mirror of
https://github.com/espressif/esp-idf.git
synced 2024-09-19 14:26:01 -04:00
5df4decf07
Currently sbom manifest is checked only in .gitmodules and this check is done in pre-commit and also in CI. Meaning it's running three times(pre-commit before push if user has it enabled, in CI as there is the pre-commit run again and again with test in CI). Since esp-idf-sbom contains a full manifest validation support and pre-commit plugin for it, let's use it. This removes all the current sbom testing and replaces it with a signle pre-commit plugin which validates all manifests files(sbom.yml, idf_component.yml, .gitmodules and also referenced manifests) in repository. Note that this checks all manifests, not only ones which were modified. The check is reasonably fast though, so it should not cause any problem. The reason for validating all manifest files is that we want to make sure that the sbom information in .gitmodules is updated too and that the hash recorded in .gitmodules is up-to-date. Meaning submodule update would not trigger this plugin, because no manifest was changed. Signed-off-by: Frantisek Hrbata <frantisek.hrbata@espressif.com>
222 lines
8.2 KiB
YAML
222 lines
8.2 KiB
YAML
# See https://pre-commit.com for more information
|
|
# See https://pre-commit.com/hooks.html for more hooks
|
|
|
|
repos:
|
|
- repo: https://github.com/pre-commit/pre-commit-hooks
|
|
rev: v4.0.1
|
|
hooks:
|
|
- id: trailing-whitespace
|
|
# note: whitespace exclusions use multiline regex, see https://pre-commit.com/#regular-expressions
|
|
# items are:
|
|
# 1 - some file extensions
|
|
# 2 - any file matching *test*/*expected* (for host tests, if possible use this naming pattern always)
|
|
# 3 - any directory named 'testdata'
|
|
# 4 - protobuf auto-generated files
|
|
exclude: &whitespace_excludes |
|
|
(?x)^(
|
|
.+\.(md|rst|map|bin)|
|
|
.+test.*\/.*expected.*|
|
|
.+\/testdata\/.+|
|
|
.*_pb2.py|
|
|
.*.pb-c.h|
|
|
.*.pb-c.c|
|
|
.*.yuv
|
|
)$
|
|
- id: end-of-file-fixer
|
|
exclude: *whitespace_excludes
|
|
- id: check-executables-have-shebangs
|
|
- id: mixed-line-ending
|
|
args: ['-f=lf']
|
|
- id: double-quote-string-fixer
|
|
- id: no-commit-to-branch
|
|
name: Do not use more than one slash in the branch name
|
|
args: ['--pattern', '^[^/]*/[^/]*/']
|
|
- id: no-commit-to-branch
|
|
name: Do not use uppercase letters in the branch name
|
|
args: ['--pattern', '^[^A-Z]*[A-Z]']
|
|
- repo: https://github.com/PyCQA/flake8
|
|
rev: 5.0.4
|
|
hooks:
|
|
- id: flake8
|
|
args: ['--config=.flake8', '--tee', '--benchmark']
|
|
- repo: https://github.com/pycqa/isort
|
|
rev: 5.12.0 # python 3.8 compatible
|
|
hooks:
|
|
- id: isort
|
|
name: isort (python)
|
|
exclude: >
|
|
(?x)^(
|
|
.*_pb2.py
|
|
)$
|
|
- repo: local
|
|
hooks:
|
|
- id: check-executables
|
|
name: Check File Permissions
|
|
entry: tools/ci/check_executables.py --action executables
|
|
language: python
|
|
types: [executable]
|
|
exclude: '\.pre-commit/.+'
|
|
- id: check-executable-list
|
|
name: Validate executable-list.txt
|
|
entry: tools/ci/check_executables.py --action list
|
|
language: python
|
|
pass_filenames: false
|
|
always_run: true
|
|
- id: check-kconfigs
|
|
name: Validate Kconfig files
|
|
entry: tools/ci/check_kconfigs.py
|
|
language: python
|
|
additional_dependencies:
|
|
- esp-idf-kconfig
|
|
files: '^Kconfig$|Kconfig.*$'
|
|
- id: check-deprecated-kconfigs-options
|
|
name: Check if any Kconfig Options Deprecated
|
|
entry: tools/ci/check_deprecated_kconfigs.py
|
|
language: python
|
|
files: 'sdkconfig\.ci$|sdkconfig\.rename$|sdkconfig.*$'
|
|
- id: cmake-lint
|
|
name: Check CMake Files Format
|
|
entry: cmakelint --linelength=120 --spaces=4 --filter=-whitespace/indent
|
|
language: python
|
|
additional_dependencies:
|
|
- cmakelint==1.4.1
|
|
files: 'CMakeLists.txt$|\.cmake$'
|
|
exclude: '\/third_party\/'
|
|
- id: check-codeowners
|
|
name: Validate Codeowner File
|
|
entry: tools/ci/check_codeowners.py ci-check
|
|
language: python
|
|
always_run: true
|
|
files: '\.gitlab/CODEOWNERS'
|
|
pass_filenames: false
|
|
- id: check-rules-yml
|
|
name: Check rules.yml all rules have at lease one job applied, all rules needed exist
|
|
entry: tools/ci/check_rules_yml.py
|
|
language: python
|
|
files: '\.gitlab/ci/.+\.yml|\.gitlab-ci.yml|\.gitmodules'
|
|
pass_filenames: false
|
|
additional_dependencies:
|
|
- PyYAML == 5.3.1
|
|
- id: check-generated-rules
|
|
