mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-22 10:10:06 +00:00
Code Issues Releases Wiki Activity
bind/dangerfile.py

561 lines
22 KiB
Python
Raw Normal View History

Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
############################################################################
# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
#
Update the copyright information in all files in the repository This commit converts the license handling to adhere to the REUSE specification. It specifically: 1. Adds used licnses to LICENSES/ directory 2. Add "isc" template for adding the copyright boilerplate 3. Changes all source files to include copyright and SPDX license header, this includes all the C sources, documentation, zone files, configuration files. There are notes in the doc/dev/copyrights file on how to add correct headers to the new files. 4. Handle the rest that can't be modified via .reuse/dep5 file. The binary (or otherwise unmodifiable) files could have license places next to them in <foo>.license file, but this would lead to cluttered repository and most of the files handled in the .reuse/dep5 file are system test files.
2021-06-03 08:37:05 +02:00
# SPDX-License-Identifier: MPL-2.0
#
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
update all copyright headers to eliminate the typo
2020-09-14 16:20:40 -07:00
# file, you can obtain one at https://mozilla.org/MPL/2.0/.
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
#
# See the COPYRIGHT file distributed with this work for additional
# information regarding copyright ownership.
############################################################################
danger: check system test convetions for pytest runner When adding a new system test, it might easy to forget to add the required files for the pytest runner or break a naming convention. Add danger checks to cover these cases.
2023-08-30 13:51:05 +02:00
import glob
Use approve button workflow in danger CI Since the LGTM label was deprecated in favor of using the Approve button in gitlab, adjust the detection in danger bot. Unfortunately, danger-python seems no longer maintained since 2020 and MR approvals aren't available in its Python API (even though they're supported in its Ruby/JS APIs). Going forward, let's use the more comprehensive python-gitlab API. It still makes sense to utilize the danger-python, since it handles the integration with gitlab which doesn't need to be reimplemented as long as it works - same with the other checks.
2022-11-04 13:05:29 +01:00
import os
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
import re
Use approve button workflow in danger CI Since the LGTM label was deprecated in favor of using the Approve button in gitlab, adjust the detection in danger bot. Unfortunately, danger-python seems no longer maintained since 2020 and MR approvals aren't available in its Python API (even though they're supported in its Ruby/JS APIs). Going forward, let's use the more comprehensive python-gitlab API. It still makes sense to utilize the danger-python, since it handles the integration with gitlab which doesn't need to be reimplemented as long as it works - same with the other checks.
2022-11-04 13:05:29 +01:00
import gitlab
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
# Helper functions and variables
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
def added_lines(target_branch, paths):
import subprocess
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
Improve determining the lines added by a branch Since the list of lines added to Git-tracked text files in a given branch is not part of the Danger DSL [1], it is determined using custom code in dangerfile.py. The current implementation of that logic is less than perfect as it examines the diff between the current tip of the target branch and the source branch rather than the diff between the merge base of the two branches and the source branch. Consider a Git history like this: * F (target) ... * E * D * C | * B (source) |/ * A (merge base) If danger-python or Hazard are run for commit B, the current logic for determining the list of added lines in dangerfile.py examines the diff between commits F and B rather than between commits A and B. Therefore, the added_lines() function returns not just the lines added by commit B on top of commit A, but also the list of lines that were removed between commits A and F, which leads to confusing results. Fix by using the triple-dot diff operator in the Git invocation whose output is used as the source of information for determining the list of lines added by a given branch. Since Hazard fetches the target branch itself when it is run, remove the explicit "git fetch" invocation that fetches the target branch from GitLab (shortening its local history to a single commit in the process) before "git diff" is invoked. [1] https://danger.systems/js/reference.html#GitDSL
2023-12-07 13:23:22 +01:00
# Hazard fetches the target branch itself, so there is no need to fetch it
# explicitly using `git fetch --depth 1000 origin <target_branch>`. The
# refs/remotes/origin/<target_branch> ref is also expected to be readily
# usable by the time this file is executed.
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
diff = subprocess.check_output(
Improve determining the lines added by a branch Since the list of lines added to Git-tracked text files in a given branch is not part of the Danger DSL [1], it is determined using custom code in dangerfile.py. The current implementation of that logic is less than perfect as it examines the diff between the current tip of the target branch and the source branch rather than the diff between the merge base of the two branches and the source branch. Consider a Git history like this: * F (target) ... * E * D * C | * B (source) |/ * A (merge base) If danger-python or Hazard are run for commit B, the current logic for determining the list of added lines in dangerfile.py examines the diff between commits F and B rather than between commits A and B. Therefore, the added_lines() function returns not just the lines added by commit B on top of commit A, but also the list of lines that were removed between commits A and F, which leads to confusing results. Fix by using the triple-dot diff operator in the Git invocation whose output is used as the source of information for determining the list of lines added by a given branch. Since Hazard fetches the target branch itself when it is run, remove the explicit "git fetch" invocation that fetches the target branch from GitLab (shortening its local history to a single commit in the process) before "git diff" is invoked. [1] https://danger.systems/js/reference.html#GitDSL
2023-12-07 13:23:22 +01:00
["/usr/bin/git", "diff", f"origin/{target_branch}...", "--"] + paths
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
)
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
added_lines = []
for line in diff.splitlines():
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
if line.startswith(b"+") and not line.startswith(b"+++"):
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
added_lines.append(line)
return added_lines
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
Flag missing CVE identifiers Make Danger ensure that if a merge request fixes a security issue then that merge request includes a CHANGES entry and a release note, both of which contain a CVE identifier.
2021-01-18 14:57:47 +01:00
def lines_containing(lines, string):
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
return [l for l in lines if bytes(string, "utf-8") in l]
Flag missing CVE identifiers Make Danger ensure that if a merge request fixes a security issue then that merge request includes a CHANGES entry and a release note, both of which contain a CVE identifier.
