mirror of
https://github.com/espressif/esp-idf.git
synced 2024-10-05 20:47:46 -04:00
db25ec2a37
Currently sbom manifest is checked only in .gitmodules and this check is done in pre-commit and also in CI. Meaning it's running three times(pre-commit before push if user has it enabled, in CI as there is the pre-commit run again and again with test in CI). Since esp-idf-sbom contains a full manifest validation support and pre-commit plugin for it, let's use it. This removes all the current sbom testing and replaces it with a signle pre-commit plugin which validates all manifests files(sbom.yml, idf_component.yml, .gitmodules and also referenced manifests) in repository. Note that this checks all manifests, not only ones which were modified. The check is reasonably fast though, so it should not cause any problem. The reason for validating all manifest files is that we want to make sure that the sbom information in .gitmodules is updated too and that the hash recorded in .gitmodules is up-to-date. Meaning submodule update would not trigger this plugin, because no manifest was changed. Signed-off-by: Frantisek Hrbata <frantisek.hrbata@espressif.com>
169 lines
6.3 KiB
YAML
169 lines
6.3 KiB
YAML
# See https://pre-commit.com for more information
|
|
# See https://pre-commit.com/hooks.html for more hooks
|
|
|
|
repos:
|
|
- repo: https://github.com/pre-commit/pre-commit-hooks
|
|
rev: v4.0.1
|
|
hooks:
|
|
- id: trailing-whitespace
|
|
# note: whitespace exclusions use multiline regex, see https://pre-commit.com/#regular-expressions
|
|
# items are:
|
|
# 1 - some file extensions
|
|
# 2 - any file matching *test*/*expected* (for host tests, if possible use this naming pattern always)
|
|
# 3 - any directory named 'testdata'
|
|
# 4 - protobuf auto-generated files
|
|
exclude: &whitespace_excludes |
|
|
(?x)^(
|
|
.+\.(md|rst|map|bin)|
|
|
.+test.*\/.*expected.*|
|
|
.+\/testdata\/.+|
|
|
.*_pb2.py|
|
|
.*.pb-c.h|
|
|
.*.pb-c.c|
|
|
.*.yuv
|
|
)$
|
|
- id: end-of-file-fixer
|
|
exclude: *whitespace_excludes
|
|
- id: check-executables-have-shebangs
|
|
- id: mixed-line-ending
|
|
args: ['-f=lf']
|
|
- id: double-quote-string-fixer
|
|
- repo: https://github.com/PyCQA/flake8
|
|
rev: 5.0.4
|
|
hooks:
|
|
- id: flake8
|
|
args: ['--config=.flake8', '--tee', '--benchmark']
|
|
- repo: https://github.com/pycqa/isort
|
|
rev: 5.11.5 # python 3.7 compatible
|
|
hooks:
|
|
- id: isort
|
|
name: isort (python)
|
|
exclude: >
|
|
(?x)^(
|
|
.*_pb2.py
|
|
)$
|
|
- repo: local
|
|
hooks:
|
|
- id: check-executables
|
|
name: Check File Permissions
|
|
entry: tools/ci/check_executables.py --action executables
|
|
language: python
|
|
types: [executable]
|
|
exclude: '\.pre-commit/.+'
|
|
- id: check-executable-list
|
|
name: Validate executable-list.txt
|
|
entry: tools/ci/check_executables.py --action list
|
|
language: python
|
|
pass_filenames: false
|
|
always_run: true
|
|
- id: check-kconfigs
|
|
name: Validate Kconfig files
|
|
entry: tools/ci/check_kconfigs.py
|
|
language: python
|
|
files: '^Kconfig$|Kconfig.*$'
|
|
- id: check-deprecated-kconfigs-options
|
|
name: Check if any Kconfig Options Deprecated
|
|
entry: tools/ci/check_deprecated_kconfigs.py
|
|
language: python
|
|
files: 'sdkconfig\.ci$|sdkconfig\.rename$|sdkconfig.*$'
|
|
- id: cmake-lint
|
|
name: Check CMake Files Format
|
|
entry: cmakelint --linelength=120 --spaces=4 --filter=-whitespace/indent
|
|
language: python
|
|
additional_dependencies:
|
|
- cmakelint==1.4.1
|
|
files: 'CMakeLists.txt$|\.cmake$'
|
|
