Skip to content

Quote shell variables #7

Quote shell variables

Quote shell variables #7

Workflow file for this run

# docs: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
# This workflow implements a check that allows integrators to enforce
# successful completion of testcases that should have been performed
# on internal environments against the code base in the submitted branch.
# For example, this allows internal pipelines to run proprietary toolchains
# to sign-off on the code before allowing GitHub workflows to start.
name: Pre Run Check
on:
workflow_dispatch:
workflow_call:
# TODO TMP remove this vv
push:
branches: ["cwhitehead-msft-pipeline-hash-check"]
jobs:
# Fail if any compile.yml has been modified
# (Microsoft employees use these to run an internal tool)
# Don't run this job for manual runs
compile_yml_check:
name: compile.yml Check
runs-on: ubuntu-22.04
if: ${{ github.event_name == "pull_request" }}

Check failure on line 24 in .github/workflows/pre-run-check.yml

View workflow run for this annotation

GitHub Actions / Pre Run Check

Invalid workflow file

The workflow is not valid. .github/workflows/pre-run-check.yml (Line: 24, Col: 9): Unexpected symbol: '"pull_request"'. Located at position 22 within expression: github.event_name == "pull_request" .github/workflows/pre-run-check.yml (Line: 108, Col: 9): Unexpected symbol: '"push"'. Located at position 22 within expression: github.event_name == "push" || (github.event_name == "pull_request" && github.base_ref == "main")
steps:
- name: Checkout RTL repo
uses: actions/checkout@v4
- name: Compare against target
env:
SOURCE_BR: ${{ github.head_ref }}
TARGET_BR: ${{ github.base_ref }}
run: |
compiles=$(git diff --name-only $TARGET_BR...$SOURCE_BR)
if [[ $(echo "$compiles" | grep -c compile.yml) -gt 0 ]]; then
echo "compile.yml should not be modified for pull requests! Found:"
echo "$compiles"
exit 1
fi
# Build the comparison hash file
hash_check:
name: Hash Check
runs-on: ubuntu-22.04
steps:
- name: Checkout RTL repo
uses: actions/checkout@v4
- name: Gen File List
run: |
find "$GITHUB_WORKSPACE" -type f -name "*.sv" \
-o -name "*.svh" \
-o -name "*.rdl" \
-o -name "*.v" \
-o -name "*.vh" \
-o -name "*.c" \
-o -name "*.h" \
-o -name "pr_timestamp" | sort | tee $GITHUB_WORKSPACE/file_list.txt
sed -i "s,^$GITHUB_WORKSPACE/,," $GITHUB_WORKSPACE/file_list.txt
- name: Run File Hash
run: |
hash=$($GITHUB_WORKSPACE/.github/scripts/rtl_hash.sh $GITHUB_WORKSPACE $GITHUB_WORKSPACE/file_list.txt)
if [[ -z ${hash:+"empty"} ]]; then
echo "Failed to run hash script"
echo $hash
exit 1;
fi
echo "RTL hash is $result"
- name: Check Timestamp
run: |
timestamp_exp=$(bc <<< "$(git log -n1 --pretty=tformat:'%ct')-3600")
if [[ ! -f $GITHUB_WORKSPACE/.github/workflow_metadata/pr_timestamp ]]; then
echo "Error, file not found: $GITHUB_WORKSPACE/.github/workflow_metadata/pr_timestamp"
exit 1
fi
timestamp=$(tail -1 $GITHUB_WORKSPACE/.github/workflow_metadata/pr_hash)
if [[ ${timestamp} -lt ${timestamp_exp} ]]; then
echo "Error, submitted timestamp [${timestamp}] is outdated: it precedes the latest commit to branch by more than an hour [${timestamp_exp}]"
exit 1
fi
- name: Check Hash
run: |
if [[ ! -f $GITHUB_WORKSPACE/.github/workflow_metadata/pr_hash ]]; then
echo "Error, file not found: $GITHUB_WORKSPACE/.github/workflow_metadata/pr_hash"
exit 1
fi
hash_orig=$(tail -1 ${hash_file_org})
if [[ ${hash_orig} != ${hash} ]]; then
echo "Error, submitted hash [${hash_orig}] does not match calculated hash [${hash}]"
exit 1
fi
# Check License Headers
# Check for microsoft employee or that all compile.yml/.vf are untouched
hdr_check:
name: License Header Check
runs-on: ubuntu-22.04
steps:
- name: Checkout RTL repo
uses: actions/checkout@v4
- name: Run Script
run: |
export CALIPTRA_ROOT=$GITHUB_WORKSPACE
$GITHUB_WORKSPACE/.github/scripts/license_header_check.sh
# Check RDL files for modifications
rdl_check:
name: RDL File Check
runs-on: ubuntu-22.04
if: ${{ github.event_name == "push" || (github.event_name == "pull_request" && github.base_ref == "main") }}
steps:
- name: Checkout RTL repo
uses: actions/checkout@v4
# Avoid passing ${{ github.base_ref }} directly to pr_rdl_check.sh in order
# to mitigate possible script injection attacks against repository
- name: Run Script
run: |
export CALIPTRA_ROOT=$GITHUB_WORKSPACE
$GITHUB_WORKSPACE/.github/scripts/pr_rdl_check.sh 'main'