2021-01-18 14:57:47 +01:00
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
changes_issue_or_mr_id_regex = re.compile(rb"\[(GL [#!]|RT #)[0-9]+\]")
relnotes_issue_or_mr_id_regex = re.compile(rb":gl:`[#!][0-9]+`")
release_notes_regex = re.compile(r"doc/(arm|notes)/notes-.*\.(rst|xml)")
Detect change in supported RR types and issue Hazard warning
2024-03-07 16:41:46 +01:00
rdata_regex = re.compile(r"lib/dns/rdata/")
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
modified_files = danger.git.modified_files
danger: check system test convetions for pytest runner When adding a new system test, it might easy to forget to add the required files for the pytest runner or break a naming convention. Add danger checks to cover these cases.
2023-08-30 13:51:05 +02:00
affected_files = (
danger.git.modified_files + danger.git.created_files + danger.git.deleted_files
)
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
mr_labels = danger.gitlab.mr.labels
Fail for branches using old-style version suffixes Using "-v9_x" and "-v9.x" version suffixes for branch names is now deprecated since some automation logic does not handle these. Fail for any merge request using such old-style version suffixes.
2024-06-03 13:07:21 +02:00
source_branch = danger.gitlab.mr.source_branch
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
target_branch = danger.gitlab.mr.target_branch
danger: support partial backport label Treat the Backport::Partial label as a backport as well.
2022-12-15 17:39:58 +01:00
is_backport = "Backport" in mr_labels or "Backport::Partial" in mr_labels
is_full_backport = is_backport and "Backport::Partial" not in mr_labels
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
Use approve button workflow in danger CI Since the LGTM label was deprecated in favor of using the Approve button in gitlab, adjust the detection in danger bot. Unfortunately, danger-python seems no longer maintained since 2020 and MR approvals aren't available in its Python API (even though they're supported in its Ruby/JS APIs). Going forward, let's use the more comprehensive python-gitlab API. It still makes sense to utilize the danger-python, since it handles the integration with gitlab which doesn't need to be reimplemented as long as it works - same with the other checks.
2022-11-04 13:05:29 +01:00
gl = gitlab.Gitlab(
url=f"https://{os.environ['CI_SERVER_HOST']}",
Use BIND_TEAM_API_TOKEN for danger bot This is done to unify the token usage across our repositories to simplify token maintenance.
2024-05-24 15:50:31 +02:00
private_token=os.environ["BIND_TEAM_API_TOKEN"],
Use approve button workflow in danger CI Since the LGTM label was deprecated in favor of using the Approve button in gitlab, adjust the detection in danger bot. Unfortunately, danger-python seems no longer maintained since 2020 and MR approvals aren't available in its Python API (even though they're supported in its Ruby/JS APIs). Going forward, let's use the more comprehensive python-gitlab API. It still makes sense to utilize the danger-python, since it handles the integration with gitlab which doesn't need to be reimplemented as long as it works - same with the other checks.
2022-11-04 13:05:29 +01:00
)
proj = gl.projects.get(os.environ["CI_PROJECT_ID"])
mr = proj.mergerequests.get(os.environ["CI_MERGE_REQUEST_IID"])
Fail for branches using old-style version suffixes Using "-v9_x" and "-v9.x" version suffixes for branch names is now deprecated since some automation logic does not handle these. Fail for any merge request using such old-style version suffixes.
2024-06-03 13:07:21 +02:00
###############################################################################
# BRANCH NAME
###############################################################################
#
# - FAIL if the source branch of the merge request includes an old-style
# "-v9_x" or "-v9.x" suffix.
branch_name_regex = r"^(?P<base>.*?)(?P<suffix>-v9[_.](?P<version>[0-9]+))$"
match = re.match(branch_name_regex, source_branch)
if match:
fail(
f"Source branch name `{source_branch}` includes an old-style version "
f"suffix (`{match.group('suffix')}`). Using such suffixes is now "
"deprecated. Please resubmit the merge request with the branch name "
f"set to `{match.group('base')}-bind-9.{match.group('version')}`."
)
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
###############################################################################
# COMMIT MESSAGES
###############################################################################
#
# - FAIL if any of the following is true for any commit on the MR branch:
#
Teach danger about amend commit --fixup=amend:<hash> produces a subject starting with amend! by default. Have danger look for this to ensure that it is squashed before merging.
2023-01-27 12:43:45 +11:00
# * The subject line starts with "fixup!", "amend!" or "Apply suggestion".
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
#
Detect work-in-progress commits in danger CI To avoid accidentally merging unfinished work, detect prohibited keywords at the start of the subject line. If the first word is any of the following, fail the check: WIP, wip, DROP, drop, TODO, todo The only slightly controversial is the lowercase "drop" which might have a legitimate use - seems like four commits in the history used it as a start of a sentence. However, since people commonly use "drop" to indicate a commit should be dropped before merging, let's prohibit it as well. In case of false-positive, "Drop" with a capitalized first letter can always be used.
2022-11-07 14:18:55 +01:00
# * The subject line starts with a prohibited word indicating a work in
# progress commit (e.g. "WIP").
#
Flag trailing dots in commit subject lines Make the Danger GitLab CI job fail when the subject line for any commit belonging to a merge request contains a trailing dot.
2021-01-18 14:57:47 +01:00
# * The subject line contains a trailing dot.
#
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
# * There is no empty line between the subject line and the log message.
#
# - WARN if any of the following is true for any commit on the MR branch:
#
Skip subject line length check for merge commits Some merge requests (e.g. those created for release branches) include merge commits. Prevent Danger from warning about excessive subject line length for merge commits. (While the proper way to detect a merge commit would be to check the 'parents' attribute of a commit object, Danger Python does not seem to populate that attribute, so a simple string search is performed on the commit subject instead.)
