mirror of
https://github.com/espressif/esp-idf.git
synced 2024-10-05 20:47:46 -04:00
01fed1a52e
Following commit c3afbebf23
("fix: bump esp-idf-sbom to v0.13.0 in pre-commit"),
the validation of submodule hash now relies solely on the information recorded
in the git-tree. Previously, the hash verification used submodule's
working tree hash if available. Since the new submodule hash is recorded
in git-tree only after the commit is created, we need to move the check
into post-commit, otherwise the hash validation checks the old value.
For example:
1. in .gitmodules
[submodule "components/json/cJSON"]
sbom-hash = cb8693b058ba302f4829ec6d03f609ac6f848546
2. update the cJSON
$ git -C components/json/cJSON checkout b45f48e600671feade0b6bd65d1c69de7899f2be
3. update cJSON hash in .gitmodules
[submodule "components/json/cJSON"]
sbom-hash = b45f48e600671feade0b6bd65d1c69de7899f2be
4. commit the changes
$ git commit -a -s
Step 4. will fail, because the validation is currently started in pre-commit stage,
where the hash for cJSON recorded in git-tree is still
cb8693b058ba302f4829ec6d03f609ac6f848546. The new hash b45f48e600671feade0b6bd65d1c69de7899f2be
will be stored in git-tree after the new commit is created.
Note that this means we cannot prevent the commit creation, but only
notify user about the hash inconsistency. If he/she still decides to
push it, it will fail in pre-commit checks in CI.
Signed-off-by: Frantisek Hrbata <frantisek.hrbata@espressif.com>
227 lines
8.4 KiB
YAML
227 lines
8.4 KiB
YAML
# See https://pre-commit.com for more information
|
|
# See https://pre-commit.com/hooks.html for more hooks
|
|
|
|
minimum_pre_commit_version: 3.3.0
|
|
default_install_hook_types: [pre-commit, post-commit, commit-msg]
|
|
default_stages: [pre-commit]
|
|
|
|
repos:
|
|
- repo: https://github.com/pre-commit/pre-commit-hooks
|
|
rev: v4.0.1
|
|
hooks:
|
|
- id: trailing-whitespace
|
|
# note: whitespace exclusions use multiline regex, see https://pre-commit.com/#regular-expressions
|
|
# items are:
|
|
# 1 - some file extensions
|
|
# 2 - any file matching *test*/*expected* (for host tests, if possible use this naming pattern always)
|
|
# 3 - any directory named 'testdata'
|
|
# 4 - protobuf auto-generated files
|
|
exclude: &whitespace_excludes |
|
|
(?x)^(
|
|
.+\.(md|rst|map|bin)|
|
|
.+test.*\/.*expected.*|
|
|
.+\/testdata\/.+|
|
|
.*_pb2.py|
|
|
.*.pb-c.h|
|
|
.*.pb-c.c|
|
|
.*.yuv
|
|
)$
|
|
- id: end-of-file-fixer
|
|
exclude: *whitespace_excludes
|
|
- id: check-executables-have-shebangs
|
|
- id: mixed-line-ending
|
|
args: ['-f=lf']
|
|
- id: double-quote-string-fixer
|
|
- id: no-commit-to-branch
|
|
name: Do not use more than one slash in the branch name
|
|
args: ['--pattern', '^[^/]*/[^/]*/']
|
|
- id: no-commit-to-branch
|
|
name: Do not use uppercase letters in the branch name
|
|
args: ['--pattern', '^[^A-Z]*[A-Z]']
|
|
- repo: https://github.com/PyCQA/flake8
|
|
rev: 5.0.4
|
|
hooks:
|
|
- id: flake8
|
|
args: ['--config=.flake8', '--tee', '--benchmark']
|
|
- repo: https://github.com/pycqa/isort
|
|
rev: 5.12.0 # python 3.8 compatible
|
|
hooks:
|
|
- id: isort
|
|
