diff --git a/.github/workflows/check-D-labels.yml b/.github/workflows/check-D-labels.yml new file mode 100644 index 00000000000..711840a4c8e --- /dev/null +++ b/.github/workflows/check-D-labels.yml @@ -0,0 +1,54 @@ +name: Check D labels + +on: + pull_request: + types: [labeled, opened, synchronize, unlabeled] + paths: + - primitives/** + +jobs: + check-labels: + runs-on: ubuntu-latest + steps: + - name: Checkout sources + uses: actions/checkout@v3 + with: + fetch-depth: 0 + ref: ${{ github.event.pull_request.head.ref }} + repository: ${{ github.event.pull_request.head.repo.full_name }} + + - name: Pull image + env: + IMAGE: paritytech/ruled_labels:0.3.2 + run: docker pull $IMAGE + + - name: Check labels + env: + IMAGE: paritytech/ruled_labels:0.3.2 + MOUNT: /work + GITHUB_PR: ${{ github.event.pull_request.number }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + API_BASE: https://api.github.com/repos + REPO: ${{ github.repository }} + RULES_PATH: scripts/ci/ruled_labels + CHECK_SPECS: specs.yaml + run: | + echo "REPO: ${REPO}" + echo "GITHUB_PR: ${GITHUB_PR}" + + # Fetch the labels for the PR under test + labels=$( curl -H "Authorization: token ${GITHUB_TOKEN}" -s "$API_BASE/${REPO}/pulls/${GITHUB_PR}" | jq '.labels | .[] | .name' | tr "\n" ",") + + if [ -z "${labels}" ]; then + echo "No labels found. Please add labels D labels" + exit 1 + fi + + labels_args=${labels: :-1} + printf "Checking labels: %s\n" "${labels_args}" + + # Prevent the shell from splitting labels with spaces + IFS="," + + # --dev is more useful to debug mode to debug + docker run --rm -i -v $PWD/${RULES_PATH}/:$MOUNT $IMAGE check $MOUNT/$CHECK_SPECS --labels ${labels_args} --dev --tags audit diff --git a/.github/workflows/check-label-rules.yaml b/.github/workflows/check-label-rules.yaml new file mode 100644 index 00000000000..c744a71946b --- /dev/null +++ b/.github/workflows/check-label-rules.yaml @@ -0,0 +1,30 @@ +name: Check label Rules + +on: + push: + paths: + - scripts/ci/ruled_labels/** + +jobs: + check-label-rules: + runs-on: ubuntu-latest + steps: + - name: Checkout sources + uses: actions/checkout@v3 + with: + fetch-depth: 0 + ref: ${{ github.event.pull_request.head.ref }} + repository: ${{ github.event.pull_request.head.repo.full_name }} + + - name: Pull image + env: + IMAGE: paritytech/ruled_labels:0.3.2 + run: docker pull $IMAGE + + - name: Check label Rules + env: + IMAGE: paritytech/ruled_labels:0.3.2 + MOUNT: /work + RULES_PATH: scripts/ci/ruled_labels + run: | + docker run --rm -i -v $PWD/${RULES_PATH}/:$MOUNT $IMAGE test ${MOUNT}/tests.yaml diff --git a/.github/workflows/check-labels-old.yml b/.github/workflows/check-labels-old.yml new file mode 100644 index 00000000000..053cc5f7cf0 --- /dev/null +++ b/.github/workflows/check-labels-old.yml @@ -0,0 +1,26 @@ +# disabled in favor of ruled_labels tool +# name: Check labels + +# on: +# pull_request: +# types: [labeled, opened, synchronize, unlabeled] + + +# jobs: +# check-labels: +# runs-on: ubuntu-latest +# steps: +# - name: Checkout sources +# uses: actions/checkout@v3 +# with: +# fetch-depth: 0 +# ref: ${{ github.event.pull_request.head.ref }} +# repository: ${{ github.event.pull_request.head.repo.full_name }} +# - name: Check labels +# run: bash ${{ github.workspace }}/scripts/ci/github/check_labels.sh +# env: +# GITHUB_PR: ${{ github.event.pull_request.number }} +# GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} +# HEAD_SHA: ${{ github.event.pull_request.head.sha }} +# BASE_SHA: ${{ github.event.pull_request.base.sha }} + diff --git a/.github/workflows/check-labels.yml b/.github/workflows/check-labels.yml index e9d0cf061df..e1cdf33832e 100644 --- a/.github/workflows/check-labels.yml +++ b/.github/workflows/check-labels.yml @@ -9,15 +9,44 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout sources - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0 + uses: actions/checkout@v3 with: fetch-depth: 0 ref: ${{ github.event.pull_request.head.ref }} repository: ${{ github.event.pull_request.head.repo.full_name }} + + - name: Pull image + env: + IMAGE: paritytech/ruled_labels:0.3.2 + run: docker pull $IMAGE + - name: Check labels - run: bash ${{ github.workspace }}/scripts/ci/github/check_labels.sh env: + IMAGE: paritytech/ruled_labels:0.3.2 + MOUNT: /work GITHUB_PR: ${{ github.event.pull_request.number }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - HEAD_SHA: ${{ github.event.pull_request.head.sha }} - BASE_SHA: ${{ github.event.pull_request.base.sha }} + API_BASE: https://api.github.com/repos + REPO: ${{ github.repository }} + RULES_PATH: scripts/ci/ruled_labels + CHECK_SPECS: specs.yaml + run: | + echo "REPO: ${REPO}" + echo "GITHUB_PR: ${GITHUB_PR}" + + # Fetch the labels for the PR under test + labels=$( curl -H "Authorization: token ${GITHUB_TOKEN}" -s "$API_BASE/${REPO}/pulls/${GITHUB_PR}" | jq '.labels | .[] | .name' | tr "\n" ",") + + if [ -z "${labels}" ]; then + echo "No labels found. Please add labels A, B and C labels" + exit 1 + fi + + labels_args=${labels: :-1} + printf "Checking labels: %s\n" "${labels_args}" + + # Prevent the shell from splitting labels with spaces + IFS="," + + # --dev is more useful to debug mode to debug + docker run --rm -i -v $PWD/${RULES_PATH}/:$MOUNT $IMAGE check $MOUNT/$CHECK_SPECS --labels ${labels_args} --dev --tags PR diff --git a/scripts/ci/ruled_labels/specs.yaml b/scripts/ci/ruled_labels/specs.yaml new file mode 100644 index 00000000000..25355dfdf16 --- /dev/null +++ b/scripts/ci/ruled_labels/specs.yaml @@ -0,0 +1,248 @@ +--- +name: paritytech/cumulus +description: Import from paritytech/cumulus +version: 0.0.1 +labels: + - name: A0-please_review + description: Pull request needs code review. + color: "666666" + - name: A1-needs_burnin + description: Pull request needs to be tested on a live validator node before merge. DevOps is notified via matrix + color: c7def8 + - name: A2-insubstantial + description: "Pull request requires no code review (e.g., a sub-repository hash update)." + color: C6C7F8 + - name: A3-in_progress + description: Pull request is in progress. No review needed at this stage. + color: DBC6F8 + - name: A4-companion + description: A PR that should be considered alongside another (usually more comprehensive and detailed) PR. + color: F8C5E7 + - name: A5-stale + description: Pull request did not receive any updates in a long time. No review needed at this stage. Close it. + color: F2C5F8 + - name: A6-backport + description: Pull request is already reviewed well in another branch. + color: F8C5E7 + - name: B0-silent + description: Changes should not be mentioned in any release notes + color: F8C4D0 + - name: B1-note_worthy + description: Changes should be noted in the release notes + color: f9d0c4 + - name: C1-low + description: "PR touches the given topic and has a low impact on builders." + color: EBF7B3 + - name: C3-medium + description: "PR touches the given topic and has a medium impact on builders.." + color: FEF2C0 + - name: C5-high + description: "PR touches the given topic and has a high impact on builders." + color: D4C5F9 + - name: C7-critical + description: "PR touches the given topic and has a critical impact on builders." + color: E99695 + - name: D1-audited 👍 + description: PR contains changes to fund-managing logic that has been properly reviewed and externally audited. + color: C0E7CC + - name: D2-notlive 💤 + description: PR contains changes in a runtime directory that is not deployed to a chain that requires an audit. + color: C209B4 + - name: D3-trivial 🧸 + description: PR contains trivial changes in a runtime directory that do not require an audit + color: 5EDFEE + - name: D5-nicetohaveaudit ⚠️ + description: PR contains trivial