mirror of
https://github.com/opencontainers/runc.git
synced 2025-09-26 19:41:35 +08:00
56edc41ca6
1. Bump shfmt to v3.5.1. Release notes: https://github.com/mvdan/sh/releases 2. Since shfmt v3.5.0, specifying -l bash (or -l bats) is no longer necessary. Therefore, we can use shfmt to find all the files. Add .editorconfig to ignore vendor subdirectory. 3. Use shfmt docker image, so that we don't have to install anything explicitly. This greatly simplifies the shfmt CI job. Add localshfmt target so developers can still use a local shfmt binary when necessary. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
184 lines
5.0 KiB
YAML
184 lines
5.0 KiB
YAML
name: validate
|
|
on:
|
|
push:
|
|
tags:
|
|
- v*
|
|
branches:
|
|
- main
|
|
- release-*
|
|
pull_request:
|
|
env:
|
|
GO_VERSION: 1.19.x
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
|
|
lint:
|
|
permissions:
|
|
contents: read
|
|
pull-requests: read
|
|
runs-on: ubuntu-20.04
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
with:
|
|
fetch-depth: 2
|
|
- uses: actions/setup-go@v3
|
|
with:
|
|
go-version: "${{ env.GO_VERSION }}"
|
|
- name: install deps
|
|
run: |
|
|
sudo apt -q update
|
|
sudo apt -q install libseccomp-dev
|
|
- uses: golangci/golangci-lint-action@v3
|
|
with:
|
|
version: v1.48
|
|
# Extra linters, only checking new code from a pull request.
|
|
- name: lint-extra
|
|
if: github.event_name == 'pull_request'
|
|
run: |
|
|
golangci-lint run --config .golangci-extra.yml --new-from-rev=HEAD~1 --out-format=github-actions
|
|
|
|
compile-buildtags:
|
|
runs-on: ubuntu-20.04
|
|
env:
|
|
# Don't ignore C warnings. Note that the output of "go env CGO_CFLAGS" by default is "-g -O2", so we keep them.
|
|
CGO_CFLAGS: -g -O2 -Werror
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
- name: install go
|
|
uses: actions/setup-go@v3
|
|
with:
|
|
go-version: "${{ env.GO_VERSION }}"
|
|
- name: compile with no build tags
|
|
run: make BUILDTAGS=""
|
|
|
|
codespell:
|
|
runs-on: ubuntu-20.04
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
- name: install deps
|
|
# Version of codespell bundled with Ubuntu is way old, so use pip.
|
|
run: pip install codespell
|
|
- name: run codespell
|
|
run: codespell
|
|
|
|
shfmt:
|
|
runs-on: ubuntu-20.04
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
- name: shfmt
|
|
run: make shfmt
|
|
|
|
shellcheck:
|
|
runs-on: ubuntu-20.04
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
- name: install shellcheck
|
|
env:
|
|
VERSION: v0.8.0
|
|
BASEURL: https://github.com/koalaman/shellcheck/releases/download
|
|
SHA256: f4bce23c11c3919c1b20bcb0f206f6b44c44e26f2bc95f8aa708716095fa0651
|
|
run: |
|
|
mkdir ~/bin
|
|
curl -sSfL --retry 5 $BASEURL/$VERSION/shellcheck-$VERSION.linux.x86_64.tar.xz |
|
|
tar xfJ - -C ~/bin --strip 1 shellcheck-$VERSION/shellcheck
|
|
sha256sum --strict --check - <<<"$SHA256 *$HOME/bin/shellcheck"
|
|
# make sure to remove the old version
|
|
sudo rm -f /usr/bin/shellcheck
|
|
# Add ~/bin to $PATH.
|
|
echo ~/bin >> $GITHUB_PATH
|
|
- uses: lumaxis/shellcheck-problem-matchers@v1
|
|
- name: run
|
|
run: make shellcheck
|
|
- name: check-config.sh
|
|
run : ./script/check-config.sh
|
|
|
|
deps:
|
|
runs-on: ubuntu-20.04
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
- name: install go
|
|
uses: actions/setup-go@v3
|
|
with:
|
|
go-version: "${{ env.GO_VERSION }}"
|
|
- name: cache go mod and $GOCACHE
|
|
uses: actions/cache@v3
|
|
with:
|
|
path: |
|
|
~/go/pkg/mod
|
|
~/.cache/go-build
|
|
key: ${{ runner.os }}-go.sum-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: ${{ runner.os }}-go.sum-
|
|
- name: verify deps
|
|
run: make verify-dependencies
|
|
|
|
|
|
commit:
|
|
permissions:
|
|
contents: read
|
|
pull-requests: read
|
|
runs-on: ubuntu-20.04
|
|
# Only check commits on pull requests.
|
|
if: github.event_name == 'pull_request'
|
|
steps:
|
|
- name: get pr commits
|
|
id: 'get-pr-commits'
|
|
uses: tim-actions/get-pr-commits@v1.2.0
|
|
with:
|
|
token: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: check subject line length
|
|
uses: tim-actions/commit-message-checker-with-regex@v0.3.1
|
|
with:
|
|
commits: ${{ steps.get-pr-commits.outputs.commits }}
|
|
pattern: '^.{0,72}(\n.*)*$'
|
|
error: 'Subject too long (max 72)'
|
|
|
|
cfmt:
|
|
runs-on: ubuntu-20.04
|
|
steps:
|
|
- name: checkout
|
|
uses: actions/checkout@v3
|
|
with:
|
|
fetch-depth: 0
|
|
- name: install deps
|
|
run: |
|
|
sudo apt -qq update
|
|
sudo apt -qq install indent
|
|
- name: cfmt
|
|
run: |
|
|
make cfmt
|
|
git diff --exit-code
|
|
|
|
|
|
release:
|
|
runs-on: ubuntu-20.04
|
|
steps:
|
|
- name: checkout
|
|
uses: actions/checkout@v3
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: check CHANGELOG.md
|
|
run: make verify-changelog
|
|
|
|
# We have to run this under Docker as Ubuntu (host) does not support all
|
|
# the architectures we want to compile test against, and Dockerfile uses
|
|
# Debian (which does).
|
|
#
|
|
# XXX: as currently this is the only job that is using Docker, we are
|
|
# building and using the runcimage locally. In case more jobs running
|
|
# under Docker will emerge, it will be good to have a separate make
|
|
# runcimage job and share its result (the docker image) with whoever
|
|
# needs it.
|
|
- name: build docker image
|
|
run: make runcimage
|
|
- name: make releaseall
|
|
run: make releaseall
|
|
- name: upload artifacts
|
|
uses: actions/upload-artifact@v3
|
|
with:
|
|
name: release-${{ github.run_id }}
|
|
path: release/*
|