2021-01-18 14:57:47 +01:00
# * The length of the subject line for a non-merge commit exceeds 72
# characters.
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
#
Skip length check for lines containing references The Danger GitLab CI job currently flags excessively long lines in commit log messages. Exclude lines containing references (i.e. starting with "[1]", "[2]", etc.) from this check. This allows e.g. long URLs to be included in commit log messages without triggering Danger warnings.
2021-01-18 14:57:47 +01:00
# * There is no log message present (i.e. commit only has a subject) and
# the subject line does not contain any of the following strings:
# "fixup!", " CHANGES ", " release note".
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
#
# * Any line of the log message is longer than 72 characters. This rule is
Skip length check for lines containing references The Danger GitLab CI job currently flags excessively long lines in commit log messages. Exclude lines containing references (i.e. starting with "[1]", "[2]", etc.) from this check. This allows e.g. long URLs to be included in commit log messages without triggering Danger warnings.
2021-01-18 14:57:47 +01:00
# not evaluated for:
#
# - lines starting with four spaces, which allows long lines to be
# included in the commit log message by prefixing them with four
# spaces (useful for pasting compiler warnings, static analyzer
# messages, log lines, etc.),
#
# - lines which contain references (i.e. those starting with "[1]",
# "[2]", etc.) which allows e.g. long URLs to be included in the
# commit log message.
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
Detect work-in-progress commits in danger CI To avoid accidentally merging unfinished work, detect prohibited keywords at the start of the subject line. If the first word is any of the following, fail the check: WIP, wip, DROP, drop, TODO, todo The only slightly controversial is the lowercase "drop" which might have a legitimate use - seems like four commits in the history used it as a start of a sentence. However, since people commonly use "drop" to indicate a commit should be dropped before merging, let's prohibit it as well. In case of false-positive, "Drop" with a capitalized first letter can always be used.
2022-11-07 14:18:55 +01:00
PROHIBITED_WORDS_RE = re.compile(
"^(WIP|wip|DROP|drop|DROPME|checkpoint|experiment|TODO|todo)[^a-zA-Z]"
)
Only warn about fixup commits once per run The Danger GitLab CI job currently generates a separate error message about fixup commits being present in a merge request for every such commit found. Prevent that by making it only log that error message once per run.
2021-01-18 14:57:47 +01:00
fixup_error_logged = False
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
for commit in danger.git.commits:
message_lines = commit.message.splitlines()
subject = message_lines[0]
Don't warn about subject line length for the fixup commits The fixup commits' subject line has a prefix which has its own length, so warning about the exceeding length is not accurate. Given that the fixup commits can not be merged, because they cause a danger failure, it's safe to ignore the length check for them.
2023-09-06 09:52:12 +00:00
is_merge = subject.startswith("Merge branch ")
is_fixup = (
Teach danger about amend commit --fixup=amend:<hash> produces a subject starting with amend! by default. Have danger look for this to ensure that it is squashed before merging.
2023-01-27 12:43:45 +11:00
subject.startswith("fixup!")
or subject.startswith("amend!")
or subject.startswith("Apply suggestion")
Don't warn about subject line length for the fixup commits The fixup commits' subject line has a prefix which has its own length, so warning about the exceeding length is not accurate. Given that the fixup commits can not be merged, because they cause a danger failure, it's safe to ignore the length check for them.
2023-09-06 09:52:12 +00:00
)
if not fixup_error_logged and is_fixup:
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
fail(
"Fixup commits are still present in this merge request. "
"Please squash them before merging."
)
Only warn about fixup commits once per run The Danger GitLab CI job currently generates a separate error message about fixup commits being present in a merge request for every such commit found. Prevent that by making it only log that error message once per run.
2021-01-18 14:57:47 +01:00
fixup_error_logged = True
Detect work-in-progress commits in danger CI To avoid accidentally merging unfinished work, detect prohibited keywords at the start of the subject line. If the first word is any of the following, fail the check: WIP, wip, DROP, drop, TODO, todo The only slightly controversial is the lowercase "drop" which might have a legitimate use - seems like four commits in the history used it as a start of a sentence. However, since people commonly use "drop" to indicate a commit should be dropped before merging, let's prohibit it as well. In case of false-positive, "Drop" with a capitalized first letter can always be used.
2022-11-07 14:18:55 +01:00
match = PROHIBITED_WORDS_RE.search(subject)
if match:
fail(
f"Prohibited keyword `{match.groups()[0]}` detected "
f"at the start of a subject line in commit {commit.sha}."
)
Don't warn about subject line length for the fixup commits The fixup commits' subject line has a prefix which has its own length, so warning about the exceeding length is not accurate. Given that the fixup commits can not be merged, because they cause a danger failure, it's safe to ignore the length check for them.
2023-09-06 09:52:12 +00:00
if len(subject) > 72 and not is_merge and not is_fixup:
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
warn(
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
f"Subject line for commit {commit.sha} is too long: "
f"```{subject}``` ({len(subject)} > 72 characters)."
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
)
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
if subject[-1] == ".":
fail(f"Trailing dot found in the subject of commit {commit.sha}.")
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
if len(message_lines) > 1 and message_lines[1]:
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
fail(f"No empty line after subject for commit {commit.sha}.")
if (
len(message_lines) < 3
and "fixup! " not in subject
danger: relax rules for single-line commits The following are not also accepted as single-line commits without generating warnings: - CHANGES/release note may appear in the beginning of the commit message - Release note may be capitalized - Allow commits with "GL #" (e.g. Update documentation for [GL #XXXX])
2023-01-26 13:04:40 +01:00
and "CHANGES " not in subject
and "release note" not in subject.lower()
and "GL #" not in subject
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
):
warn(f"Please write a log message for commit {commit.sha}.")
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
for line in message_lines[2:]:
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
if (
len(line) > 72
and not line.startswith(" ")
and not re.match(r"\[[0-9]+\]", line)
):
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
warn(
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
f"Line too long in log message for commit {commit.sha}: "
f"```{line}``` ({len(line)} > 72 characters)."
