From: Thomas Huth <thuth@redhat.com>
To: qemu-devel@nongnu.org, Peter Maydell <peter.maydell@linaro.org>
Cc: Cleber Rosa <crosa@redhat.com>
Subject: [PULL 15/23] gitlab: add a CI job to validate the DCO sign off
Date: Tue, 13 Oct 2020 12:55:19 +0200 [thread overview]
Message-ID: <20201013105527.20088-16-thuth@redhat.com> (raw)
In-Reply-To: <20201013105527.20088-1-thuth@redhat.com>
From: Daniel P. Berrangé <berrange@redhat.com>
While checkpatch.pl can validate DCO sign off that job must always be
advisory only since it is expected that certain patches will fail some
code style rules.
We require the DCO sign off to be mandatory for all commits though, so
it benefits from being validated in a standalone job.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20200918132903.1848939-3-berrange@redhat.com>
[thuth: Use "stage: build" to let it run earlier]
Signed-off-by: Thomas Huth <thuth@redhat.com>
---
.gitlab-ci.d/check-dco.py | 94 +++++++++++++++++++++++++++++++++++++++
.gitlab-ci.yml | 10 +++++
2 files changed, 104 insertions(+)
create mode 100755 .gitlab-ci.d/check-dco.py
diff --git a/.gitlab-ci.d/check-dco.py b/.gitlab-ci.d/check-dco.py
new file mode 100755
index 0000000000..632c8bcce8
--- /dev/null
+++ b/.gitlab-ci.d/check-dco.py
@@ -0,0 +1,94 @@
+#!/usr/bin/env python3
+#
+# check-dco.py: validate all commits are signed off
+#
+# Copyright (C) 2020 Red Hat, Inc.
+#
+# SPDX-License-Identifier: GPL-2.0-or-later
+
+import os
+import os.path
+import sys
+import subprocess
+
+namespace = "qemu-project"
+if len(sys.argv) >= 2:
+ namespace = sys.argv[1]
+
+cwd = os.getcwd()
+reponame = os.path.basename(cwd)
+repourl = "https://gitlab.com/%s/%s.git" % (namespace, reponame)
+
+subprocess.check_call(["git", "remote", "add", "check-dco", repourl])
+subprocess.check_call(["git", "fetch", "check-dco", "master"],
+ stdout=subprocess.DEVNULL,
+ stderr=subprocess.DEVNULL)
+
+ancestor = subprocess.check_output(["git", "merge-base",
+ "check-dco/master", "HEAD"],
+ universal_newlines=True)
+
+ancestor = ancestor.strip()
+
+subprocess.check_call(["git", "remote", "rm", "check-dco"])
+
+errors = False
+
+print("\nChecking for 'Signed-off-by: NAME <EMAIL>' " +
+ "on all commits since %s...\n" % ancestor)
+
+log = subprocess.check_output(["git", "log", "--format=%H %s",
+ ancestor + "..."],
+ universal_newlines=True)
+
+if log == "":
+ commits = []
+else:
+ commits = [[c[0:40], c[41:]] for c in log.strip().split("\n")]
+
+for sha, subject in commits:
+
+ msg = subprocess.check_output(["git", "show", "-s", sha],
+ universal_newlines=True)
+ lines = msg.strip().split("\n")
+
+ print("🔍 %s %s" % (sha, subject))
+ sob = False
+ for line in lines:
+ if "Signed-off-by:" in line:
+ sob = True
+ if "localhost" in line:
+ print(" ❌ FAIL: bad email in %s" % line)
+ errors = True
+
+ if not sob:
+ print(" ❌ FAIL missing Signed-off-by tag")
+ errors = True
+
+if errors:
+ print("""
+
+❌ ERROR: One or more commits are missing a valid Signed-off-By tag.
+
+
+This project requires all contributors to assert that their contributions
+are provided in compliance with the terms of the Developer's Certificate
+of Origin 1.1 (DCO):
+
+ https://developercertificate.org/
+
+To indicate acceptance of the DCO every commit must have a tag
+
+ Signed-off-by: REAL NAME <EMAIL>
+
+This can be achieved by passing the "-s" flag to the "git commit" command.
