++++++++----------- .github/workflows/twister.yaml | 5 +++++ 2 files changed, 25 insertions(+), 11 deletions(-) diff --git a/.github/workflows/compliance.yml b/.github/workflows/compliance.yml index ecd874dd486..f31f8743f99 100644 --- a/.github/workflows/compliance.yml +++ b/.github/workflows/compliance.yml @@ -1,15 +1,20 @@ name: Compliance Checks on: - pull_request: - types: - - edited - - opened - - reopened - - synchronize + workflow_call: jobs: + check_compliance_push: + if: github.event_name == 'push' + runs-on: ubuntu-22.04 + name: Run compliance checks on patch series (PR) + steps: + - name: Do nothing + run: | + echo "Doing nothing" + check_compliance: + if: github.event_name == 'pull_request' runs-on: ubuntu-22.04 name: Run compliance checks on patch series (PR) steps: @@ -93,6 +98,8 @@ jobs: path: compliance.xml - name: check-warns + id: check-warns + continue-on-error: true run: | if [[ ! -s "compliance.xml" ]]; then exit 1; @@ -121,10 +128,12 @@ jobs: if [ "${exit}" == "1" ]; then echo "Compliance error, check for error messages in the \"Run Compliance Tests\" step" echo "You can run this step locally with the ./scripts/ci/check_compliance.py script." + echo "exit_code=${exit}" >> $GITHUB_OUTPUT exit 1; fi - - if [ "${{ steps.pr_description.outcome }}" == "failure" ]; then - echo "PR description cannot be empty" - exit 1; - fi + - name: resolve + if: | + steps.check-warns.outputs.exit_code != 0 && + ! contains(github.event.pull_request.labels.*.name, 'Compliance: False Positive') + run: | + exit ${{ steps.check-warns.outputs.exit_code }} diff --git a/.github/workflows/twister.yaml b/.github/workflows/twister.yaml index 6634ebb9a3a..801030b2ab2 100644 --- a/.github/workflows/twister.yaml +++ b/.github/workflows/twister.yaml @@ -20,7 +20,11 @@ concurrency: cancel-in-progress: true jobs: + compliance-check: + uses: ./.github/workflows/compliance.yml + twister-build-prep: + needs: compliance-check uses: ./.github/workflows/twister-prep.yaml twister-build: @@ -245,6 +249,7 @@ jobs: if: always() name: "Check Twister Status" needs: + - compliance-check - twister-build-prep - twister-build uses: ./.github/workflows/ready-to-merge.yml From dec300da6ac0a452709b875f254f21c19c419666 Mon Sep 17 00:00:00 2001 From: Anas Nashif Date: Tue, 3 Dec 2024 17:46:37 -0500 Subject: [PATCH 3/5] ci: move PR body check to a different workflow Move PR body check to a workflow that monitors editing of PRs. Avoids rerunnin compliance check and other heavy weights workflows on just an edit of the PR body. Signed-off-by: Anas Nashif --- .github/workflows/compliance.yml | 8 -------- .github/workflows/do_not_merge.yml | 20 ++++++++++++++++++-- 2 files changed, 18 insertions(+), 10 deletions(-) diff --git a/.github/workflows/compliance.yml b/.github/workflows/compliance.yml index f31f8743f99..f3c371424ad 100644 --- a/.github/workflows/compliance.yml +++ b/.github/workflows/compliance.yml @@ -67,14 +67,6 @@ jobs: west config manifest.group-filter -- +ci,-optional west update -o=--depth=1 -n 2>&1 1> west.update.log || west update -o=--depth=1 -n 2>&1 1> west.update2.log - - name: Check for PR description - if: ${{ github.event.pull_request.body == '' }} - continue-on-error: true - id: pr_description - run: | - echo "Pull request description cannot be empty." - exit 1 - - name: Run Compliance Tests continue-on-error: true id: compliance diff --git a/.github/workflows/do_not_merge.yml b/.github/workflows/do_not_merge.yml index b6954e288c9..4de0defe85d 100644 --- a/.github/workflows/do_not_merge.yml +++ b/.github/workflows/do_not_merge.yml @@ -1,8 +1,14 @@ -name: Do Not Merge +name: PR Metadata Check on: pull_request: - types: [synchronize, opened, reopened, labeled, unlabeled] + types: + - synchronize + - opened + - reopened + - labeled + - unlabeled + - edited jobs: do-not-merge: @@ -18,3 +24,13 @@ jobs: echo "Pull request is labeled as 'DNM', 'TSC', 'Architecture Review' or 'dev-review'." echo "This workflow fails so that the pull request cannot be merged." exit 1 + + empty_pr_description: + if: ${{ github.event.pull_request.body == '' }} + name: PR Description + runs-on: ubuntu-22.04 + steps: + - name: Check for PR description + run: | + echo "Pull request description cannot be empty." + exit 1 From 839135352da956d72f75f5d7fb8fcc4b36d53934 Mon Sep 17 00:00:00 2001 From: Anas Nashif Date: Tue, 3 Dec 2024 17:49:15 -0500 Subject: [PATCH 4/5] ci: workflows: rename do_not_merge workflow Add more functionality to the workflow, it is not only about not-merging anymore. Signed-off-by: Anas Nashif --- .github/workflows/{do_not_merge.yml => pr_metadata_check.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/workflows/{do_not_merge.yml => pr_metadata_check.yml} (100%) diff --git a/.github/workflows/do_not_merge.yml b/.github/workflows/pr_metadata_check.yml similarity index 100% rename from .github/workflows/do_not_merge.yml rename to .github/workflows/pr_metadata_check.yml From d927ed784571a5a0284b7c815bbeba4235408206 Mon Sep 17 00:00:00 2001 From: Anas Nashif Date: Sat, 14 Dec 2024 10:34:59 -0500 Subject: [PATCH 5/5] tags --- tests/kernel/semaphore/semaphore/testcase.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/kernel/semaphore/semaphore/testcase.yaml b/tests/kernel/semaphore/semaphore/testcase.yaml index a756990ebac..1a41fd8a08b 100644 --- a/tests/kernel/semaphore/semaphore/testcase.yaml +++ b/tests/kernel/semaphore/semaphore/testcase.yaml @@ -3,4 +3,5 @@ tests: tags: - kernel - userspace + - blah ignore_faults: true