Convert check-format-commits.sh to use allowlist

Initially check-format-commits.sh tried to check everything, using a
banlist to exlude files not appropriate for checking.

Its becoming clear that that approach isn't workable, given that the
number of files that we should not check far outweighs the number of
files that we should check.

Ideally we should be checking .c files, .h files and their .in
counterparts, everything else should be excluded (at least for now)

convert the script to using an allowlist, only checking the above list,
and ignoring everything else

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/24865)

diff --git a/util/check-format-commit.sh b/util/check-format-commit.sh
index 9e22bb1227a0d8c0d54ffdd724838181ff3d0acc..35495fce63ff9de2441a045e9a803297e467ab36 100755 (executable)
--- a/util/check-format-commit.sh
+++ b/util/check-format-commit.sh
@@ -12,24 +12,9 @@
 # only to lines that fall into the change ranges of the changed files.
 #
 
-
-# List of Regexes to use when running check-format.pl.
-# Style checks don't apply to any of these
-EXCLUDED_FILE_REGEX=("\.pod" \
-                     "\.pl"  \
-                     "\.pm"  \
-                     "\.t"   \
-                     "\.yml" \
-                     "\.sh" \
-                     "\.cnf" \
-                     "\.conf" \
-                     "\.info" \
-                     "\.md" \
-                     "\.S" \
-                     "\.pem" \
-                     "\.txt" \
-                     "\.dat" \
-                     "Configure") 
+# Allowlist of files to scan
+# Currently this is any .c or .h file (with an optional .in suffix
+FILE_ALLOWLIST=("\.[ch]\(.in\)\?")
 
 # Exit code for the script
 EXIT_CODE=0
@@ -96,19 +81,25 @@ git diff -U0 $COMMIT_RANGE | awk '
         printf myfile " " $3 "\n"
     }' >> $TEMPDIR/ranges.txt || true
 
-# filter out anything that matches on a filter regex
-for i in ${EXCLUDED_FILE_REGEX[@]}
+# filter in anything that matches on a filter regex
+for i in ${FILE_ALLOWLIST[@]}
 do
     touch $TEMPDIR/ranges.filter
-    grep -v "$i" $TEMPDIR/ranges.txt >> $TEMPDIR/ranges.filter || true
-    REMAINING_FILES=$(wc -l $TEMPDIR/ranges.filter | awk '{print $1}')
-    if [ $REMAINING_FILES -eq 0 ]
-    then
-        echo "This commit has no files that require checking"
-        exit 0
-    fi
-    mv $TEMPDIR/ranges.filter $TEMPDIR/ranges.txt
+    # Note the space after the $i below.  This is done because we want
+    # to match on file suffixes, but the input file is of the form
+    # <commit> <file> <range start>, <range length>
+    # So we can't just match on end of line.  The additional space
+    # here lets us match on suffixes followed by the expected space
+    # in the input file
+    grep "$i " $TEMPDIR/ranges.txt >> $TEMPDIR/ranges.filter || true
 done
+cp $TEMPDIR/ranges.filter $TEMPDIR/ranges.txt
+REMAINING_FILES=$(wc -l $TEMPDIR/ranges.filter | awk '{print $1}')
+if [ $REMAINING_FILES -eq 0 ]
+then
+    echo "This commit has no files that require checking"
+    exit 0
+fi
 
 # check out the files from the commit level.
 # For each file name in ranges, we show that file at the commit