+
+To bulk update all commits on current branch "git rebase" can be used:
+
+ git rebase -i master -x 'git commit --amend --no-edit -s'
+
+""")
+
+ sys.exit(1)
+
+sys.exit(0)
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index f1e18d3e90..40805740a6 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -411,3 +411,13 @@ check-patch:
variables:
GIT_DEPTH: 1000
allow_failure: true
+
+check-dco:
+ stage: build
+ image: $CI_REGISTRY_IMAGE/qemu/centos8:latest
+ script: .gitlab-ci.d/check-dco.py
+ except:
+ variables:
+ - $CI_PROJECT_NAMESPACE == 'qemu-project' && $CI_COMMIT_BRANCH == 'master'
+ variables:
+ GIT_DEPTH: 1000
--
2.18.2
next prev parent reply other threads:[~2020-10-13 11:12 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-13 10:55 [PULL 00/23] qtests, gitlab-CI and misc patches Thomas Huth
2020-10-13 10:55 ` [PULL 01/23] tests/qtest: Replace magic value by NANOSECONDS_PER_SECOND definition Thomas Huth
2020-10-13 10:55 ` [PULL 02/23] gitlab-ci.yml: Only run one test-case per fuzzer Thomas Huth
2020-10-13 10:55 ` [PULL 03/23] Acceptance tests: bump pycdlib version for easier installation Thomas Huth
2020-10-13 10:55 ` [PULL 04/23] Acceptance tests: do not show canceled test logs on GitLab CI Thomas Huth
2020-10-13 10:55 ` [PULL 05/23] Acceptance tests: show test report " Thomas Huth
2020-10-13 10:55 ` [PULL 06/23] qtest: add fuzz test case Thomas Huth
2020-10-13 10:55 ` [PULL 07/23] tests/migration: Allow longer timeouts Thomas Huth
2020-10-13 10:55 ` [PULL 08/23] softmmu/vl: Be less verbose about missing KVM when running the qtests Thomas Huth
2020-10-13 10:55 ` [PULL 09/23] Add a comment in bios-tables-test.c to clarify the reason behind approach Thomas Huth
2020-10-13 10:55 ` [PULL 10/23] MAINTAINERS: Ignore bios-tables-test in the qtest section Thomas Huth
2020-10-13 10:55 ` [PULL 11/23] Remove superfluous .gitignore files Thomas Huth
2020-10-13 10:55 ` [PULL 12/23] docs/system/deprecated: Mark the 'moxie' CPU as deprecated Thomas Huth
2020-10-13 10:55 ` [PULL 13/23] configure: fixes indent of $meson setup Thomas Huth
2020-10-13 10:55 ` [PULL 14/23] gitlab: add a CI job for running checkpatch.pl Thomas Huth
2020-10-13 10:55 ` Thomas Huth [this message]
2020-10-13 10:55 ` [PULL 16/23] gitlab: assign python helper files to GitLab maintainers section Thomas Huth
2020-10-13 10:55 ` [PULL 17/23] scripts/ci/gitlab-pipeline-status: make branch name configurable Thomas Huth
2020-10-13 10:55 ` [PULL 18/23] scripts/ci/gitlab-pipeline-status: improve message regarding timeout Thomas Huth
2020-10-13 10:55 ` [PULL 19/23] scripts/ci/gitlab-pipeline-status: give early feedback on running pipelines Thomas Huth
2020-10-13 10:55 ` [PULL 20/23] scripts/ci/gitlab-pipeline-status: refactor parser creation Thomas Huth
2020-10-13 10:55 ` [PULL 21/23] scripts/ci/gitlab-pipeline-status: handle keyboard interrupts Thomas Huth
2020-10-13 10:55 ` [PULL 22/23] scripts/ci/gitlab-pipeline-status: use more descriptive exceptions Thomas Huth
2020-10-13 10:55 ` [PULL 23/23] scripts/ci/gitlab-pipeline-status: wait for pipeline creation Thomas Huth
2020-10-13 13:05 ` [PULL 00/23] qtests, gitlab-CI and misc patches Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201013105527.20088-16-thuth@redhat.com \
--to=thuth@redhat.com \
--cc=crosa@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).