diff --git a/.github/ci-lint-exec.py b/.github/ci-lint-exec.py new file mode 100755 index 00000000000..73749accd6f --- /dev/null +++ b/.github/ci-lint-exec.py @@ -0,0 +1,55 @@ +#!/usr/bin/env python3 +# Copyright (c) The Bitcoin Core developers +# Distributed under the MIT software license, see the accompanying +# file COPYING or https://opensource.org/license/mit. + +import os +import shlex +import subprocess +import sys +import time + + +def run(cmd, **kwargs): + print("+ " + shlex.join(cmd), flush=True) + kwargs.setdefault("check", True) + try: + return subprocess.run(cmd, **kwargs) + except Exception as e: + sys.exit(e) + + +def main(): + CONTAINER_NAME = os.environ["CONTAINER_NAME"] + + build_cmd = [ + "docker", "buildx", "build", + f"--tag={CONTAINER_NAME}", + *shlex.split(os.getenv("DOCKER_BUILD_CACHE_ARG", "")), + "--file=./ci/lint_imagefile", + "." + ] + + if run(build_cmd, check=False).returncode != 0: + print("Retry building image tag after failure") + time.sleep(3) + run(build_cmd) + + extra_env = [] + if os.environ["GITHUB_EVENT_NAME"] == "pull_request": + extra_env = ["--env", "LINT_CI_IS_PR=1"] + if os.environ["GITHUB_EVENT_NAME"] != "pull_request" and os.environ["GITHUB_REPOSITORY"] == "bitcoin/bitcoin": + extra_env = ["--env", "LINT_CI_SANITY_CHECK_COMMIT_SIG=1"] + + run([ + "docker", + "run", + "--rm", + *extra_env, + f"--volume={os.getcwd()}:/bitcoin", + CONTAINER_NAME, + ]) + + +if __name__ == "__main__": + main() diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6203b27927f..880cc90c09e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -621,40 +621,4 @@ jobs: cache-provider: ${{ needs.runners.outputs.provider }} - name: CI script - shell: python - run: | - import os, shlex, subprocess, sys, time - - def run(cmd, **kwargs): - print("+ " + shlex.join(cmd), flush=True) - kwargs.setdefault("check", True) - try: - return subprocess.run(cmd, **kwargs) - except Exception as e: - sys.exit(e) - - CONTAINER_NAME = os.environ["CONTAINER_NAME"] - - build_cmd = [ - "docker", "buildx", "build", - f"--tag={CONTAINER_NAME}", - *shlex.split(os.getenv("DOCKER_BUILD_CACHE_ARG", "")), - "--file=./ci/lint_imagefile", - "." - ] - - if run(build_cmd, check=False).returncode != 0: - print("Retry building image tag after failure") - time.sleep(3) - run(build_cmd) - - CIRRUS_PR_FLAG = [] - if '${{ github.event_name }}' == "pull_request": - CIRRUS_PR_FLAG = ["-e", "CIRRUS_PR=1"] - - run([ - "docker", "run", "--rm", - *CIRRUS_PR_FLAG, - f"--volume={os.getcwd()}:/bitcoin", - CONTAINER_NAME, - ]) + run: python .github/ci-lint-exec.py diff --git a/ci/lint/06_script.sh b/ci/lint/06_script.sh index 6d637c2a438..82e499c29ba 100755 --- a/ci/lint/06_script.sh +++ b/ci/lint/06_script.sh @@ -6,19 +6,19 @@ export LC_ALL=C -set -ex +set -o errexit -o pipefail -o xtrace -if [ -n "$CIRRUS_PR" ]; then +if [ -n "${LINT_CI_IS_PR}" ]; then export COMMIT_RANGE="HEAD~..HEAD" if [ "$(git rev-list -1 HEAD)" != "$(git rev-list -1 --merges HEAD)" ]; then - echo "Error: The top commit must be a merge commit, usually the remote 'pull/${PR_NUMBER}/merge' branch." + echo "Error: The top commit must be a merge commit, usually the remote 'pull//merge' branch." false fi fi RUST_BACKTRACE=1 cargo run --manifest-path "./test/lint/test_runner/Cargo.toml" -if [ "$CIRRUS_REPO_FULL_NAME" = "bitcoin/bitcoin" ] && [ "$CIRRUS_PR" = "" ] ; then +if [ "${LINT_CI_SANITY_CHECK_COMMIT_SIG}" = "1" ] ; then # Sanity check only the last few commits to get notified of missing sigs, # missing keys, or expired keys. Usually there is only one new merge commit # per push on the master branch and a few commits on release branches, so diff --git a/test/lint/README.md b/test/lint/README.md index 7c3798cdefd..1858a2c0edb 100644 --- a/test/lint/README.md +++ b/test/lint/README.md @@ -7,7 +7,7 @@ To run linters locally with the same versions as the CI environment, use the inc Dockerfile: ```sh -DOCKER_BUILDKIT=1 docker build -t bitcoin-linter --file "./ci/lint_imagefile" ./ && docker run --rm -v $(pwd):/bitcoin -it bitcoin-linter +DOCKER_BUILDKIT=1 docker build --platform=linux --tag=bitcoin-linter --file="./ci/lint_imagefile" ./ && docker run --rm -v $(pwd):/bitcoin -it bitcoin-linter ``` Building the container can be done every time, because it is fast when the