Skip to content

Commit

Permalink
Add Commit Checker github action
Browse files Browse the repository at this point in the history
Signed-off-by: Ricardo M. Oliveira <[email protected]>
  • Loading branch information
rimolive committed Apr 26, 2024
1 parent 95cfc15 commit e95e2dd
Show file tree
Hide file tree
Showing 4 changed files with 161 additions and 0 deletions.
34 changes: 34 additions & 0 deletions .github/workflows/commit-checker.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
name: Unit Tests
on:
pull_request:
types:
- opened
- reopened
- closed
- synchronize
workflow_dispatch:
env:
RESOURCES_DIR: ${{ github.workspace }}/.github/resources
jobs:
commit_checker:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Get Commits
id: get-commits
run: |
master_commit=$(cat .git/refs/remotes/origin/master)
echo "master_commit_hash=$master_commit" >> $GITHUB_OUTPUT
last_commit=$(cat .git/refs/remotes/pull/36/merge)
echo "last_commit_hash=$last_commit" >> $GITHUB_OUTPUT
- name: Run Commit Checker
continue-on-error: true
run: |
echo "::group::Commit Checker results"
echo "::warning ::==== These are the results of the commit checker scans ===="
echo "::warning ::==== If these are not commits from upstream kfp, then ===="
echo "::warning ::==== please ensure you adhere to the commit checker formatting ===="
podman run -q -v ${{ github.workspace }}:/src/app-root quay.io/rmartine/commitchecker:latest --start ${{ steps.get-commits.outputs.master_commit_hash }} --end ${{ steps.get-commits.outputs.last_commit_hash }}
echo "::endgroup::"
64 changes: 64 additions & 0 deletions samples/v2/pipeline_secret_env.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
# PIPELINE DEFINITION
# Name: pipeline-secret-env
components:
comp-comp:
executorLabel: exec-comp
deploymentSpec:
executors:
exec-comp:
container:
args:
- --executor_input
- '{{$}}'
- --function_to_execute
- comp
command:
- sh
- -c
- "\nif ! [ -x \"$(command -v pip)\" ]; then\n python3 -m ensurepip ||\
\ python3 -m ensurepip --user || apt-get install python3-pip\nfi\n\nPIP_DISABLE_PIP_VERSION_CHECK=1\
\ python3 -m pip install --quiet --no-warn-script-location 'kfp==2.7.0'\
\ '--no-deps' 'typing-extensions>=3.7.4,<5; python_version<\"3.9\"' && \"\
$0\" \"$@\"\n"
- sh
- -ec
- 'program_path=$(mktemp -d)
printf "%s" "$0" > "$program_path/ephemeral_component.py"
_KFP_RUNTIME=true python3 -m kfp.dsl.executor_main --component_module_path "$program_path/ephemeral_component.py" "$@"
'
- "\nimport kfp\nfrom kfp import dsl\nfrom kfp.dsl import *\nfrom typing import\
\ *\n\ndef comp():\n import os\n import sys\n if os.environ['SECRET_VAR']\
\ == \"service_account\":\n print(\"Success\")\n return 0\n\
\ else:\n print(os.environ['SECRET_VAR'] + \" is not service_account\"\
)\n sys.exit(\"Failure: cannot access secret as env variable\")\n\
\n"
image: python:3.7
pipelineInfo:
name: pipeline-secret-env
root:
dag:
tasks:
comp:
cachingOptions:
enableCache: true
componentRef:
name: comp-comp
taskInfo:
name: comp
schemaVersion: 2.1.0
sdkVersion: kfp-2.7.0
---
platforms:
kubernetes:
deploymentSpec:
executors:
exec-comp:
secretAsEnv:
- keyToEnv:
- envVar: SECRET_VAR
secretKey: type
secretName: user-gcp-sa
28 changes: 28 additions & 0 deletions tools/commit_checker/Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
FROM registry.access.redhat.com/ubi8/go-toolset:1.20 as builder

WORKDIR /tmp
RUN git clone https://github.com/openshift/build-machinery-go.git && \
cd /tmp/build-machinery-go/commitchecker && \
go build

FROM registry.access.redhat.com/ubi8/ubi-minimal:8.9

WORKDIR /bin

COPY --from=builder /tmp/build-machinery-go/commitchecker/commitchecker /bin/commitchecker
RUN microdnf install git && \
chmod +x /bin/commitchecker && \
mkdir -p /src/app-root

WORKDIR /src/app-root
ENTRYPOINT ["commitchecker"]

VOLUME ["/src/app-root"]

LABEL name="Commit Checker tool" \
summary="commitchecker validates a range of commits in a git repository and ensures they meet specific requirements: \
1. The author's email address does not start with "root@". \
2. The message starts with one of: \
i. UPSTREAM: <PR number|carry|drop>: description \
ii. UPSTREAM: revert: \
This is useful for repositories that are downstream forks of upstream repositories."
35 changes: 35 additions & 0 deletions tools/commit_checker/validate_pr_commits.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
#!/bin/bash

start=$1
end=$2
config=$3
fetch_mode=$4

print_usage() {
printf "Usage: validate_pr_commits.sh START [END [CONFIG [FETCH_MODE]]]\n"
printf " START = Commit hash to start\n"
printf " END = Last commit hash to check\n"
printf " CONFIG = Pass a config file\n"
printf " FETCH_MODE = Git fetch mode (default: https)\n"
}

run_commit_checker() {
args="--start $start"
if [ ! -z "$end" ]; then
args="${args} --end $end"
fi
if [ ! -z "$config" ]; then
args="${args} --config $config"
fi
if [ ! -z "$fetch_mode" ]; then
args="${args} --fech-mode $fetch_mode"
fi
podman run -v $(pwd):/src/app-root quay.io/rmartine/commitchecker:latest $args
}

if [ $# -eq 0 ]; then
print_usage
exit 0
fi

run_commit_checker

0 comments on commit e95e2dd

Please sign in to comment.