name: isort (python)
|
|
exclude: >
|
|
(?x)^(
|
|
.*_pb2.py
|
|
)$
|
|
- repo: local
|
|
hooks:
|
|
- id: check-executables
|
|
name: Check File Permissions
|
|
entry: tools/ci/check_executables.py --action executables
|
|
language: python
|
|
types: [executable]
|
|
exclude: '\.pre-commit/.+'
|
|
- id: check-executable-list
|
|
name: Validate executable-list.txt
|
|
entry: tools/ci/check_executables.py --action list
|
|
language: python
|
|
pass_filenames: false
|
|
always_run: true
|
|
- id: check-kconfigs
|
|
name: Validate Kconfig files
|
|
entry: tools/ci/check_kconfigs.py
|
|
language: python
|
|
additional_dependencies:
|
|
- esp-idf-kconfig
|
|
files: '^Kconfig$|Kconfig.*$'
|
|
- id: check-deprecated-kconfigs-options
|
|
name: Check if any Kconfig Options Deprecated
|
|
entry: tools/ci/check_deprecated_kconfigs.py
|
|
language: python
|
|
files: 'sdkconfig\.ci$|sdkconfig\.rename$|sdkconfig.*$'
|
|
- id: cmake-lint
|
|
name: Check CMake Files Format
|
|
entry: cmakelint --linelength=120 --spaces=4 --filter=-whitespace/indent
|
|
language: python
|
|
additional_dependencies:
|
|
- cmakelint==1.4.1
|
|
files: 'CMakeLists.txt$|\.cmake$'
|
|
exclude: '\/third_party\/'
|
|
- id: check-codeowners
|
|
name: Validate Codeowner File
|
|
entry: tools/ci/check_codeowners.py ci-check
|
|
language: python
|
|
always_run: true
|
|
files: '\.gitlab/CODEOWNERS'
|
|
pass_filenames: false
|
|
- id: check-rules-yml
|
|
name: Check rules.yml all rules have at lease one job applied, all rules needed exist
|
|
entry: tools/ci/check_rules_yml.py
|
|
language: python
|
|
files: '\.gitlab/ci/.+\.yml|\.gitlab-ci.yml|\.gitmodules'
|
|
pass_filenames: false
|
|
additional_dependencies:
|
|
- PyYAML == 5.3.1
|
|
- id: check-generated-rules
|
|
name: Check rules are generated (based on .gitlab/ci/dependencies/dependencies.yml)
|
|
entry: tools/ci/generate_rules.py
|
|
language: python
|
|
files: '\.gitlab/ci/dependencies/.+|\.gitlab/ci/.*\.yml'
|
|
pass_filenames: false
|
|
additional_dependencies:
|
|
- PyYAML == 5.3.1
|
|
- id: mypy-check
|
|
name: Check type annotations in python files
|
|
entry: tools/ci/check_type_comments.py
|
|
additional_dependencies:
|
|
- 'mypy==0.940'
|
|
- 'mypy-extensions==0.4.3'
|
|
- 'types-setuptools==57.4.14'
|
|
- 'types-PyYAML==0.1.9'
|
|
exclude: >
|
|
(?x)^(
|
|
.*_pb2.py
|
|
)$
|
|
language: python
|
|
types: [python]
|
|
- id: check-requirement-files
|
|
name: Check requirement files
|
|
entry: tools/ci/check_requirement_files.py
|
|
additional_dependencies:
|
|
- 'jsonschema'
|
|
language: python
|
|
files: 'tools/requirements.+|tools/requirements/.+'
|
|
pass_filenames: false
|
|
- id: check-tools-files-patterns
|
|
name: Check tools dir files patterns
|
|
entry: tools/ci/check_tools_files_patterns.py
|
|
language: python
|
|
files: '^tools/.+'
|
|
additional_dependencies:
|
|
- PyYAML == 5.3.1
|
|
pass_filenames: false
|
|
- id: check-rules-components-patterns
|
|
name: check patterns-build_components in rules.yml
|
|
entry: tools/ci/check_rules_components_patterns.py
|
|
language: python
|
|
files: 'components/.+|.gitlab/ci/rules.yml'
|
|
additional_dependencies:
