From ef91b8544c9caa59ea6f61aeab54f9e67210ef63 Mon Sep 17 00:00:00 2001 From: Victor Julien Date: Fri, 26 Sep 2025 20:41:22 +0200 Subject: [PATCH] github-actions: add validate cherry-pick line check --- .github/workflows/commits.yml | 3 +++ qa/validate-cp.sh | 40 +++++++++++++++++++++++++++++++++++ 2 files changed, 43 insertions(+) create mode 100755 qa/validate-cp.sh diff --git a/.github/workflows/commits.yml b/.github/workflows/commits.yml index b5922682ad..03a052bd90 100644 --- a/.github/workflows/commits.yml +++ b/.github/workflows/commits.yml @@ -80,6 +80,9 @@ jobs: # The action above is supposed to do this for us, but it doesn't appear to stick. - run: /usr/bin/git config --global --add safe.directory /__w/suricata/suricata - run: git fetch + - name: Checking Cherry-pick lines + run: | + ./qa/validate-cp.sh "${GITHUB_BASE_REF}" - name: Building all commits run: | echo "Building commits from ${GITHUB_BASE_REF}." diff --git a/qa/validate-cp.sh b/qa/validate-cp.sh new file mode 100755 index 0000000000..0f076bc69c --- /dev/null +++ b/qa/validate-cp.sh @@ -0,0 +1,40 @@ +#!/bin/bash + +#set -x +#set -e + +if [ $# -ne 1 ]; then + echo "call with base branch (e.g. main-7.0.x)" + exit 1; +fi + +BASE=$1 +CHECK_BRANCH="${VALIDATE_CHECK_BRANCH:-remotes/origin/main}" + +test_cherrypicked_line() { + REV=$1 + #echo "\"REV $REV\"" + + CHERRY=$(echo $REV | grep '(cherry picked from commit' | awk '{print $5}'|awk -F')' '{print $1}' || return 1) + git branch -a --contains $CHERRY | grep " $CHECK_BRANCH$" &> /dev/null + if [ "$?" -ne 0 ]; then + echo -n "ERROR $CHERRY not found in $CHECK_BRANCH" + return 1 + else + echo -n "OK " + fi +} + +for rev in $(git rev-list --reverse origin/${BASE}..HEAD); do + echo -n "COMMIT $rev: " + + GREPOP=$(git log --format=%B -n 1 $rev | grep 'cherry picked from commit') + if [ ! -z "$GREPOP" ]; then + while IFS= read -r line; do + test_cherrypicked_line "$line" || exit 1 + done <<< "$GREPOP" + echo + else + echo "not a cherry-pick" + fi +done -- 2.47.3