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
)
###############################################################################
# MILESTONE
###############################################################################
#
# FAIL if the merge request is not assigned to any milestone.
if not danger.gitlab.mr.milestone:
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
fail("Please assign this merge request to a milestone.")
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
###############################################################################
danger: support partial backport label Treat the Backport::Partial label as a backport as well.
2022-12-15 17:39:58 +01:00
# BACKPORT & VERSION LABELS
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
###############################################################################
#
# FAIL if any of the following is true for the merge request:
#
Fail for backports with "Affects v9.x" labels set Backports are not expected to have any "Affects v9.x" labels set since those are only meant to be set for merge requests that should have backports created for them.
2024-06-03 13:07:21 +02:00
# * The MR is marked as a Backport and has any "Affects v9.x" label(s) set.
#
danger: support partial backport label Treat the Backport::Partial label as a backport as well.
2022-12-15 17:39:58 +01:00
# * The MR is marked as Backport and the number of version labels set is
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
# different than 1. (For backports, the version label is used for indicating
# its target branch. This is a rather ugly attempt to address a UI
# deficiency - the target branch for each MR is not visible on milestone
# dashboards.)
#
danger: support partial backport label Treat the Backport::Partial label as a backport as well.
2022-12-15 17:39:58 +01:00
# * The MR is not marked as "Backport" nor any version label is set. (If the
# merge request is not a backport, version labels are used for indicating
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
# backporting preferences.)
danger: ensure target branch is in the MR title Having the MR title clearly marked in its title can be very useful when looking through older issues/MRs. This check also ensures that the version from the version label matches the proper version branch (i.e. v9.16 must be marked with [v9_16]).
2022-12-15 17:45:54 +01:00
#
# * The Backport MR doesn't have target branch in the merge request title.
danger: check backport links to the original MR When doing archeology, it is much easier to find stuff if it's properly linked. This check ensures that backport MR are linked to their original MR via a "Backport of !XXXX" message. The regular expression is fairly broad and has been tested to accept the following variants of the message: Backport of MR !XXXX Backport of: !XXXX backport of mr !XXXX Backport of !XXXX Backport of https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/XXXX
2022-12-15 17:48:34 +01:00
#
# * The Backport MR doesn't link to the original MR is its description.
danger: check that original MR has been merged When checking a backport MR, ensure that the original MR has been merged already. This is vital for followup checks that verify commit IDs from original commits are present in backport commit messages.
2022-12-15 17:51:24 +01:00
#
# * The original MR linked to from Backport MR hasn't been merged.
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
danger: check backport links to the original MR When doing archeology, it is much easier to find stuff if it's properly linked. This check ensures that backport MR are linked to their original MR via a "Backport of !XXXX" message. The regular expression is fairly broad and has been tested to accept the following variants of the message: Backport of MR !XXXX Backport of: !XXXX backport of mr !XXXX Backport of !XXXX Backport of https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/XXXX
2022-12-15 17:48:34 +01:00
BACKPORT_OF_RE = re.compile(
r"Backport\s+of.*(merge_requests/|!)([0-9]+)", flags=re.IGNORECASE
)
danger: check version in MR title Enforce the version indicator to be at the start of the MR title.
2022-12-19 14:43:16 +01:00
VERSION_LABEL_RE = re.compile(r"v9.([0-9]+)(-S)?")
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
version_labels = [l for l in mr_labels if l.startswith("v9.")]
danger: check the Affects labels are set Unless the MR is a backport, the Affects labels should be used to indicate which versions are affected by the issue that prompted the MR.
2022-12-19 15:14:48 +01:00
affects_labels = [l for l in mr_labels if l.startswith("Affects v9.")]
danger: ensure target branch is in the MR title Having the MR title clearly marked in its title can be very useful when looking through older issues/MRs. This check also ensures that the version from the version label matches the proper version branch (i.e. v9.16 must be marked with [v9_16]).
2022-12-15 17:45:54 +01:00
if is_backport:
Fail for backports with "Affects v9.x" labels set Backports are not expected to have any "Affects v9.x" labels set since those are only meant to be set for merge requests that should have backports created for them.
2024-06-03 13:07:21 +02:00
if affects_labels:
fail("Backports must not have any *Affects v9.x* labels set.")
danger: ensure target branch is in the MR title Having the MR title clearly marked in its title can be very useful when looking through older issues/MRs. This check also ensures that the version from the version label matches the proper version branch (i.e. v9.16 must be marked with [v9_16]).
2022-12-15 17:45:54 +01:00
if len(version_labels) != 1:
fail(
"This MR was marked as *Backport*. "
"Please also set exactly one version label (*v9.x*)."
)
else:
danger: check version in MR title Enforce the version indicator to be at the start of the MR title.
2022-12-19 14:43:16 +01:00
minor_ver, edition = VERSION_LABEL_RE.search(version_labels[0]).groups()
edition = "" if edition is None else edition
title_re = f"^\\[9.{minor_ver}{edition}\\]"
match = re.search(title_re, danger.gitlab.mr.title)
if match is None:
danger: ensure target branch is in the MR title Having the MR title clearly marked in its title can be very useful when looking through older issues/MRs. This check also ensures that the version from the version label matches the proper version branch (i.e. v9.16 must be marked with [v9_16]).
2022-12-15 17:45:54 +01:00
fail(
danger: check version in MR title Enforce the version indicator to be at the start of the MR title.
2022-12-19 14:43:16 +01:00
"Backport MRs must have their target version in the title. "
f"Please put `[9.{minor_ver}{edition}]` at the start of the MR title."
danger: ensure target branch is in the MR title Having the MR title clearly marked in its title can be very useful when looking through older issues/MRs. This check also ensures that the version from the version label matches the proper version branch (i.e. v9.16 must be marked with [v9_16]).
2022-12-15 17:45:54 +01:00
)
Handle empty MR description in dangerfile A merge request might have no description at all (i.e. None, rather than an empty string). This might happen when the MR is created via an API. Check a description is present before trying to find a backport string in it.