|
|
- PyYAML == 5.3.1
|
|
pass_filenames: false
|
|
- id: check-generated-soc-caps-kconfig
|
|
name: Check soc caps kconfig files are generated (based on components/soc/IDF_TARGET/include/soc/soc_caps.h)
|
|
entry: tools/gen_soc_caps_kconfig/gen_soc_caps_kconfig.py -d 'components/soc/*/include/soc/' 'components/esp_rom/*/' 'components/spi_flash/*/'
|
|
language: python
|
|
files: 'components/soc/.+/include/soc/.+_caps\.h|components/esp_rom/.+/.+_caps\.h|kconfig\.soc_caps.in|components/spi_flash/.+/.+_caps\.h'
|
|
pass_filenames: false
|
|
additional_dependencies:
|
|
- pyparsing
|
|
- id: check-all-apps-readmes
|
|
name: Check if all apps readme files match given .build-test-rules.yml files. Modify the supported target tables
|
|
entry: tools/ci/check_build_test_rules.py check-readmes
|
|
language: python
|
|
files: 'tools/test_apps/.+|examples/.+|components/.+|tools/idf_py_actions/constants.py|tools/ci/check_build_test_rules.py'
|
|
require_serial: true
|
|
additional_dependencies:
|
|
- PyYAML == 5.3.1
|
|
- idf_build_apps~=1.0
|
|
- id: sort-build-test-rules-ymls
|
|
name: sort .build-test-rules.yml files
|
|
entry: tools/ci/check_build_test_rules.py sort-yaml
|
|
language: python
|
|
files: '\.build-test-rules\.yml'
|
|
additional_dependencies:
|
|
- PyYAML == 5.3.1
|
|
- ruamel.yaml
|
|
- id: check-build-test-rules-path-exists
|
|
name: check path in .build-test-rules.yml exists
|
|
entry: tools/ci/check_build_test_rules.py check-exist
|
|
language: python
|
|
additional_dependencies:
|
|
- PyYAML == 5.3.1
|
|
always_run: true
|
|
pass_filenames: false
|
|
require_serial: true
|
|
- id: cleanup-ignore-lists
|
|
name: Remove non-existing patterns from ignore lists
|
|
entry: tools/ci/cleanup_ignore_lists.py
|
|
language: python
|
|
always_run: true
|
|
require_serial: true
|
|
- repo: https://github.com/pre-commit/pre-commit-hooks
|
|
rev: v4.0.1
|
|
hooks:
|
|
- id: file-contents-sorter
|
|
files: 'tools\/ci\/(executable-list\.txt|mypy_ignore_list\.txt|check_copyright_ignore\.txt)'
|
|
- repo: https://github.com/espressif/check-copyright/
|
|
rev: v1.0.3
|
|
hooks:
|
|
- id: check-copyright
|
|
args: ['--ignore', 'tools/ci/check_copyright_ignore.txt', '--config', 'tools/ci/check_copyright_config.yaml']
|
|
- repo: https://github.com/espressif/conventional-precommit-linter
|
|
rev: v1.4.1
|
|
hooks:
|
|
- id: conventional-precommit-linter
|
|
stages: [commit-msg]
|
|
- repo: https://github.com/espressif/astyle_py.git
|
|
rev: v1.0.5
|
|
hooks:
|
|
- id: astyle_py
|
|
# If you are modifying astyle version, update tools/format.sh as well
|
|
args: ['--astyle-version=3.4.7', '--rules=tools/ci/astyle-rules.yml']
|
|
- repo: https://github.com/shellcheck-py/shellcheck-py
|
|
rev: v0.9.0.5
|
|
hooks:
|
|
- id: shellcheck
|
|
name: shellcheck bash
|
|
args: ['--shell', 'bash', '-x']
|
|
files: 'install.sh|export.sh'
|
|
- id: shellcheck
|
|
name: shellcheck dash (export.sh)
|
|
args: ['--shell', 'dash', '-x']
|
|
files: 'export.sh'
|
|
- repo: https://github.com/espressif/esp-idf-sbom.git
|
|
rev: v0.13.0
|
|
hooks:
|
|
- id: validate-sbom-manifest
|
|
stages: [post-commit]
|