name: Check rules are generated (based on .gitlab/ci/dependencies/dependencies.yml)
|
|
entry: tools/ci/generate_rules.py
|
|
language: python
|
|
files: '\.gitlab/ci/dependencies/.+|\.gitlab/ci/.*\.yml'
|
|
pass_filenames: false
|
|
additional_dependencies:
|
|
- PyYAML == 5.3.1
|
|
- id: mypy-check
|
|
name: Check type annotations in python files
|
|
entry: tools/ci/check_type_comments.py
|
|
additional_dependencies:
|
|
- 'mypy==0.940'
|
|
- 'mypy-extensions==0.4.3'
|
|
- 'types-setuptools==57.4.14'
|
|
- 'types-PyYAML==0.1.9'
|
|
exclude: >
|
|
(?x)^(
|
|
.*_pb2.py
|
|
)$
|
|
language: python
|
|
types: [python]
|
|
- id: check-requirement-files
|
|
name: Check requirement files
|
|
entry: tools/ci/check_requirement_files.py
|
|
additional_dependencies:
|
|
- 'jsonschema'
|
|
language: python
|
|
files: 'tools/requirements.+|tools/requirements/.+'
|
|
pass_filenames: false
|
|
- id: check-tools-files-patterns
|
|
name: Check tools dir files patterns
|
|
entry: tools/ci/check_tools_files_patterns.py
|
|
language: python
|
|
files: '^tools/.+'
|
|
additional_dependencies:
|
|
- PyYAML == 5.3.1
|
|
pass_filenames: false
|
|
- id: check-rules-components-patterns
|
|
name: check patterns-build_components in rules.yml
|
|
entry: tools/ci/check_rules_components_patterns.py
|
|
language: python
|
|
files: 'components/.+|.gitlab/ci/rules.yml'
|
|
additional_dependencies:
|
|
- PyYAML == 5.3.1
|
|
pass_filenames: false
|
|
- id: check-generated-soc-caps-kconfig
|
|
name: Check soc caps kconfig files are generated (based on components/soc/IDF_TARGET/include/soc/soc_caps.h)
|
|
entry: tools/gen_soc_caps_kconfig/gen_soc_caps_kconfig.py -d 'components/soc/*/include/soc/' 'components/esp_rom/*/' 'components/spi_flash/*/'
|
|
language: python
|
|
files: 'components/soc/.+/include/soc/.+_caps\.h|components/esp_rom/.+/.+_caps\.h|kconfig\.soc_caps.in|components/spi_flash/.+/.+_caps\.h'
|
|
pass_filenames: false
|
|
additional_dependencies:
|
|
- pyparsing
|
|
- id: check-all-apps-readmes
|
|
name: Check if all apps readme files match given .build-test-rules.yml files. Modify the supported target tables
|
|
entry: tools/ci/check_build_test_rules.py check-readmes
|
|
language: python
|
|
files: 'tools/test_apps/.+|examples/.+|components/.+|tools/idf_py_actions/constants.py|tools/ci/check_build_test_rules.py'
|
|
require_serial: true
|
|
additional_dependencies:
|
|
- PyYAML == 5.3.1
|
|
- idf_build_apps~=1.0
|
|
- id: sort-build-test-rules-ymls
|
|
name: sort .build-test-rules.yml files
|
|
entry: tools/ci/check_build_test_rules.py sort-yaml
|
|
language: python
|
|
files: '\.build-test-rules\.yml'
|
|
additional_dependencies:
|
|
- PyYAML == 5.3.1
|
|
- ruamel.yaml
|
|
- id: check-build-test-rules-path-exists
|
|
name: check path in .build-test-rules.yml exists
|
|
entry: tools/ci/check_build_test_rules.py check-exist
|
|
language: python
|
|
additional_dependencies:
|
|
- PyYAML == 5.3.1
|
|
always_run: true
|
|
pass_filenames: false
|
|
require_serial: true
|
|
- id: cleanup-ignore-lists
|
|
name: Remove non-existing patterns from ignore lists
|
|
entry: tools/ci/cleanup_ignore_lists.py
|
|
language: python
|
|
always_run: true
|
|
require_serial: true
|
|
- repo: https://github.com/pre-commit/pre-commit-hooks
|
|
rev: v4.0.1
|
|
hooks:
|
|
- id: file-contents-sorter
|
|
files: 'tools\/ci\/(executable-list\.txt|mypy_ignore_list\.txt|check_copyright_ignore\.txt)'
|
|
- repo: https://github.com/espressif/check-copyright/
|
|
rev: v1.0.3
|
|
hooks:
|
|
- id: check-copyright
|
|
args: ['--ignore', 'tools/ci/check_copyright_ignore.txt', '--config', 'tools/ci/check_copyright_config.yaml']
|
|
- repo: https://github.com/espressif/conventional-precommit-linter
|
|
rev: v1.3.0
|
|
hooks:
|
|
- id: conventional-precommit-linter
|
|
stages: [commit-msg]
|
|
- repo: https://github.com/espressif/astyle_py.git
|
|
rev: v1.0.5
|
|
hooks:
|
|
- id: astyle_py
|
|
# If you are modifying astyle version, update tools/format.sh as well
|
|
args: ['--astyle-version=3.4.7', '--rules=tools/ci/astyle-rules.yml']
|
|
- repo: https://github.com/shellcheck-py/shellcheck-py
|
|
rev: v0.9.0.5
|
|
hooks:
|
|
- id: shellcheck
|
|
name: shellcheck bash
|
|
args: ['--shell', 'bash', '-x']
|
|
files: 'install.sh|export.sh'
|
|
- id: shellcheck
|
|
name: shellcheck dash (export.sh)
|
|
args: ['--shell', 'dash', '-x']
|
|
files: 'export.sh'
|
|
- repo: https://github.com/espressif/esp-idf-sbom.git
|
|
rev: v0.11.0
|
|
hooks:
|
|
- id: validate-sbom-manifest
|