-
Notifications
You must be signed in to change notification settings - Fork 391
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
ci: Add DCO workflow and associated Docker files
Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>
- Loading branch information
Andrei Gherzan
committed
Feb 9, 2022
1 parent
e1014d4
commit 9ef4d2b
Showing
6 changed files
with
114 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
name: dco | ||
|
||
on: | ||
pull_request: | ||
jobs: | ||
dco-image: | ||
# We run this unconditinally even if the PR doesn't include changes to the | ||
# relevant docker files because there is a chance that another PR (or | ||
# something else) pushed changes to the docker image. | ||
runs-on: [self-hosted, Linux] | ||
steps: | ||
- name: Checkout the code | ||
uses: actions/checkout@v2 | ||
with: | ||
fetch-depth: 0 | ||
- name: Build and push the DCO image | ||
env: | ||
DOCKER_IMAGE: ghcr.io/agherzan/dco-check:latest | ||
run: | | ||
cd .github/workflows/docker-images/ | ||
docker build . -f dco-check/Dockerfile -t "$DOCKER_IMAGE" | ||
docker push "$DOCKER_IMAGE" | ||
- name: Clean dangling images | ||
run: | | ||
docker rmi $(docker images --filter "dangling=true" -q --no-trunc) > /dev/null 2>&1 || true | ||
check: | ||
needs: dco-image | ||
runs-on: [self-hosted, Linux] | ||
steps: | ||
- name: Checkout the code | ||
uses: actions/checkout@v2 | ||
with: | ||
fetch-depth: 0 | ||
- name: Do DCO check | ||
env: | ||
DOCKER_IMAGE: ghcr.io/agherzan/dco-check:latest | ||
run: | | ||
docker pull "$DOCKER_IMAGE" | ||
docker run --rm -v "$GITHUB_WORKSPACE:/work:ro" \ | ||
--env "BASE_REF=$GITHUB_BASE_REF" \ | ||
--user "$(id -u):$(id -g)" "$DOCKER_IMAGE" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
# Docker images for CI | ||
|
||
Each directory contains the files for a docker image. | ||
|
||
## Building an image | ||
|
||
When building the a docker image, the build context is expected to be where | ||
this `README.md` file resides. This means that building the images will require | ||
passing the appropriate `-f` argument. | ||
|
||
Here is an example for building the `dco-check` image: | ||
|
||
``` | ||
docker build . -f dco-check/Dockerfile -t ghcr.io/agherzan/dco-check:latest | ||
``` | ||
|
||
**NOTE**: If you are copy-pasting the above, replace the image name accordingly. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
FROM christophebedard/dco-check:latest | ||
WORKDIR /container-workdir | ||
COPY ./dco-check/entrypoint.sh / | ||
COPY ./utils.sh / | ||
ENTRYPOINT ["/entrypoint.sh"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
# Docker image for DCO checks | ||
|
||
This image provides the environment and the logic of running a DCO check | ||
against a repository | ||
|
||
## Configuration | ||
|
||
The `entrypoint.sh` script assumes at runtime that the repository to be checked | ||
is available under `/work`. This path is to be populated via bind mounts when | ||
running the container. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
#!/bin/sh | ||
|
||
set -e | ||
|
||
# shellcheck disable=SC1091 | ||
. /utils.sh | ||
|
||
GIT_REPO_PATH="/work" | ||
|
||
[ -n "$BASE_REF" ] || | ||
error "DCO checks needs to know the target branch. Make sure that is set in BASE_REF." | ||
[ -d "$GIT_REPO_PATH/.git" ] || | ||
error "Can't find a git checkout under $GIT_REPO_PATH ." | ||
cd "$GIT_REPO_PATH" | ||
dco-check \ | ||
--verbose \ | ||
--default-branch "origin/$BASE_REF" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
#!/bin/sh | ||
|
||
_log() { | ||
_level="$1" | ||
_msg="$2" | ||
echo "[$_level] $_msg" | ||
} | ||
|
||
error() { | ||
_msg="$1" | ||
_log "ERR" "$1" | ||
exit 1 | ||
} | ||
|
||
warn() { | ||
_msg="$1" | ||
_log "WRN" "$1" | ||
exit 1 | ||
} | ||
|
||
log() { | ||
_msg="$1" | ||
_log "LOG" "$1" | ||
} |