2023-12-08 16:31:46 +01:00
backport_desc = BACKPORT_OF_RE.search(danger.gitlab.mr.description or "")
danger: check backport links to the original MR When doing archeology, it is much easier to find stuff if it's properly linked. This check ensures that backport MR are linked to their original MR via a "Backport of !XXXX" message. The regular expression is fairly broad and has been tested to accept the following variants of the message: Backport of MR !XXXX Backport of: !XXXX backport of mr !XXXX Backport of !XXXX Backport of https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/XXXX
2022-12-15 17:48:34 +01:00
if backport_desc is None:
fail(
"Backport MRs must link to the original MR. Please put "
"`Backport of MR !XXXX` in the MR description."
)
danger: check that original MR has been merged When checking a backport MR, ensure that the original MR has been merged already. This is vital for followup checks that verify commit IDs from original commits are present in backport commit messages.
2022-12-15 17:51:24 +01:00
else: # backport MR is linked to original MR
original_mr_id = backport_desc.groups()[1]
original_mr = proj.mergerequests.get(original_mr_id)
if original_mr.state != "merged":
fail(
f"Original MR !{original_mr_id} has not been merged. "
"Please re-run `danger` check once it's merged."
)
danger: check backport commits for original commit IDs A full backport must have all the commit from the original MR and the original commit IDs must be referenced in the backport commit messages. If the criteria above is not met, the MR should be marked as a partial backport. In that case, any discrepencies are only logged as informative messages rather than failures.
2022-12-15 17:52:52 +01:00
else: # check for commit IDs once original MR is merged
original_mr_commits = list(original_mr.commits(all=True))
backport_mr_commits = list(mr.commits(all=True))
for orig_commit in original_mr_commits:
for backport_commit in backport_mr_commits:
if orig_commit.id in backport_commit.message:
break
else:
msg = (
f"Commit {orig_commit.id} from original MR !{original_mr_id} "
"is not referenced in any of the backport commits."
)
if not is_full_backport:
message(msg)
else:
msg += (
" Please use `-x` when cherry-picking to include "
"the full original commit ID. Alternately, use the "
"`Backport::Partial` label if not all original "
"commits are meant to be backported."
)
fail(msg)
danger: check the Affects labels are set Unless the MR is a backport, the Affects labels should be used to indicate which versions are affected by the issue that prompted the MR.
2022-12-19 15:14:48 +01:00
else:
if not version_labels:
fail(
"If this merge request is a backport, set the *Backport* label and "
"a single version label (*v9.x*) indicating the target branch. "
"If not, set version labels for all targeted backport branches."
)
if not affects_labels:
warn(
"Set `Affects v9.` label(s) for all versions that are affected by "
"the issue which this MR addresses."
)
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
###############################################################################
# OTHER LABELS
###############################################################################
#
# WARN if any of the following is true for the merge request:
#
# * The "Review" label is not set. (It may be intentional, but rarely is.)
#
# * The "Review" label is set, but the "LGTM" label is not set. (This aims to
# remind developers about the need to set the latter on merge requests which
# passed review.)
Use approve button workflow in danger CI Since the LGTM label was deprecated in favor of using the Approve button in gitlab, adjust the detection in danger bot. Unfortunately, danger-python seems no longer maintained since 2020 and MR approvals aren't available in its Python API (even though they're supported in its Ruby/JS APIs). Going forward, let's use the more comprehensive python-gitlab API. It still makes sense to utilize the danger-python, since it handles the integration with gitlab which doesn't need to be reimplemented as long as it works - same with the other checks.
2022-11-04 13:05:29 +01:00
approved = mr.approvals.get().approved
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
if "Review" not in mr_labels:
warn(
"This merge request does not have the *Review* label set. "
"Please set it if you would like the merge request to be reviewed."
)
Use approve button workflow in danger CI Since the LGTM label was deprecated in favor of using the Approve button in gitlab, adjust the detection in danger bot. Unfortunately, danger-python seems no longer maintained since 2020 and MR approvals aren't available in its Python API (even though they're supported in its Ruby/JS APIs). Going forward, let's use the more comprehensive python-gitlab API. It still makes sense to utilize the danger-python, since it handles the integration with gitlab which doesn't need to be reimplemented as long as it works - same with the other checks.
2022-11-04 13:05:29 +01:00
elif not approved:
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
warn(
"This merge request is currently in review. "
Use approve button workflow in danger CI Since the LGTM label was deprecated in favor of using the Approve button in gitlab, adjust the detection in danger bot. Unfortunately, danger-python seems no longer maintained since 2020 and MR approvals aren't available in its Python API (even though they're supported in its Ruby/JS APIs). Going forward, let's use the more comprehensive python-gitlab API. It still makes sense to utilize the danger-python, since it handles the integration with gitlab which doesn't need to be reimplemented as long as it works - same with the other checks.
2022-11-04 13:05:29 +01:00
"It should not be merged until it is approved."
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
)
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
###############################################################################
# 'CHANGES' FILE
###############################################################################
#
# FAIL if any of the following is true:
#
# * The merge request does not update the CHANGES file, but it does not have
# the "No CHANGES" label set. (This attempts to ensure that the author of
# the MR did not forget about adding a CHANGES entry.)
#
# * The merge request updates the CHANGES file, but it has the "No CHANGES"
Handle [placeholder] CHANGES entries Make the Danger GitLab CI job fail when a merge request targeting a branch different than "main" adds any [placeholder] entries to the CHANGES file. Prevent Danger from flagging missing GitLab identifiers for [placeholder] CHANGES entries.
2021-01-18 14:57:47 +01:00
# label set. (This attempts to ensure that the "No CHANGES" label is used in
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
# a sane way.)
#
Handle [placeholder] CHANGES entries Make the Danger GitLab CI job fail when a merge request targeting a branch different than "main" adds any [placeholder] entries to the CHANGES file. Prevent Danger from flagging missing GitLab identifiers for [placeholder] CHANGES entries.
