"It should not be merged until it is approved."
)
-###############################################################################
-# 'CHANGES' FILE
-###############################################################################
-#
-# FAIL if any of the following is true:
-#
-# * The merge request does not update the CHANGES file, but it does not have
-# the "No CHANGES" label set. (This attempts to ensure that the author of
-# the MR did not forget about adding a CHANGES entry.)
-#
-# * The merge request updates the CHANGES file, but it has the "No CHANGES"
-# label set. (This attempts to ensure that the "No CHANGES" label is used in
-# a sane way.)
-#
-# * The merge request adds any placeholder entries to the CHANGES file, but it
-# does not target the "main" branch.
-#
-# * The merge request adds a new CHANGES entry that is not a placeholder and
-# does not contain any GitLab/RT issue/MR identifiers.
-
-changes_modified = "CHANGES" in modified_files or "CHANGES.SE" in modified_files
-no_changes_label_set = "No CHANGES" in mr_labels
-if not changes_modified and not no_changes_label_set:
- fail(
- "This merge request does not modify `CHANGES`. "
- "Add a `CHANGES` entry or set the *No CHANGES* label."
- )
-if changes_modified and no_changes_label_set:
- fail(
- "This merge request modifies `CHANGES`. "
- "Revert `CHANGES` modifications or unset the *No Changes* label."
- )
-
-changes_added_lines = added_lines(target_branch, ["CHANGES", "CHANGES.SE"])
-placeholders_added = lines_containing(changes_added_lines, "[placeholder]")
-identifiers_found = filter(changes_issue_or_mr_id_regex.search, changes_added_lines)
-if changes_added_lines:
- if placeholders_added:
- if target_branch != "main":
- fail(
- "This MR adds at least one placeholder entry to `CHANGES`. "
- "It should be targeting the `main` branch."
- )
- elif not any(identifiers_found):
- fail("No valid issue/MR identifiers found in added `CHANGES` entries.")
-
-###############################################################################
-# RELEASE NOTES
-###############################################################################
-#
-# - FAIL if any of the following is true:
-#
-# * The merge request does not update release notes and has the "Release
-# Notes" label set. (This attempts to point out missing release notes.)
-#
-# * The merge request updates release notes but does not have the "Release
-# Notes" label set. (This ensures that merge requests updating release
-# notes can be easily found using the "Release Notes" label.)
-#
-# * A file was added to or deleted from the lib/dns/rdata/ subdirectory but
-# release notes were not modified. This is probably a mistake because new
-# RR types are a user-visible change (and so is removing support for
-# existing ones).
-#
-# * "Release notes" and "No CHANGES" labels are both set at the same time.
-# (If something is worth a release note, it should surely show up in
-# CHANGES.) MRs with certain labels set ("Documentation", "Release") are
-# exempt because these are typically used during release process.
-#
-# - WARN if any of the following is true:
-#
-# * This merge request does not update release notes and has the "Customer"
-# label set. (Except for trivial changes, all merge requests which may
-# be of interest to customers should include a release note.)
-#
-# * This merge request updates release notes, but no GitLab/RT issue/MR
-# identifiers are found in the lines added to the release notes by this
-# MR.
-
-release_notes_regex = re.compile(r"doc/(arm|notes)/notes-.*\.(rst|xml)")
-release_notes_changed = list(filter(release_notes_regex.match, affected_files))
-release_notes_label_set = "Release Notes" in mr_labels
-if not release_notes_changed:
- if release_notes_label_set:
- fail(
- "This merge request has the *Release Notes* label set. "
- "Update release notes or unset the *Release Notes* label."
- )
- elif "Customer" in mr_labels:
- warn(
- "This merge request has the *Customer* label set. "
- "Update release notes unless the changes introduced are trivial."
- )
- rdata_types_add_rm = list(
- filter(rdata_regex.match, danger.git.created_files + danger.git.deleted_files)
- )
- if rdata_types_add_rm:
- fail(
- "This merge request adds new files to `lib/dns/rdata/` and/or "
- "deletes existing files from that directory, which almost certainly "
- "means that it adds support for a new RR type or removes support "
- "for an existing one. Please add a relevant release note."
- )
-if release_notes_changed and not release_notes_label_set:
- fail(
- "This merge request modifies release notes. "
- "Revert release note modifications or set the *Release Notes* label."
- )
-if (
- release_notes_label_set
- and no_changes_label_set
- and not ("Documentation" in mr_labels or "Release" in mr_labels)
-):
- fail(
- "This merge request is labeled with both *Release notes* and *No CHANGES*. "
- "A user-visible change should also be mentioned in the `CHANGES` file."
- )
-
-if release_notes_changed:
- modified_or_new_files = danger.git.modified_files + danger.git.created_files
- release_notes_added = list(filter(release_notes_regex.match, modified_or_new_files))
- notes_added_lines = added_lines(target_branch, release_notes_added)
- identifiers_found = filter(relnotes_issue_or_mr_id_regex.search, notes_added_lines)
- if notes_added_lines and not any(identifiers_found):
- warn("No valid issue/MR identifiers found in added release notes.")
-else:
- notes_added_lines = []
-
-###############################################################################
-# CVE IDENTIFIERS
-###############################################################################
-#
-# FAIL if the merge request adds a CHANGES entry of type [security] and a CVE
-# identifier is missing from either the added CHANGES entry or the added
-# release note.
-
-if lines_containing(changes_added_lines, "[security]"):
- if not lines_containing(changes_added_lines, "(CVE-20"):
- fail(
- "This merge request fixes a security issue. "
- "Please add a CHANGES entry which includes a CVE identifier."
- )
- if not lines_containing(notes_added_lines, ":cve:`20"):
- fail(
- "This merge request fixes a security issue. "
- "Please add a release note which includes a CVE identifier."
- )
-
###############################################################################
# PAIRWISE TESTING
###############################################################################
projects / thirdparty / bind9.git / commitdiff
