-
Notifications
You must be signed in to change notification settings - Fork 10
/
action.yml
117 lines (111 loc) · 3.99 KB
/
action.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
# Copyright The containerd Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
# http://www.apache.org/licenses/LICENSE-2.0
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# containerd project checks Github CI Action.
#
# Example:
#
# jobs:
# project:
# name: Project Checks
# runs-on: ubuntu-22.04
# timeout-minutes: 5
#
# steps:
# - uses: actions/setup-go@v3
# with:
# go-version: '1.19'
#
# - uses: actions/checkout@v3
# with:
# path: src/github.com/containerd/containerd
# fetch-depth: 100
#
# - name: Project checks
# uses: containerd/[email protected]
# with:
# working-directory: src/github.com/containerd/containerd
#
name: Project Checks
description: Project checks commonly used across containerd org
inputs:
working-directory:
required: true
description: Go project path to run checks in
go-mod-tidy-flags:
required: false
description: go mod tidy flags, such as -compat=1.17
repo-access-token:
required: false
description: token needed to access repository commits for private repos
runs:
using: composite
steps:
- name: Set env
shell: bash
run: |
echo "GOPATH=${{ github.workspace }}" >> $GITHUB_ENV
echo "${{ github.workspace }}/bin" >> $GITHUB_PATH
- name: Install dependencies
shell: bash
env:
GO111MODULE: on
run: |
echo "::group::🚧 Get dependencies"
go install -v github.com/vbatts/git-validation@latest
go install -v github.com/kunalkushwaha/ltag@latest
echo "::endgroup::"
- name: DCO Checks
shell: bash
working-directory: ${{ inputs.working-directory }}
env:
GITHUB_COMMIT_URL: ${{ github.event.pull_request.commits_url }}
REPO_ACCESS_TOKEN: ${{ inputs.repo-access-token }}
DCO_VERBOSITY: "-v"
DCO_RANGE: ""
run: |
echo "::group::👮 DCO checks"
set -x
if [[ ! -z "${REPO_ACCESS_TOKEN}" ]]; then
HEADERS=(-H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${REPO_ACCESS_TOKEN}")
else
HEADERS=(-H "Accept: application/vnd.github+json")
fi
if [ -z "${GITHUB_COMMIT_URL}" ]; then
DCO_RANGE=$(jq -r '.after + "..HEAD"' ${GITHUB_EVENT_PATH})
else
DCO_RANGE=$(curl "${HEADERS[@]}" ${GITHUB_COMMIT_URL} | jq -r '.[0].parents[0].sha + "..HEAD"')
fi
${{ github.action_path }}/script/validate/dco
echo "::endgroup::"
- name: Install go-licenses
shell: bash
run: go install github.com/google/[email protected]
# the allow list corresponds to https://github.com/cncf/foundation/blob/e5db022a0009f4db52b89d9875640cf3137153fe/allowed-third-party-license-policy.md
- name: Check licenses
shell: bash
run: go-licenses check --include_tests ${{ github.workspace }}/... --allowed_licenses=Apache-2.0,BSD-2-Clause,BSD-2-Clause-FreeBSD,BSD-3-Clause,MIT,ISC,Python-2.0,PostgreSQL,X11,Zlib
- name: Validate file headers
shell: bash
working-directory: ${{ inputs.working-directory }}
run: |
echo "::group::📚 File headers"
${{ github.action_path }}/script/validate/fileheader ${{ github.action_path }}/
echo "::endgroup::"
- name: Validate vendor directory
shell: bash
working-directory: ${{ inputs.working-directory }}
run: |
export GO_MOD_TIDY_FLAGS="${{ inputs.go-mod-tidy-flags }}"
echo "::group::🚀 Vendor directory"
${{ github.action_path }}/script/validate/vendor
echo "::endgroup::"