From a463801f6f6237b7cf3db266021c33241827feb7 Mon Sep 17 00:00:00 2001 From: Nikolai Ogorodnik Date: Tue, 5 Nov 2024 07:50:50 +0200 Subject: [PATCH 1/3] Updated exactly .sync dockerfile --- .sync/containers/Ubuntu-22/Dockerfile | 243 +++++++++++++++----------- 1 file changed, 143 insertions(+), 100 deletions(-) diff --git a/.sync/containers/Ubuntu-22/Dockerfile b/.sync/containers/Ubuntu-22/Dockerfile index c25da44b..8cabd3ed 100644 --- a/.sync/containers/Ubuntu-22/Dockerfile +++ b/.sync/containers/Ubuntu-22/Dockerfile @@ -25,25 +25,24 @@ FROM ubuntu:22.04 AS build # Versions -ARG GCC_MAJOR_VERSION=12 -ARG NASM_VERSION=2.16.01 -ARG CSPELL_VERSION=5.20.0 -ARG MARKDOWNLINT_VERSION=0.32.2 - # Visit this NuGet package version page to see the latest version available # https://dev.azure.com/projectmu/acpica/_artifacts/feed/mu_iasl/NuGet/edk2-acpica-iasl/versions -ARG IASL_VERSION=20210105.0.6 - -# Set environment variable to avoid interaction. -ENV DEBIAN_FRONTEND=noninteractive -ENV TZ=UTC +ARG GCC_MAJOR_VERSION=12 \ + NASM_VERSION=2.16.01 \ + CSPELL_VERSION=5.20.0 \ + MARKDOWNLINT_VERSION=0.32.2 \ + IASL_VERSION=20210105.0.6 # Work-around for azure pipelines adding the vsts_azpcontainer user, but not adding # the .local/bin directory to the path which will be used by pip. -ENV PATH $PATH:/home/vsts_azpcontainer/.local/bin +# Set environment variable to avoid interaction. +ENV DEBIAN_FRONTEND=noninteractive \ + TZ=UTC \ + PATH=$PATH:/home/vsts_azpcontainer/.local/bin -RUN apt-get update && \ - apt-get install --yes --no-install-recommends \ +RUN echo "Installing needed system packages" \ + && apt-get update \ + && apt-get install --yes --no-install-recommends \ bison \ ca-certificates \ curl \ @@ -62,13 +61,15 @@ RUN apt-get update && \ sudo \ unzip \ uuid-dev \ - wget \ - && \ - apt-get update && \ - apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys F23C5A6CF475977595C89F51BA6932366A755776 && \ - add-apt-repository ppa:deadsnakes/ppa -y && \ - apt-get update && \ - apt-get install --yes --no-install-recommends \ + wget && \ + echo "\n\n Adding keys, repos" \ + && apt-get update \ + && apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys F23C5A6CF475977595C89F51BA6932366A755776 \ + && add-apt-repository ppa:deadsnakes/ppa -y && \ + + echo "\n\n Installing python/gcc" \ + && apt-get update \ + && apt-get install --yes --no-install-recommends \ {% endraw %}python{{ sync_version.python_version }}{% raw %} \ {% endraw %}python{{ sync_version.python_version }}{% raw %}-distutils \ {% endraw %}python{{ sync_version.python_version }}{% raw %}-venv \ @@ -77,70 +78,93 @@ RUN apt-get update && \ gcc-${GCC_MAJOR_VERSION}-aarch64-linux-gnu \ gcc-${GCC_MAJOR_VERSION}-riscv64-linux-gnu \ gcc-${GCC_MAJOR_VERSION}-arm-linux-gnueabi \ - gcc-${GCC_MAJOR_VERSION}-arm-linux-gnueabihf \ - && \ - curl -O https://bootstrap.pypa.io/get-pip.py && \ - {% endraw %}python{{ sync_version.python_version }}{% raw %} get-pip.py && \ - {% endraw %}python{{ sync_version.python_version }}{% raw %} -m pip install --upgrade setuptools && \ - rm get-pip.py && \ - apt-get upgrade -y && \ - apt-get clean && \ - rm -rf /var/lib/apt/lists/* - -ENV GCC5_AARCH64_PREFIX /usr/bin/aarch64-linux-gnu- -ENV GCC5_ARM_PREFIX /usr/bin/arm-linux-gnueabi- -ENV GCC5_RISCV64_PREFIX /usr/bin/riscv64-linux-gnu- - -RUN pip install pip lcov_cobertura --upgrade - -# RUN npm install -g npm -RUN npm install -g \ + gcc-${GCC_MAJOR_VERSION}-arm-linux-gnueabihf && \ + && curl -O https://bootstrap.pypa.io/get-pip.py \ + && {% endraw %}python{{ sync_version.python_version }}{% raw %} get-pip.py \ + && {% endraw %}python{{ sync_version.python_version }}{% raw %} -m pip install --upgrade setuptools \ + && rm get-pip.py \ + && apt-get upgrade -y && \ + + echo "\n\n Cleaning cache" \ + && apt-get autoremove \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* + +ENV GCC5_AARCH64_PREFIX /usr/bin/aarch64-linux-gnu- \ + GCC5_ARM_PREFIX /usr/bin/arm-linux-gnueabi- \ + GCC5_RISCV64_PREFIX /usr/bin/riscv64-linux-gnu- + +RUN echo "Upgrading pip/lcov_cobertura" \ + && pip install pip lcov_cobertura --upgrade && \ + + echo "\n\n npm packages" \ + && npm install -g \ cspell@${CSPELL_VERSION} \ - markdownlint-cli@${MARKDOWNLINT_VERSION} + markdownlint-cli@${MARKDOWNLINT_VERSION} && \ -RUN wget -O - https://www.nasm.us/pub/nasm/releasebuilds/${NASM_VERSION}/nasm-${NASM_VERSION}.tar.gz | \ - tar xz && cd nasm-${NASM_VERSION} && \ - ./autogen.sh && ./configure && make -j $(nproc) && make install && \ - cd .. && rm -rf nasm-${NASM_VERSION} + echo "\n\n Building nasm" \ + && wget -O - https://www.nasm.us/pub/nasm/releasebuilds/${NASM_VERSION}/nasm-${NASM_VERSION}.tar.gz | tar xz \ + && cd nasm-${NASM_VERSION} \ + && ./autogen.sh \ + && ./configure \ + && make -j $(nproc) \ + && make install \ + && cd .. \ + && rm -rf nasm-${NASM_VERSION} && \ -RUN mkdir -p iasl_temp && cd iasl_temp && \ - wget -O iasl_${IASL_VERSION}.nupkg "https://pkgs.dev.azure.com/projectmu/acpica/_apis/packaging/feeds/mu_iasl/nuget/packages/edk2-acpica-iasl/versions/${IASL_VERSION}/content?api-version=6.0-preview.1" && \ - unzip iasl_${IASL_VERSION}.nupkg -d /iasl_pkg_contents && \ - find /iasl_pkg_contents -type f -name "iasl" -exec cp {} /usr/bin \; && chmod +x /usr/bin/iasl && \ - cd .. && rm -rf iasl_temp + echo "\n\n Iasl_temp" \ + && mkdir -p iasl_temp \ + && cd iasl_temp \ + && wget -O iasl_${IASL_VERSION}.nupkg "https://pkgs.dev.azure.com/projectmu/acpica/_apis/packaging/feeds/mu_iasl/nuget/packages/edk2-acpica-iasl/versions/${IASL_VERSION}/content?api-version=6.0-preview.1" \ + && unzip iasl_${IASL_VERSION}.nupkg -d /iasl_pkg_contents \ + && find /iasl_pkg_contents -type f -name "iasl" -exec cp {} /usr/bin \; \ + && chmod +x /usr/bin/iasl \ + && cd .. \ + && rm -rf iasl_temp && \ -RUN wget -q "https://packages.microsoft.com/config/ubuntu/$(lsb_release -rs)/packages-microsoft-prod.deb" && \ - dpkg -i packages-microsoft-prod.deb && rm packages-microsoft-prod.deb && \ - apt-get update && apt-get install -y powershell && apt-get clean + echo "\n\n Installing microsoft-prod packages" \ + && wget -q "https://packages.microsoft.com/config/ubuntu/$(lsb_release -rs)/packages-microsoft-prod.deb" \ + && dpkg -i packages-microsoft-prod.deb \ + && rm packages-microsoft-prod.deb \ + && apt-get update \ + && apt-get install -y powershell && \ + echo "\n\n Cleaning cache" \ + && apt-get autoremove \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* + # # Rust support # -ENV CARGO_HOME="$HOME/.cargo" -ENV RUSTUP_HOME="$HOME/.rustup" -ENV PATH="$CARGO_HOME/bin:$PATH" +ENV CARGO_HOME="$HOME/.cargo" \ + RUSTUP_HOME="$HOME/.rustup" \ + PATH="$CARGO_HOME/bin:$PATH" # Install Rust/Cargo and extras (rust-src, rust fmt, cargo-make, cargo-tarpaulin) -RUN VERSION_URL="https://raw.githubusercontent.com/microsoft/mu_devops/main/.sync/Version.njk" && \ - RUST_VERSION=$(curl -s ${VERSION_URL} | grep -oP '(?<=rust_toolchain = ").*(?=")') && \ - curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain ${RUST_VERSION} --profile minimal && \ - rustup component add rustfmt rust-src --toolchain ${RUST_VERSION}-x86_64-unknown-linux-gnu - -RUN mkdir cargo_downloads && \ - cd cargo_downloads && \ - TAG_NAME=$(curl -s https://api.github.com/repos/sagiegurari/cargo-make/releases/latest | jq -r '.tag_name') && \ - DOWNLOAD_URL="https://github.com/sagiegurari/cargo-make/releases/download/$TAG_NAME/cargo-make-v$TAG_NAME-x86_64-unknown-linux-gnu.zip" && \ - curl -L -o cargo-make.zip "$DOWNLOAD_URL" && \ - unzip cargo-make.zip && \ - mv cargo-make-v$TAG_NAME-x86_64-unknown-linux-gnu/cargo-make $CARGO_HOME/bin/ && \ - TAG_NAME=$(curl -s https://api.github.com/repos/xd009642/tarpaulin/releases/latest | jq -r '.tag_name') && \ - DOWNLOAD_URL="https://github.com/xd009642/tarpaulin/releases/download/$TAG_NAME/cargo-tarpaulin-x86_64-unknown-linux-gnu.tar.gz" && \ - curl -L -o cargo-tarpaulin.tar.gz "$DOWNLOAD_URL" && \ - tar -xzvf cargo-tarpaulin.tar.gz && \ - mv cargo-tarpaulin $CARGO_HOME/bin/ && \ - cd .. && \ - rm -r cargo_downloads +RUN echo "Installing Rust/Cargo and extras (rust-src, rust fmt)" \ + && VERSION_URL="https://raw.githubusercontent.com/microsoft/mu_devops/main/.sync/Version.njk" \ + && RUST_VERSION=$(curl -s ${VERSION_URL} | grep -oP '(?