Unverified Commit 6252c064 authored by Martin Pugh's avatar Martin Pugh Committed by GitHub
Browse files

[CI] Require D*-audit labels for any runtime changes (#2617)

* update generate_release_text.rb

* add checks for audit labels for runtime changes

* fix check_labels.sh

* use has_runtime_changes in check_runtime.sh

* add D1-trivial label

* fix check_labels.sh
parent 4af60b5e
Pipeline #129925 failed with stages
in 23 minutes and 59 seconds
......@@ -9,8 +9,12 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0
ref: ${{ github.event.pull_request.head.ref }}
- name: Check labels
run: bash ${{ github.workspace }}/scripts/github/check_labels.sh
env:
GITHUB_PR: ${{ github.event.pull_request.number }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
HEAD_SHA: ${{ github.event.pull_request.head.sha }}
......@@ -124,3 +124,18 @@ skip_if_companion_pr() {
latest_release() {
curl -s "$api_base/$1/releases/latest" | jq -r '.tag_name'
}
# Check for runtime changes between two commits. This is defined as any changes
# to /primitives/src/* and any *production* chains under /runtime
has_runtime_changes() {
from=$1
to=$2
if git diff --name-only "${from}...${to}" \
| grep -q -e '^runtime/polkadot' -e '^runtime/kusama' -e '^primitives/src/' -e '^runtime/common'
then
return 0
else
return 1
fi
}
......@@ -22,6 +22,7 @@ releasenotes_labels=(
'B7-runtimenoteworthy'
)
# Must be an ordered list of priorities, lowest first
priority_labels=(
'C1-low 📌'
'C3-medium 📣'
......@@ -29,6 +30,13 @@ priority_labels=(
'C9-critical ‼️'
)
audit_labels=(
'D1-trivial'
'D1-audited👍'
'D5-nicetohaveaudit⚠️ '
'D9-needsaudit👮'
)
echo "[+] Checking release notes (B) labels for $CI_COMMIT_BRANCH"
if ensure_labels "${releasenotes_labels[@]}"; then
echo "[+] Release notes label detected. All is well."
......@@ -45,10 +53,20 @@ else
exit 1
fi
# If the priority is anything other than C1-low, we *must not* have a B0-silent
if has_runtime_changes origin/master "${HEAD_SHA}"; then
echo "[+] Runtime changes detected. Checking audit (D) labels"
if ensure_labels "${audit_labels[@]}"; then
echo "[+] Release audit label detected. All is well."
else
echo "[!] Release audit label not detected. Please add one of: ${audit_labels[*]}"
exit 1
fi
fi
# If the priority is anything other than the lowest, we *must not* have a B0-silent
# label
if has_label "$repo" "$CI_COMMIT_BRANCH" 'B0-silent' &&
! has_label "$repo" "$CI_COMMIT_BRANCH" 'C1-low' ; then
if has_label "$repo" "$GITHUB_PR" 'B0-silent' &&
! has_label "$repo" "$GITHUB_PR" "${priority_labels[0]}"; then
echo "[!] Changes with a priority higher than C1-low *MUST* have a B- label that is not B0-Silent"
exit 1
fi
......
......@@ -48,13 +48,8 @@ common_dirs=(
# https://stackoverflow.com/questions/1527049/how-can-i-join-elements-of-an-array-in-bash
function join_by { local d=$1; shift; echo -n "$1"; shift; printf "%s" "${@/#/$d}"; }
# Construct a regex to search for any changes to runtime or common directories
runtime_regex="^runtime/$(join_by '|^runtime/' "${runtimes[@]}" "${common_dirs[@]}")"
boldprint "check if the wasm sources changed since ${LATEST_TAG}"
if ! git diff --name-only "refs/tags/${LATEST_TAG}...${CI_COMMIT_SHA}" \
| grep -E -q -e "$runtime_regex"
then
if ! has_runtime_changes "${LATEST_TAG}" "${CI_COMMIT_SHA}"; then
boldprint "no changes to any runtime source code detected"
# continue checking if Cargo.lock was updated with a new substrate reference
# and if that change includes a {spec|impl}_version update.
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment