From d53892d9163dc5511495b91ad1be88c499c0a262 Mon Sep 17 00:00:00 2001 From: "Brian J. Murrell" Date: Thu, 14 Dec 2023 14:41:24 -0500 Subject: [PATCH] =?UTF-8?q?DAOS-14726=20build:=20Handle=20corner=20case?= =?UTF-8?q?=E2=80=A6=20(#13472)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Of not erroneously matching commit pragmas that are part of the patch description when they occur quoted at the start of a line. For example: 'Skip-checkpatch: true' should not be considered a commit pragma. Unfortunately Skip-checkpatch: true would be considered a commit pragma because the missing quotes around it (and it being at the beginning of the line) eliminate the only means we have of trying to determine that it's not really a commit pragma. Unfortunately we cannot use spaces in the value as an indicator that it's a pragma because we have pragmas that allow space separated values such as Test-tag. Also limit the characters that can be in a commit pragma to prevent command injection attempts such as: Hacking-attempt: true;evil_command Add a step to show the found commit pragmas. Add unit-testing for gha_functions.sh. Signed-off-by: Brian J. Murrell --- .github/workflows/bash_unit_testing.yml | 30 ++++++++++++++++++++++++ .github/workflows/rpm-build-and-test.yml | 3 +++ ci/gha_functions.sh | 19 +++++++++------ 3 files changed, 45 insertions(+), 7 deletions(-) create mode 100644 .github/workflows/bash_unit_testing.yml diff --git a/.github/workflows/bash_unit_testing.yml b/.github/workflows/bash_unit_testing.yml new file mode 100644 index 00000000000..7f8ae63f43b --- /dev/null +++ b/.github/workflows/bash_unit_testing.yml @@ -0,0 +1,30 @@ +name: bash Unit Testing + +on: + push: + pull_request: + +concurrency: + group: bash-unit-test-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +defaults: + run: + shell: bash --noprofile --norc -ueo pipefail {0} + +jobs: + Test-gha-functions: + name: Tests in ci/gha_functions.sh + runs-on: [self-hosted, light] + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.sha }} + - name: Checkout bash_unit project + uses: actions/checkout@v4 + with: + repository: 'pgrange/bash_unit' + path: bash_unit + - name: Unit testing with bash_unit + run: FORCE_COLOR=true ./bash_unit/bash_unit ci/gha_functions.sh diff --git a/.github/workflows/rpm-build-and-test.yml b/.github/workflows/rpm-build-and-test.yml index e2ca1532753..bbad2b715b4 100644 --- a/.github/workflows/rpm-build-and-test.yml +++ b/.github/workflows/rpm-build-and-test.yml @@ -60,6 +60,9 @@ jobs: echo "text<> $GITHUB_OUTPUT; git show -s --format=%B | escape_single_quotes >> $GITHUB_OUTPUT; echo "EOF" >> $GITHUB_OUTPUT; + - name: Identify Commit Pragmas + run: . ci/gha_functions.sh; + echo '${{steps.dequoted_commit_message.outputs.text }}' | get_commit_pragmas Import-commit-pragmas: name: Make commit pragma variables diff --git a/ci/gha_functions.sh b/ci/gha_functions.sh index cad14ee4ec4..6fbc72c7e9b 100644 --- a/ci/gha_functions.sh +++ b/ci/gha_functions.sh @@ -77,7 +77,7 @@ get_test_tags() { get_commit_pragmas() { - sed -ne '/^[^ ]*: */s/\([^:]*\): *\(.*\)/\1 \2/p' | while read -r a b; do + sed -Ene 's/^([-[:alnum:]]+): *([-\._ [:alnum:]]+)$/\1 \2/p' | while read -r a b; do echo -n "${a//-/_}" | tr '[:lower:]' '[:upper:]' # escape special characters in the value echo "=$b" | sed -e 's/\([<> ]\)/\\\1/g' @@ -240,7 +240,7 @@ Stage Name: $stage_name\" > /root/job_info # This is run under the unit test framework at https://github.com/pgrange/bash_unit/ -# I.e. ../bash_unit/bash_unit ci/gha_functions.sh ci/gha_functions.sh +# I.e. ../bash_unit/bash_unit ci/gha_functions.sh test_test_tag_and_features() { # Simple Test-tag: test assert_equals "$(CP_TEST_TAG="always_passes always_fails" get_test_tags "-hw")" "always_passes,-hw always_fails,-hw" @@ -257,7 +257,12 @@ test_test_tag_and_features() { test_get_commit_pragmas() { local msg='Escape spaces also +'"'"'Will-not-be-a-pragma: false'"'"' should not be considered a commit +pragma, but: +Should-not-be-a-pragma: bar will be because it was not quoted. + Skip-func-test-leap15: false +RPM-test-version: 2.5.100-13.10036.g65926e32 Skip-PR-comments: true Test-tag: always_passes always_fails EL8-VM9-label: all_vm9 @@ -270,7 +275,9 @@ Required-githooks: true Signed-off-by: Brian J. Murrell ' - assert_equals "$(echo "$msg" | get_commit_pragmas)" 'SKIP_FUNC_TEST_LEAP15=false + assert_equals "$(echo "$msg" | get_commit_pragmas)" 'SHOULD_NOT_BE_A_PRAGMA=bar\ will\ be\ because\ it\ was\ not\ quoted. +SKIP_FUNC_TEST_LEAP15=false +RPM_TEST_VERSION=2.5.100-13.10036.g65926e32 SKIP_PR_COMMENTS=true TEST_TAG=always_passes\ always_fails EL8_VM9_LABEL=all_vm9 @@ -278,13 +285,11 @@ EL9_VM9_LABEL=all_vm9 LEAP15_VM9_LABEL=all_vm9 HW_MEDIUM_LABEL=new_icx5 HW_LARGE_LABEL=new_icx9 -REQUIRED_GITHOOKS=true -SIGNED_OFF_BY=Brian\ J.\ Murrell\ \' +REQUIRED_GITHOOKS=true' } test_jenkins_curl() { JENKINS_URL="${JENKINS_URL:-https://build.hpdd.intel.com/}" - assert_equals "$(QUIET=true VERBOSE=false jenkins_curl -X POST "${JENKINS_URL}api/xml" 3>&1 >/dev/null | grep '^X-Content-Type-Options:')" "X-Content-Type-Options: nosniff -" + assert_equals "$(QUIET=true VERBOSE=false jenkins_curl -X POST "${JENKINS_URL}api/xml" 3>&1 >/dev/null | tr -d '\r' | grep '^X-Content-Type-Options:')" "X-Content-Type-Options: nosniff" }