2021-01-18 14:57:47 +01:00
# * The merge request adds any placeholder entries to the CHANGES file, but it
# does not target the "main" branch.
#
# * The merge request adds a new CHANGES entry that is not a placeholder and
# does not contain any GitLab/RT issue/MR identifiers.
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
danger: update CHANGES rule to work with -S edition When updating the -S edition, the CHANGES.SE file is modified. Make sure danger accepts that.
2023-01-26 13:03:12 +01:00
changes_modified = "CHANGES" in modified_files or "CHANGES.SE" in modified_files
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
no_changes_label_set = "No CHANGES" in mr_labels
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
if not changes_modified and not no_changes_label_set:
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
fail(
"This merge request does not modify `CHANGES`. "
"Add a `CHANGES` entry or set the *No CHANGES* label."
)
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
if changes_modified and no_changes_label_set:
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
fail(
"This merge request modifies `CHANGES`. "
"Revert `CHANGES` modifications or unset the *No Changes* label."
)
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
danger: update CHANGES rule to work with -S edition When updating the -S edition, the CHANGES.SE file is modified. Make sure danger accepts that.
2023-01-26 13:03:12 +01:00
changes_added_lines = added_lines(target_branch, ["CHANGES", "CHANGES.SE"])
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
placeholders_added = lines_containing(changes_added_lines, "[placeholder]")
Update Danger check for GitLab references Release notes now employ a custom :gl: Sphinx role for linking to GitLab issues/MRs. Tweak the relevant Danger checks to account for that.
2021-04-29 13:24:21 +02:00
identifiers_found = filter(changes_issue_or_mr_id_regex.search, changes_added_lines)
Handle [placeholder] CHANGES entries Make the Danger GitLab CI job fail when a merge request targeting a branch different than "main" adds any [placeholder] entries to the CHANGES file. Prevent Danger from flagging missing GitLab identifiers for [placeholder] CHANGES entries.
2021-01-18 14:57:47 +01:00
if changes_added_lines:
if placeholders_added:
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
if target_branch != "main":
fail(
"This MR adds at least one placeholder entry to `CHANGES`. "
"It should be targeting the `main` branch."
)
Handle [placeholder] CHANGES entries Make the Danger GitLab CI job fail when a merge request targeting a branch different than "main" adds any [placeholder] entries to the CHANGES file. Prevent Danger from flagging missing GitLab identifiers for [placeholder] CHANGES entries.
2021-01-18 14:57:47 +01:00
elif not any(identifiers_found):
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
fail("No valid issue/MR identifiers found in added `CHANGES` entries.")
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
###############################################################################
# RELEASE NOTES
###############################################################################
#
# - FAIL if any of the following is true:
#
# * The merge request does not update release notes and has the "Release
# Notes" label set. (This attempts to point out missing release notes.)
#
# * The merge request updates release notes but does not have the "Release
# Notes" label set. (This ensures that merge requests updating release
# notes can be easily found using the "Release Notes" label.)
#
Detect change in supported RR types and issue Hazard warning
2024-03-07 16:41:46 +01:00
# * A file was added to or deleted from the lib/dns/rdata/ subdirectory but
# release notes were not modified. This is probably a mistake because new
# RR types are a user-visible change (and so is removing support for
# existing ones).
#
Warn about release notes without CHANGES entry
2024-03-07 16:58:29 +01:00
# * "Release notes" and "No CHANGES" labels are both set at the same time.
# (If something is worth a release note, it should surely show up in
# CHANGES.) MRs with certain labels set ("Documentation", "Release") are
# exempt because these are typically used during release process.
#
Suggest adding release notes for customer issues Make Danger suggest adding a release note to a merge request if the latter is marked with the "Customer" label but not with the "Release Notes" label.
2021-01-18 14:57:47 +01:00
# - WARN if any of the following is true:
#
# * This merge request does not update release notes and has the "Customer"
# label set. (Except for trivial changes, all merge requests which may
# be of interest to customers should include a release note.)
#
# * This merge request updates release notes, but no GitLab/RT issue/MR
# identifiers are found in the lines added to the release notes by this
# MR.
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
release_notes_regex = re.compile(r"doc/(arm|notes)/notes-.*\.(rst|xml)")
Fix Danger rules for flagging release note issues The logic contained in dangerfile.py incorrectly warns about missing release note changes for merge requests preparing release documentation as such merge requests rename files in the doc/notes/ directory. This (correctly) causes these files to be passed to dangerfile.py via danger.git.created_files and danger.git.deleted_files rather than via danger.git.modified_files, which in turn causes the logic checking the use of the "Release Notes" label to assume that no release notes are added, removed, or modified by a given merge request. Fix by considering all types of file changes (modifications, additions, and removals - which also covers file renaming) when checking whether a given merge request modifies release notes. Update the warning messages accordingly. However, when trying to find release notes added by a given merge request, deleted files must not be considered. Tweak the logic looking for GitLab identifiers in the release notes added by a given merge request so that it only scans modified and added (or renamed) files.
2024-01-05 12:51:13 +01:00
release_notes_changed = list(filter(release_notes_regex.match, affected_files))
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
release_notes_label_set = "Release Notes" in mr_labels
Suggest adding release notes for customer issues Make Danger suggest adding a release note to a merge request if the latter is marked with the "Customer" label but not with the "Release Notes" label.
