TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / ci / tf-a-job-configs.git / refs/heads/openci-migration / . / tf-a-lts-verified-propagater.yaml
blob: b9a8c793a14f82914c389429a4d8463f3d4b30e8 [file] [log] [blame]
Arthur She87e7f392024-01-21 20:03:20 -0800[diff] [blame]1- job:
2 name: tf-a-lts-verified-propagater
Arthur Sheeeef44c2025-01-09 20:48:32 -0800[diff] [blame]3 node: docker-amd64-tf-a-jammy
Arthur She87e7f392024-01-21 20:03:20 -0800[diff] [blame]4 project-type: freestyle
5 concurrent: false
6 description:
7 Triggers whenever a patch in the lts branch get a Verified score.
8 It will vote the same score to the dependent patch
9 disabled: false
10 builders:
11 - shell: |-
Arthur She4b2f9872024-02-04 10:37:34 -0800[diff] [blame]12 - shell: |-
Arthur She87e7f392024-01-21 20:03:20 -0800[diff] [blame]13 #!/bin/bash
Arthur Shec363e562024-01-30 13:07:31 -0800[diff] [blame]14 # This job is triggered by the label Verified +1 or -1 of the patch
15 # it will vote the same score (Verified +1 / Verified -1) to the dependent patch
16 # , if there is any.
17 # For example, P5 -> P4 -> P3 -> P2 -> P1. P5 dependents on P4, and so on
18 # When P5 gets Verified +1, this job will be triggered and set Verified +1 to P4.
19 # P4 gets Verified +1 triggers an other job to set Verified +1 to P3, and so on.
20 # That is how we propagate the Verified score to the entire patch stack
Arthur She87e7f392024-01-21 20:03:20 -0800[diff] [blame]21 set -ex
22
23 echo "########################################################################"
24 echo " Gerrit Environment"
25 env |grep '^GERRIT'
26 echo "########################################################################"
27
28 SSH_PARAMS="-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o PubkeyAcceptedKeyTypes=+ssh-rsa -p 29418 -i ${CI_BOT_KEY}"
29 GERRIT_URL="review.trustedfirmware.org"
30 GERRIT_QUERY_PARAMS="--dependencies --submit-records --format=JSON change:"
Arthur She4b2f9872024-02-04 10:37:34 -0800[diff] [blame]31 QUERY_CMD="${SSH_PARAMS} ${CI_BOT_USERNAME}@${GERRIT_URL} gerrit query ${GERRIT_QUERY_PARAMS}"
32 QUERY_CHANGE_DEPENDS_CMD="${QUERY_CMD}${GERRIT_CHANGE_NUMBER}"
Arthur Shec363e562024-01-30 13:07:31 -0800[diff] [blame]33 REVIEW_MESSAGE="Propagated verified from ${GERRIT_CHANGE_URL}. By ${BUILD_URL}"
Arthur She87e7f392024-01-21 20:03:20 -0800[diff] [blame]34 SET_VERIFIED_CMD="${SSH_PARAMS} ${CI_BOT_USERNAME}@${GERRIT_URL} gerrit review --verified"
35
36 change_url_base=${GERRIT_CHANGE_URL%/*}
Arthur Shec363e562024-01-30 13:07:31 -0800[diff] [blame]37 # Check this example https://ci.trustedfirmware.org/view/TF-A/job/tf-a-lts-verified-propagater/14/console
38 # for what we get from gerrit query command
Arthur She4b2f9872024-02-04 10:37:34 -0800[diff] [blame]39 patch_query=$(ssh ${QUERY_CHANGE_DEPENDS_CMD} | jq .)
Arthur She87e7f392024-01-21 20:03:20 -0800[diff] [blame]40 dependsOn=$(echo ${patch_query} | jq -r 'select(.dependsOn)')
Arthur Shec363e562024-01-30 13:07:31 -0800[diff] [blame]41 # Normally, there would be just one dependent patch
42 # (and that patch would in turn has another dependent patch, that's how a dependency chain is structured)
43 # But Gerrit data model has a list of dependent patches, so we process all just in case
Arthur She87e7f392024-01-21 20:03:20 -0800[diff] [blame]44 dependsOn_rev=($(echo ${dependsOn} | jq -r '.dependsOn[].revision'))
45 dependsOn_no=($(echo ${dependsOn} | jq -r '.dependsOn[].number'))
46 verified_status=$(echo ${patch_query} | jq -r 'select(.submitRecords) | .submitRecords[0].labels[] | select(.label == "Verified") | .status')
Arthur Shec363e562024-01-30 13:07:31 -0800[diff] [blame]47 # Verified label status and value mapping
48 # REJECT: -1
49 # OK: 1
Arthur She87e7f392024-01-21 20:03:20 -0800[diff] [blame]50 verified_value=0
51 if [ "${verified_status}" == "REJECT" ]; then
52 verified_value=-1
Arthur Shea697bed2024-01-24 14:34:39 -0800[diff] [blame]53 elif [ "${verified_status}" == "OK" ]; then
Arthur She87e7f392024-01-21 20:03:20 -0800[diff] [blame]54 verified_value=1
55 fi
Arthur Shec363e562024-01-30 13:07:31 -0800[diff] [blame]56 # Vote the same Verified score to the dependent patch by loop
Arthur She87e7f392024-01-21 20:03:20 -0800[diff] [blame]57 for ((i=0; i<${#dependsOn_rev[@]}; i++))
58 do
Arthur She4b2f9872024-02-04 10:37:34 -0800[diff] [blame]59 # Need to check the .status before set verified score
60 if [ $(ssh ${QUERY_CMD}${dependsOn_no[$i]} | jq -r 'select(.status)|.status') == "MERGED" ]; then
61 echo "The dependent patch ${change_url_base}${dependsOn_no[$i]} has been merged. Don't set Verified score to it!"
62 continue
63 else
64 echo "Set Verified ${verified_value} to: ${change_url_base}/${dependsOn_no[$i]}"
65 ssh ${SET_VERIFIED_CMD} ${verified_value} -m \'\"${REVIEW_MESSAGE}\"\' ${dependsOn_rev[$i]}
66 fi
Arthur She87e7f392024-01-21 20:03:20 -0800[diff] [blame]67 done
68 properties:
69 - build-discarder:
70 days-to-keep: 60
71 num-to-keep: 10
72 triggers:
73 - gerrit:
74 silent: true
75 server-name: 'review.trustedfirmware.org'
76 projects:
77 - branches:
78 - branch-compare-type: REG_EXP
Saheer Babufd524222025-01-21 23:42:41 +0000[diff] [blame]79 branch-pattern: 'openci-migration-lts-v.*'
Arthur She87e7f392024-01-21 20:03:20 -0800[diff] [blame]80 project-compare-type: PLAIN
Saheer Babufd524222025-01-21 23:42:41 +0000[diff] [blame]81 project-pattern: 'next/TF-A/trusted-firmware-a'
Arthur She87e7f392024-01-21 20:03:20 -0800[diff] [blame]82 trigger-on:
83 - comment-added-event:
84 approval-category: "Verified"
85 approval-value: 1
86 - comment-added-event:
87 approval-category: "Verified"
88 approval-value: -1
89 wrappers:
90 - timestamps
91 - credentials-binding:
92 - ssh-user-private-key:
93 credential-id: TFA_CI_BOT_USER_SSH_KEY
94 key-file-variable: CI_BOT_KEY
95 username-variable: CI_BOT_USERNAME
96 passphrase-variable: ''
97 publishers:
98 - workspace-cleanup