exclude: '\/third_party\/'
|
|
- id: check-codeowners
|
|
name: Validate Codeowner File
|
|
entry: tools/ci/check_codeowners.py ci-check
|
|
language: python
|
|
always_run: true
|
|
files: '\.gitlab/CODEOWNERS'
|
|
pass_filenames: false
|
|
- id: check-rules-yml
|
|
name: Check rules.yml all rules have at lease one job applied, all rules needed exist
|
|
entry: tools/ci/check_rules_yml.py
|
|
language: python
|
|
files: '\.gitlab/ci/.+\.yml|\.gitlab-ci.yml|\.gitmodules'
|
|
pass_filenames: false
|
|
additional_dependencies:
|
|
- PyYAML == 5.3.1
|
|
- id: check-generated-rules
|
|
name: Check rules are generated (based on .gitlab/ci/dependencies/dependencies.yml)
|
|
entry: tools/ci/generate_rules.py
|
|
language: python
|
|
files: '\.gitlab/ci/dependencies/.+|\.gitlab/ci/.*\.yml'
|
|
pass_filenames: false
|
|
additional_dependencies:
|
|
- PyYAML == 5.3.1
|
|
- id: mypy-check
|
|
name: Check type annotations in python files
|
|
entry: tools/ci/check_type_comments.py
|
|
additional_dependencies:
|
|
- 'mypy==0.940'
|
|
- 'mypy-extensions==0.4.3'
|
|
- 'types-setuptools==57.4.14'
|
|
- 'types-PyYAML==0.1.9'
|
|
exclude: >
|
|
(?x)^(
|
|
.*_pb2.py
|
|
)$
|
|
language: python
|
|
types: [python]
|
|
- id: check-requirement-files
|
|
name: Check requirement files
|
|
entry: tools/ci/check_requirement_files.py
|
|
additional_dependencies:
|
|
- 'jsonschema'
|
|
language: python
|
|
files: 'tools/requirements.+|tools/requirements/.+'
|
|
pass_filenames: false
|
|
- id: check-tools-files-patterns
|
|
name: Check tools dir files patterns
|
|
entry: tools/ci/check_tools_files_patterns.py
|
|
language: python
|
|
files: '^tools/.+'
|
|
additional_dependencies:
|
|
- PyYAML == 5.3.1
|
|
pass_filenames: false
|
|
- id: check-generated-soc-caps-kconfig
|
|
name: Check soc caps kconfig files are generated (based on components/soc/IDF_TARGET/include/soc/soc_caps.h)
|
|
entry: tools/gen_soc_caps_kconfig/gen_soc_caps_kconfig.py -d 'components/soc/*/include/soc/' 'components/esp_rom/*/' 'components/spi_flash/*/'
|
|
language: python
|
|
files: 'components/soc/.+/include/soc/.+_caps\.h|components/esp_rom/.+/.+_caps\.h|kconfig\.soc_caps.in|components/spi_flash/.+/.+_caps\.h'
|
|
pass_filenames: false
|
|
additional_dependencies:
|
|
- pyparsing
|
|
- id: check-all-apps-readmes
|
|
name: Check if all apps readme files match given .build-test-rules.yml files. Modify the supported target tables
|
|
entry: tools/ci/check_build_test_rules.py check-readmes
|
|
language: python
|
|
files: 'tools/test_apps/.+|examples/.+|components/.+|tools/idf_py_actions/constants.py|tools/ci/check_build_test_rules.py'
|
|
require_serial: true
|
|
additional_dependencies:
|
|
- PyYAML == 5.3.1
|
|
- idf_build_apps
|
|
- id: sort-build-test-rules-ymls
|
|
name: sort .build-test-rules.yml files
|
|
entry: tools/ci/check_build_test_rules.py sort-yaml
|
|
language: python
|
|
files: '\.build-test-rules\.yml'
|
|
additional_dependencies:
|
|
- PyYAML == 5.3.1
|
|
- ruamel.yaml
|
|
- repo: https://github.com/pre-commit/pre-commit-hooks
|
|
rev: v4.0.1
|
|
hooks:
|
|
- id: file-contents-sorter
|
|
files: 'tools\/ci\/(executable-list\.txt|mypy_ignore_list\.txt|check_copyright_ignore\.txt)'
|
|
- repo: https://github.com/espressif/check-copyright/
|
|
rev: v1.0.3
|
|
hooks:
|
|
- id: check-copyright
|
|
args: ['--ignore', 'tools/ci/check_copyright_ignore.txt', '--config', 'tools/ci/check_copyright_config.yaml']
|
|
- repo: https://github.com/espressif/esp-idf-sbom.git
|
|
rev: v0.11.0
|
|
hooks:
|
|
- id: validate-sbom-manifest
|