2021-01-18 14:57:47 +01:00
if not release_notes_changed:
if release_notes_label_set:
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
fail(
"This merge request has the *Release Notes* label set. "
Fix Danger rules for flagging release note issues The logic contained in dangerfile.py incorrectly warns about missing release note changes for merge requests preparing release documentation as such merge requests rename files in the doc/notes/ directory. This (correctly) causes these files to be passed to dangerfile.py via danger.git.created_files and danger.git.deleted_files rather than via danger.git.modified_files, which in turn causes the logic checking the use of the "Release Notes" label to assume that no release notes are added, removed, or modified by a given merge request. Fix by considering all types of file changes (modifications, additions, and removals - which also covers file renaming) when checking whether a given merge request modifies release notes. Update the warning messages accordingly. However, when trying to find release notes added by a given merge request, deleted files must not be considered. Tweak the logic looking for GitLab identifiers in the release notes added by a given merge request so that it only scans modified and added (or renamed) files.
2024-01-05 12:51:13 +01:00
"Update release notes or unset the *Release Notes* label."
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
)
elif "Customer" in mr_labels:
warn(
"This merge request has the *Customer* label set. "
Fix Danger rules for flagging release note issues The logic contained in dangerfile.py incorrectly warns about missing release note changes for merge requests preparing release documentation as such merge requests rename files in the doc/notes/ directory. This (correctly) causes these files to be passed to dangerfile.py via danger.git.created_files and danger.git.deleted_files rather than via danger.git.modified_files, which in turn causes the logic checking the use of the "Release Notes" label to assume that no release notes are added, removed, or modified by a given merge request. Fix by considering all types of file changes (modifications, additions, and removals - which also covers file renaming) when checking whether a given merge request modifies release notes. Update the warning messages accordingly. However, when trying to find release notes added by a given merge request, deleted files must not be considered. Tweak the logic looking for GitLab identifiers in the release notes added by a given merge request so that it only scans modified and added (or renamed) files.
2024-01-05 12:51:13 +01:00
"Update release notes unless the changes introduced are trivial."
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
)
Detect change in supported RR types and issue Hazard warning
2024-03-07 16:41:46 +01:00
rdata_types_add_rm = list(
filter(rdata_regex.match, danger.git.created_files + danger.git.deleted_files)
)
if rdata_types_add_rm:
fail(
"This merge request adds new files to `lib/dns/rdata/` and/or "
"deletes existing files from that directory, which almost certainly "
"means that it adds support for a new RR type or removes support "
"for an existing one. Please add a relevant release note."
)
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
if release_notes_changed and not release_notes_label_set:
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
fail(
"This merge request modifies release notes. "
"Revert release note modifications or set the *Release Notes* label."
)
Warn about release notes without CHANGES entry
2024-03-07 16:58:29 +01:00
if (
release_notes_label_set
and no_changes_label_set
and not ("Documentation" in mr_labels or "Release" in mr_labels)
):
fail(
"This merge request is labeled with both *Release notes* and *No CHANGES*. "
"A user-visible change should also be mentioned in the `CHANGES` file."
)
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
if release_notes_changed:
Fix Danger rules for flagging release note issues The logic contained in dangerfile.py incorrectly warns about missing release note changes for merge requests preparing release documentation as such merge requests rename files in the doc/notes/ directory. This (correctly) causes these files to be passed to dangerfile.py via danger.git.created_files and danger.git.deleted_files rather than via danger.git.modified_files, which in turn causes the logic checking the use of the "Release Notes" label to assume that no release notes are added, removed, or modified by a given merge request. Fix by considering all types of file changes (modifications, additions, and removals - which also covers file renaming) when checking whether a given merge request modifies release notes. Update the warning messages accordingly. However, when trying to find release notes added by a given merge request, deleted files must not be considered. Tweak the logic looking for GitLab identifiers in the release notes added by a given merge request so that it only scans modified and added (or renamed) files.
2024-01-05 12:51:13 +01:00
modified_or_new_files = danger.git.modified_files + danger.git.created_files
release_notes_added = list(filter(release_notes_regex.match, modified_or_new_files))
notes_added_lines = added_lines(target_branch, release_notes_added)
Update Danger check for GitLab references Release notes now employ a custom :gl: Sphinx role for linking to GitLab issues/MRs. Tweak the relevant Danger checks to account for that.
2021-04-29 13:24:21 +02:00
identifiers_found = filter(relnotes_issue_or_mr_id_regex.search, notes_added_lines)
Add Danger Python to GitLab CI Certain rules of the BIND development process are not codified anywhere and/or are used inconsistently. In an attempt to improve this situation, add a GitLab CI job which uses Danger Python to add comments to merge requests when certain expectations are not met. Two categories of feedback are used, only one of which - fail() - causes the GitLab CI job to fail. Exclude dangerfile.py from Python QA checks as the way the contents of that file are evaluated triggers a lot of Flake8 and PyLint warnings.
2020-05-25 12:49:36 +02:00
if notes_added_lines and not any(identifiers_found):
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
warn("No valid issue/MR identifiers found in added release notes.")
Flag missing CVE identifiers Make Danger ensure that if a merge request fixes a security issue then that merge request includes a CHANGES entry and a release note, both of which contain a CVE identifier.
2021-01-18 14:57:47 +01:00
else:
notes_added_lines = []
###############################################################################
# CVE IDENTIFIERS
###############################################################################
#
# FAIL if the merge request adds a CHANGES entry of type [security] and a CVE
# identifier is missing from either the added CHANGES entry or the added
# release note.
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
if lines_containing(changes_added_lines, "[security]"):
if not lines_containing(changes_added_lines, "(CVE-20"):
fail(
"This merge request fixes a security issue. "
"Please add a CHANGES entry which includes a CVE identifier."
)
Update dangerfile.py to know about ':cve:'
2023-10-10 11:25:05 +11:00
if not lines_containing(notes_added_lines, ":cve:`20"):
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
fail(
"This merge request fixes a security issue. "
"Please add a release note which includes a CVE identifier."
)
Flag missing pairwise testing markers Make the Danger GitLab CI job fail when a merge request adds a new ./configure switch without also adding a "# [pairwise: ...]" marker that the relevant GitLab CI job uses for preparing the pairwise testing model. This helps to ensure that any newly added ./configure switches are tested by the pairwise testing GitLab CI job.
