scripts: ci: check_compliance: use correct error when author didn't sign

Commit e4650bc modified check_compliance
to avoid false negatives when a commit has multiple signoff lines and the
author's signoff line isn't the first one. To avoid this, a signoff line
which matches exactly the author's name and email is searched instead of
matching any line with the proper syntax and checking the fields.

While this solved the original issue, this also introduced a new issue:
whereas the old script would distinguish a properly formed signoff line
with the wrong author from a malformed signoff line, the new method now
checks both the syntax and the author name/email at the same time. As
such, the script will report "signoff line does not follow the syntax"
for both situations, but the signoff line DOES follow the syntax in the
latter case: the error message is then only a misleading red herring.

Fix this issue - and improve the check - by verifying every signoff line
in a commit's message body. Invalid syntax on any line is reported as a
"does not follow syntax" failure, whereas inability to find the commit
author is reported as a separate "no signoff entry matches commit author"
failure as it should always have...

Signed-off-by: Mathieu Choplain <[email protected]>

Author: mathieuchopstm

scripts/ci/check_compliance.py

@@ -1746,27 +1746,31 @@ def run(self):
                 self.failure(f'Unable to parse commit message for {shaidx}')
                 continue
 
-            match_signoff = re.search(r"signed-off-by:\s(.*)", body,
-                                      re.IGNORECASE)
-            detailed_match = re.search(rf"signed-off-by:\s({re.escape(auth_name)}) <({re.escape(auth_email)})>",
-                                       body,
-                                       re.IGNORECASE)
-
             if auth_email.endswith("@users.noreply.github.com"):
                 failures.append(f"{shaidx}: author email ({auth_email}) must "
                                 "be a real email and cannot end in "
                                 "@users.noreply.github.com")
 
-            if not match_signoff:
+            # Returns an array of everything to the right of ':' on each signoff line
+            signoff_lines = re.findall(r"signed-off-by:\s(.*)", body, re.IGNORECASE)
+            if len(signoff_lines) == 0:
                 failures.append(f'{shaidx}: Missing signed-off-by line')
-            elif not detailed_match:
-                signoff = match_signoff.group(0)
-                failures.append(f"{shaidx}: Signed-off-by line ({signoff}) "
-                                "does not follow the syntax: First "
-                                "Last <email>.")
-            elif (auth_name, auth_email) != detailed_match.groups():
-                failures.append(f"{shaidx}: author email ({auth_email}) needs "
-                                "to match one of the signed-off-by entries.")
+            else:
+                # Validate all signoff lines' syntax while also searching for commit author
+                found_author_signoff = False
+                for signoff in signoff_lines:
+                    match = re.search(r"(.+) <(.+)>", signoff)
+
+                    if not match:
+                        failures.append(f"{shaidx}: Signed-off-by line ({signoff}) "
+                                        "does not follow the syntax: First "
+                                        "Last <email>.")
+                    elif (auth_name, auth_email) == match.groups():
+                        found_author_signoff = True
+
+                if not found_author_signoff:
+                    failures.append(f"{shaidx}: author name ({auth_name}) and email ({auth_email}) "
+                                    "needs to match one of the signed-off-by entries.")
 
             if failures:
                 self.failure('\n'.join(failures))