changes to logic that should be properly reviewed. + color: c5def5 + - name: D9-needsaudit 👮 + description: PR contains changes to fund-managing logic that should be properly reviewed and externally audited + color: C3EDC0 + - name: E0-runtime_migration + description: PR introduces code that might require downstream chains to run a runtime upgrade. + color: c2e0c6 + - name: E1-database_migration + description: PR introduces code that does a one-way migration of the database. + color: f4f5f9 + - name: E2-dependencies + description: Pull requests that update a dependency file. + color: f2f9f2 + - name: E3-host_functions + description: PR adds new host functions which requires a node release before a runtime upgrade. + color: f9f2f2 + - name: E4-node_first_update + description: This is a runtime change that will require all nodes to be update BEFORE the runtime upgrade. + color: e8d7d7 + - name: F0-breaks_everything + description: "This change breaks the underlying networking, sync or related and thus will cause a fork." + color: bdadad + - name: F1-breaks_authoring + description: This change breaks authorities or authoring code. + color: e99695 + - name: F2-breaks_consensus + description: This change breaks consensus or consensus code. + color: "5319e7" + - name: F3-breaks_API + description: This PR changes public API; next release should be major. + color: cdadad + - name: I0-consensus + description: Issue can lead to a consensus failure. + color: f6d9e9 + - name: I1-panic + description: The node panics and exits without proper error handling. + color: 17b25d + - name: I2-security + description: "The node fails to follow expected, security-sensitive, behaviour." + color: d93f0b + - name: I3-bug + description: The node fails to follow expected behavior. + color: "249899" + - name: I4-annoyance + description: "The node behaves within expectations, however this “expected behaviour” itself is at issue." + color: D6075D + - name: I5-tests + description: "Tests need fixing, improving or augmenting." + color: 6C9C98 + - name: I6-documentation + description: "Documentation needs fixing, improving or augmenting." + color: f48a75 + - name: I7-refactor + description: Code needs refactoring. + color: 0075ca + - name: I8-footprint + description: "An enhancement to provide a smaller (system load, memory, network or disk) footprint." + color: "000000" + - name: I9-optimisation + description: An enhancement to provide better overall performance in terms of time-to-completion for a task. + color: c5def5 + - name: J0-enhancement + description: An additional feature request. + color: c2e0c6 + - name: J1-meta + description: A specific issue for grouping tasks or bugs of a specific category. + color: a2eeef + - name: J2-unconfirmed + description: "Issue might be valid, but it's not yet known." + color: "000000" + - name: J3-intended + description: Issue describes a behavior which turns out to work as intended. Closer should explain why. + color: b10d11 + - name: J4-duplicate + description: Issue is a duplicate. Closer should comment with a link to the duplicate. + color: D62209 + - name: J5-wont_fix + description: "Issue is in principle valid, but this project will not address it. Closer should explain why." + color: FB3701 + - name: J6-invalid + description: Issue is invalid. Closer should comment why. + color: F76E02 + - name: S0-design + description: Issue is in the design stage. + color: f3a603 + - name: S1-implement + description: Issue is in the implementation stage. + color: fbca04 + - name: S2-test/monitor + description: Issue is in the testing stage. + color: dbea04 + - name: S3-deploy + description: Issue is in the deployment stage + color: 34C302 + - name: S4-blocked + description: "Issue is blocked, see comments for further information." + color: "122381" + - name: T3-relay_chain + description: This PR/Issue is related to the relay chain. + color: ffeeee + - name: T4-smart_contracts + description: This PR/Issue is related to smart contracts. + color: 0C7BAD + - name: T5-parachains + description: This PR/Issue is related to Parachains. + color: 0052cc + - name: T10-release + description: This PR/Issue is related to topics touching the release notes. + color: 0052cc + - name: T7-statemint + description: This PR/Issue is related to Statemint + color: 86e62a + - name: T8-CGP + description: This PR/Issue is related to Common Good Parachains. + color: BFDADC + - name: T6-XCM + description: This PR/Issue is related to XCM. + color: d4c5f9 + - name: T9-substrate + description: This is an issue that needs to be implemented upstream in Substrate. + color: 1d76db + - name: U0-drop_everything + description: Everyone should address the issue now. + color: "5319e7" + - name: U1-asap + description: "No need to stop dead in your tracks, however issue should be addressed as soon as possible." + color: fff4ed + - name: U2-some_time_soon + description: Issue is worth doing soon. + color: b60205 + - name: U3-nice_to_have + description: Issue is worth doing eventually. + color: FFF7ED + - name: U4-some_day_maybe + description: Issue might be worth doing eventually. + color: fffbed + - name: T0-node + description: This PR/Issue is related to the topic “node”. + color: fbffe0 + - name: T1-runtime + description: This PR/Issue is related to the topic “runtime”. + color: F5FCE6 + - name: T2-API + description: This PR/Issue is related to APIs. + color: 009B40 + +rules: + - name: Require a single Release (B) label + id: single_b + tags: [PR] + spec: + require: !one_of [B*] + + - name: Release mentions need criticality (C) + id: require_one_c_when_b1 + tags: [PR] + spec: + when: !one_of [B1] + require: !one_of [C*] + + - name: Release mentions need a topic (T) + id: require_one_t_when_b1 + tags: [PR] + spec: + when: !one_of [B1] + require: !one_of [T*] + + - name: One single issue status (S) label allowed + id: single_s + tags: + spec: + when: !some_of [S*] + require: !one_of [S*] + + - name: One single urgency status (U) label allowed + id: single_u + tags: + spec: + when: !some_of [U*] + require: !one_of [U*] + + - name: One single criticality (C) label allowed + id: single_c + tags: [PR] + spec: + when: !some_of [C*] + require: !one_of [C*] + + - name: Require single audit (D) label allowed + id: single_d + tags: [audit] + spec: + require: !one_of [D*] diff --git a/scripts/ci/ruled_labels/test.sh b/scripts/ci/ruled_labels/test.sh new file mode 100755 index 00000000000..200f0927330 --- /dev/null +++ b/scripts/ci/ruled_labels/test.sh @@ -0,0 +1,11 @@ +#!/usr/bin/env bash + +DIR=$(dirname -- "$0") +unset RUST_LOG + +pushd "$DIR" > /dev/null + +ruled-labels --version +ruled-labels test + +popd > /dev/null diff --git a/scripts/ci/ruled_labels/tests.yaml b/scripts/ci/ruled_labels/tests.yaml new file mode 100644 index 00000000000..f7c1e4fae7e --- /dev/null +++ b/scripts/ci/ruled_labels/tests.yaml @@ -0,0 +1,39 @@ +name: Cumulus ruled-labels test cases +spec_file: specs.yaml + +specs: + - name: Pass - Pass all + filter: + id: [ single_b, single_d, single_u, single_s] + labels: [ B1, C1, D1, X1, T4 ] + expected: true + + - name: Fail - Require release label + filter: + id: [ single_b ] + labels: [ A1 ] + expected: false + + - name: Fail - Only one audit label allowed + filter: + id: [ single_d ] + labels: [ D1, B1, D4 ] + expected: false + + - name: Fail - Release need criticality + filter: + id: [ require_one_c_when_b1 ] + labels: [ B1, T1, D1 ] + expected: false + + - name: Fail - Release require one T topics + filter: + id: [ require_one_t_when_b1 ] + labels: [ B1, D1 ] + expected: false + + - name: Fail - Only one criticality label allowed + filter: + id: [ single_c ] + labels: [ B1, C1, C3 ] + expected: false