2021-01-18 14:57:47 +01:00
###############################################################################
# PAIRWISE TESTING
###############################################################################
#
# FAIL if the merge request adds any new ./configure switch without an
# associated annotation used for pairwise testing.
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
configure_added_lines = added_lines(target_branch, ["configure.ac"])
switches_added = lines_containing(
configure_added_lines, "AC_ARG_ENABLE"
) + lines_containing(configure_added_lines, "AC_ARG_WITH")
annotations_added = lines_containing(configure_added_lines, "# [pairwise: ")
Add a friendly Danger plea to run the pairwise CI job Sometimes a pairwise definition for a new ./configure switch is added but not tested in the CI.
2023-04-28 10:24:17 +02:00
if switches_added:
if len(switches_added) > len(annotations_added):
fail(
"This merge request adds at least one new `./configure` switch that "
"is not annotated for pairwise testing purposes."
)
else:
message(
"**Before merging**, please start a full CI pipeline for this "
"branch with the `PAIRWISE_TESTING` variable set to any "
"non-empty value (e.g. `1`). This will cause the `pairwise` "
"job to exercise the new `./configure` switches."
)
Flag new user-visible log messages for review Messages with log levels INFO or higher are flagged for manual review. Purpose of this check is to prevent debug logs to being released with too-high log level.
2022-03-15 11:55:36 +01:00
Warn if security fixes are not marked for testing
2024-03-21 15:45:25 +01:00
###############################################################################
# PRE-RELEASE TESTING
###############################################################################
#
# WARN if the merge request is marked with the "Security" label, but not with
# the label used for marking merge requests for pre-release testing (if the
# latter is defined by the relevant environment variable).
pre_release_testing_label = os.getenv("PRE_RELEASE_TESTING_LABEL")
if (
pre_release_testing_label
and "Security" in mr_labels
and pre_release_testing_label not in mr_labels
):
warn(
"This merge request is marked with the *Security* label, but it is not "
f"marked for pre-release testing (*{pre_release_testing_label}*)."
)
Flag new user-visible log messages for review Messages with log levels INFO or higher are flagged for manual review. Purpose of this check is to prevent debug logs to being released with too-high log level.
2022-03-15 11:55:36 +01:00
###############################################################################
# USER-VISIBLE LOG LEVELS
###############################################################################
#
# WARN if the merge request adds new user-visible log messages (INFO or above)
user_visible_log_levels = [
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
"ISC_LOG_INFO",
"ISC_LOG_NOTICE",
"ISC_LOG_WARNING",
"ISC_LOG_ERROR",
"ISC_LOG_CRITICAL",
Flag new user-visible log messages for review Messages with log levels INFO or higher are flagged for manual review. Purpose of this check is to prevent debug logs to being released with too-high log level.
2022-03-15 11:55:36 +01:00
]
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
source_added_lines = added_lines(target_branch, ["*.[ch]"])
Flag new user-visible log messages for review Messages with log levels INFO or higher are flagged for manual review. Purpose of this check is to prevent debug logs to being released with too-high log level.
2022-03-15 11:55:36 +01:00
for log_level in user_visible_log_levels:
Auto-format Python files with black This patch is strictly the result of: $ black $(git ls-files '*.py') There have been no manual changes.
2022-06-07 16:27:23 +02:00
if lines_containing(source_added_lines, log_level):
warn(
"This merge request adds new user-visible log messages with "
"level INFO or above. Please double-check log levels and make "
"sure none of the messages added is a leftover debug message."
)
Flag new user-visible log messages for review Messages with log levels INFO or higher are flagged for manual review. Purpose of this check is to prevent debug logs to being released with too-high log level.
2022-03-15 11:55:36 +01:00
break
danger: check system test convetions for pytest runner When adding a new system test, it might easy to forget to add the required files for the pytest runner or break a naming convention. Add danger checks to cover these cases.
2023-08-30 13:51:05 +02:00
###############################################################################
# SYSTEM TEST FILES
###############################################################################
#
# FAIL if newly added system test directory contains an underscore (invalid char)
# FAIL if there are no pytest files in the system test directory
# FAIL if the pytest glue file for tests.sh is missing
TESTNAME_CANDIDATE_RE = re.compile(r"bin/tests/system/([^/]+)")
testnames = set()
for path in affected_files:
match = TESTNAME_CANDIDATE_RE.search(path)
if match is not None:
testnames.add(match.groups()[0])
for testname in testnames:
dirpath = f"bin/tests/system/{testname}"
if (
not os.path.isdir(dirpath)
or testname.startswith(".")
or testname.startswith("_")
Add system test utility package isctest Create a utility package for code shared by the python tests. The utility functions should use reasonable defaults and be split up into modules according to their functionality. Ensure assert rewriting is enabled for the modules to get the most useful output from pytest.
2023-12-04 18:05:50 +01:00
or testname == "isctest"
danger: check system test convetions for pytest runner When adding a new system test, it might easy to forget to add the required files for the pytest runner or break a naming convention. Add danger checks to cover these cases.
2023-08-30 13:51:05 +02:00
):
continue
if "_" in testname:
fail(
f"System test directory `{testname}` may not contain an underscore, "
"use hyphen instead."
)
if not glob.glob(f"{dirpath}/**/tests_*.py", recursive=True):
fail(
f"System test directory `{testname}` doesn't contain any "
"`tests_*.py` pytest file."
)
tests_sh_exists = os.path.exists(f"{dirpath}/tests.sh")
glue_file_name = f"tests_sh_{testname.replace('-', '_')}.py"
tests_sh_py_exists = os.path.exists(f"{dirpath}/{glue_file_name}")
if tests_sh_exists and not tests_sh_py_exists:
fail(
f"System test directory `{testname}` is missing the "
f"`{glue_file_name}` pytest glue file."
)
Reference in New Issue Copy Permalink