diff --git a/.github/workflows/commit-checker.yaml b/.github/workflows/commit-checker.yaml new file mode 100644 index 000000000000..03d9bc69e110 --- /dev/null +++ b/.github/workflows/commit-checker.yaml @@ -0,0 +1,45 @@ +name: Commit Checker +on: + pull_request: + types: + - opened + - reopened + - closed + - synchronize +env: + RESOURCES_DIR: ${{ github.workspace }}/.github/resources + GH_USER_EMAIL: 140449482+dsp-developers@users.noreply.github.com + GH_USER_NAME: dsp-developers +jobs: + commit_checker: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Get Commits + id: get-commits + run: | + master_commit=$(cat .git/refs/remotes/origin/master) + echo "master_commit_hash=$master_commit" >> $GITHUB_OUTPUT + last_commit=$(cat .git/refs/remotes/pull/${{ github.event.pull_request.number }}/merge) + echo "last_commit_hash=$last_commit" >> $GITHUB_OUTPUT + - name: Run Commit Checker + shell: bash + env: + GH_TOKEN: ${{ secrets.GH_TOKEN_PROJECT_EDIT }} + continue-on-error: true + run: | + git config user.email "${{ env.GH_USER_EMAIL }}" + git config user.name "${{ env.GH_USER_NAME }}" + + cat <<"EOF" >> /tmp/body-file.txt + ::group::Commit Checker results + ::warning ::==== These are the results of the commit checker scans ==== + ::warning ::==== If these are not commits from upstream kfp, then ==== + ::warning ::==== please ensure you adhere to the commit checker formatting ==== + $(podman run -q -v ${{ github.workspace }}:/src/app-root quay.io/rmartine/commitchecker:latest --start ${{ steps.get-commits.outputs.master_commit_hash }} --end ${{ steps.get-commits.outputs.last_commit_hash }}) + ::endgroup:: + EOF + + gh pr comment ${{ github.event.pull_request.number }} --body-file /tmp/body-file.txt diff --git a/tools/commit_checker/Dockerfile b/tools/commit_checker/Dockerfile new file mode 100644 index 000000000000..a92a0808d363 --- /dev/null +++ b/tools/commit_checker/Dockerfile @@ -0,0 +1,28 @@ +FROM registry.access.redhat.com/ubi8/go-toolset:1.20 as builder + +WORKDIR /tmp +RUN git clone https://github.com/openshift/build-machinery-go.git && \ + cd /tmp/build-machinery-go/commitchecker && \ + go build + +FROM registry.access.redhat.com/ubi8/ubi-minimal:8.9 + +WORKDIR /bin + +COPY --from=builder /tmp/build-machinery-go/commitchecker/commitchecker /bin/commitchecker +RUN microdnf install git && \ + chmod +x /bin/commitchecker && \ + mkdir -p /src/app-root + +WORKDIR /src/app-root +ENTRYPOINT ["commitchecker"] + +VOLUME ["/src/app-root"] + +LABEL name="Commit Checker tool" \ + summary="commitchecker validates a range of commits in a git repository and ensures they meet specific requirements: \ + 1. The author's email address does not start with "root@". \ + 2. The message starts with one of: \ + i. UPSTREAM: : description \ + ii. UPSTREAM: revert: \ + This is useful for repositories that are downstream forks of upstream repositories." \ No newline at end of file