From 73db45967f57f911fbe707032c7b241af82ad5d7 Mon Sep 17 00:00:00 2001 From: Patrick Ohly Date: Wed, 23 Jan 2019 14:41:26 +0100 Subject: [PATCH 1/3] verify-subtree.sh: ensure that there are no local commits The goal is to enforce that changes get merged upstream first and only get into the local repo via a normal "git subtree merge". --- verify-subtree.sh | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100755 verify-subtree.sh diff --git a/verify-subtree.sh b/verify-subtree.sh new file mode 100755 index 00000000..ce8375fc --- /dev/null +++ b/verify-subtree.sh @@ -0,0 +1,41 @@ +#! /bin/sh -e +# +# Copyright 2019 The Kubernetes Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# This script verifies that the content of a directory managed +# by "git subtree" has not been modified locally. It does that +# by looking for commits that modify the files with the +# subtree prefix (aka directory) while ignoring merge +# commits. Merge commits are where "git subtree" pulls the +# upstream files into the directory. +# +# Theoretically a developer can subvert this check by modifying files +# in a merge commit, but in practice that shouldn't happen. + +DIR="$1" +if [ ! "$DIR" ]; then + echo "usage: $0 " >&2 + exit 1 +fi + +REV=$(git log -n1 --format=format:%H --no-merges -- "$DIR") +if [ "$REV" ]; then + echo "Directory '$DIR' contains non-upstream changes:" + echo + git log --no-merges -- "$DIR" + exit 1 +else + echo "$DIR is a clean copy of upstream." +fi From 9132a016e9465b0f6af506a9aa372b45aa1bfbe0 Mon Sep 17 00:00:00 2001 From: Patrick Ohly Date: Wed, 23 Jan 2019 14:49:07 +0100 Subject: [PATCH 2/3] test: split up into individual targets, run all "make test" used to abort after the first test failure. That was partly intentional: if the simple tests already fail (for example, because of a syntax error), then there is no point in continuing to test. However, it also makes it harder to find all errors in a CI system when the errors are unrelated (first error shows up, gets fixed, next error shows up, etc.). Now "make test" still aborts early, but "make -k test" is used in the CI and will run all individual tests because they are split up into different targets. --- build.make | 15 +++++++++++++++ travis.yml | 2 +- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/build.make b/build.make index 42146483..4818b512 100644 --- a/build.make +++ b/build.make @@ -89,8 +89,23 @@ clean: -rm -rf bin test: + +.PHONY: test-go +test: test-go +test-go: + @ echo; echo $@ go test `go list ./... | grep -v 'vendor'` $(TESTARGS) + +.PHONY: test-vet +test: test-vet +test-vet: + @ echo; echo $@ go vet `go list ./... | grep -v vendor` + +.PHONY: test-fmt +test: test-fmt +test-fmt: + @ echo; echo $@ files=$$(find . -name '*.go' | grep -v './vendor'); \ if [ $$(gofmt -d $$files | wc -l) -ne 0 ]; then \ echo "formatting errors:"; \ diff --git a/travis.yml b/travis.yml index a44b0017..b5a360af 100644 --- a/travis.yml +++ b/travis.yml @@ -6,7 +6,7 @@ matrix: include: - go: 1.11.1 script: -- make all test +- make -k all test after_success: - if [ "${TRAVIS_PULL_REQUEST}" == "false" ]; then docker login -u "${DOCKER_USERNAME}" -p "${DOCKER_PASSWORD}" quay.io; From f28c6b60aaa5f1ab61cb606744f25cc0ed8081a1 Mon Sep 17 00:00:00 2001 From: Patrick Ohly Date: Wed, 23 Jan 2019 14:52:09 +0100 Subject: [PATCH 3/3] test: verify that 'release-tools' subtree is clean We don't want to allow local modifications in the subtree. Everything should go to the csi-release-tools repo first. --- build.make | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/build.make b/build.make index 4818b512..f07f25e8 100644 --- a/build.make +++ b/build.make @@ -112,3 +112,9 @@ test-fmt: gofmt -d $$files; \ false; \ fi + +.PHONY: test-subtree +test: test-subtree +test-subtree: + @ echo; echo $@ + ./release-tools/verify-subtree.sh release-tools