<=rust_toolchain = ").*(?=")') \ + && curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain ${RUST_VERSION} --profile minimal \ + && . /.cargo/env \ + && rustup component add rustfmt rust-src --toolchain ${RUST_VERSION}-x86_64-unknown-linux-gnu && \ + + echo "\n\n Installing cargo-make, cargo-tarpaulin" \ + && mkdir cargo_downloads \ + && cd cargo_downloads \ + && TAG_NAME=$(curl -s https://api.github.com/repos/sagiegurari/cargo-make/releases/latest | jq -r '.tag_name') \ + && DOWNLOAD_URL="https://github.com/sagiegurari/cargo-make/releases/download/$TAG_NAME/cargo-make-v$TAG_NAME-x86_64-unknown-linux-gnu.zip" \ + && curl -L -o cargo-make.zip "$DOWNLOAD_URL" \ + && unzip cargo-make.zip \ + && mv cargo-make-v$TAG_NAME-x86_64-unknown-linux-gnu/cargo-make $CARGO_HOME/bin/ \ + && TAG_NAME=$(curl -s https://api.github.com/repos/xd009642/tarpaulin/releases/latest | jq -r '.tag_name') \ + && DOWNLOAD_URL="https://github.com/xd009642/tarpaulin/releases/download/$TAG_NAME/cargo-tarpaulin-x86_64-unknown-linux-gnu.tar.gz" \ + && curl -L -o cargo-tarpaulin.tar.gz "$DOWNLOAD_URL" \ + && tar -xzvf cargo-tarpaulin.tar.gz \ + && mv cargo-tarpaulin $CARGO_HOME/bin/ \ + && cd .. \ + && rm -r cargo_downloads # # Alternatives @@ -148,42 +172,47 @@ RUN mkdir cargo_downloads && \ {% endraw %} RUN update-alternatives \ - --install /usr/bin/python python /usr/bin/python{{ sync_version.python_version }} 1 && \ - update-alternatives \ - --install /usr/bin/python3 python3 /usr/bin/python{{ sync_version.python_version }} 1 && \ - update-alternatives \ + --install /usr/bin/python python /usr/bin/python{{ sync_version.python_version }} 1 \ + && update-alternatives \ + --install /usr/bin/python3 python3 /usr/bin/python{{ sync_version.python_version }} 1 \ + && update-alternatives \ --install /usr/bin/gcc gcc /usr/bin/gcc-${GCC_MAJOR_VERSION} 100 \ --slave /usr/bin/g++ g++ /usr/bin/g++-${GCC_MAJOR_VERSION} \ --slave /usr/bin/gcc-ar gcc-ar /usr/bin/gcc-ar-${GCC_MAJOR_VERSION} \ --slave /usr/bin/gcc-nm gcc-nm /usr/bin/gcc-nm-${GCC_MAJOR_VERSION} \ --slave /usr/bin/gcc-ranlib gcc-ranlib /usr/bin/gcc-ranlib-${GCC_MAJOR_VERSION} \ - --slave /usr/bin/gcov gcov /usr/bin/gcov-${GCC_MAJOR_VERSION} && \ - update-alternatives \ - --install /usr/bin/cpp cpp /usr/bin/cpp-${GCC_MAJOR_VERSION} 100 && \ - update-alternatives \ + --slave /usr/bin/gcov gcov /usr/bin/gcov-${GCC_MAJOR_VERSION} \ + && update-alternatives \ + --install /usr/bin/cpp cpp /usr/bin/cpp-${GCC_MAJOR_VERSION} 100 \ + && update-alternatives \ --install /usr/bin/aarch64-linux-gnu-gcc aarch64-linux-gnu-gcc /usr/bin/aarch64-linux-gnu-gcc-${GCC_MAJOR_VERSION} 100 \ --slave /usr/bin/aarch64-linux-gnu-cpp aarch64-linux-gnu-cpp /usr/bin/aarch64-linux-gnu-cpp-${GCC_MAJOR_VERSION} \ --slave /usr/bin/aarch64-linux-gnu-g++ aarch64-linux-gnu-g++ /usr/bin/aarch64-linux-gnu-g++-${GCC_MAJOR_VERSION} \ --slave /usr/bin/aarch64-linux-gnu-gcc-ar aarch64-linux-gnu-gcc-ar /usr/bin/aarch64-linux-gnu-gcc-ar-${GCC_MAJOR_VERSION} \ --slave /usr/bin/aarch64-linux-gnu-gcc-nm aarch64-linux-gnu-gcc-nm /usr/bin/aarch64-linux-gnu-gcc-nm-${GCC_MAJOR_VERSION} \ --slave /usr/bin/aarch64-linux-gnu-gcc-ranlib aarch64-linux-gnu-gcc-ranlib /usr/bin/aarch64-linux-gnu-gcc-ranlib-${GCC_MAJOR_VERSION} \ - --slave /usr/bin/aarch64-linux-gnu-gcov aarch64-linux-gnu-gcov /usr/bin/aarch64-linux-gnu-gcov-${GCC_MAJOR_VERSION} && \ - update-alternatives \ + --slave /usr/bin/aarch64-linux-gnu-gcov aarch64-linux-gnu-gcov /usr/bin/aarch64-linux-gnu-gcov-${GCC_MAJOR_VERSION} \ + && update-alternatives \ --install /usr/bin/arm-linux-gnueabi-gcc arm-linux-gnueabi-gcc /usr/bin/arm-linux-gnueabi-gcc-${GCC_MAJOR_VERSION} 100 \ --slave /usr/bin/arm-linux-gnueabi-cpp arm-linux-gnueabi-cpp /usr/bin/arm-linux-gnueabi-cpp-${GCC_MAJOR_VERSION} \ --slave /usr/bin/arm-linux-gnueabi-g++ arm-linux-gnueabi-g++ /usr/bin/arm-linux-gnueabi-g++-${GCC_MAJOR_VERSION} \ --slave /usr/bin/arm-linux-gnueabi-gcc-ar arm-linux-gnueabi-gcc-ar /usr/bin/arm-linux-gnueabi-gcc-ar-${GCC_MAJOR_VERSION} \ --slave /usr/bin/arm-linux-gnueabi-gcc-nm arm-linux-gnueabi-gcc-nm /usr/bin/arm-linux-gnueabi-gcc-nm-${GCC_MAJOR_VERSION} \ --slave /usr/bin/arm-linux-gnueabi-gcc-ranlib arm-linux-gnueabi-gcc-ranlib /usr/bin/arm-linux-gnueabi-gcc-ranlib-${GCC_MAJOR_VERSION} \ - --slave /usr/bin/arm-linux-gnueabi-gcov arm-linux-gnueabi-gcov /usr/bin/arm-linux-gnueabi-gcov-${GCC_MAJOR_VERSION} && \ - update-alternatives \ + --slave /usr/bin/arm-linux-gnueabi-gcov arm-linux-gnueabi-gcov /usr/bin/arm-linux-gnueabi-gcov-${GCC_MAJOR_VERSION} \ + && update-alternatives \ --install /usr/bin/riscv64-linux-gnu-gcc riscv64-linux-gnu-gcc /usr/bin/riscv64-linux-gnu-gcc-${GCC_MAJOR_VERSION} 100 \ --slave /usr/bin/riscv64-linux-gnu-cpp riscv64-linux-gnu-cpp /usr/bin/riscv64-linux-gnu-cpp-${GCC_MAJOR_VERSION} \ --slave /usr/bin/riscv64-linux-gnu-g++ riscv64-linux-gnu-g++ /usr/bin/riscv64-linux-gnu-g++-${GCC_MAJOR_VERSION} \ --slave /usr/bin/riscv64-linux-gnu-gcc-ar riscv64-linux-gnu-gcc-ar /usr/bin/riscv64-linux-gnu-gcc-ar-${GCC_MAJOR_VERSION} \ --slave /usr/bin/riscv64-linux-gnu-gcc-nm riscv64-linux-gnu-gcc-nm /usr/bin/riscv64-linux-gnu-gcc-nm-${GCC_MAJOR_VERSION} \ --slave /usr/bin/riscv64-linux-gnu-gcc-ranlib riscv64-linux-gnu-gcc-ranlib /usr/bin/riscv64-linux-gnu-gcc-ranlib-${GCC_MAJOR_VERSION} \ - --slave /usr/bin/riscv64-linux-gnu-gcov riscv64-linux-gnu-gcov /usr/bin/riscv64-linux-gnu-gcov-${GCC_MAJOR_VERSION} + --slave /usr/bin/riscv64-linux-gnu-gcov riscv64-linux-gnu-gcov /usr/bin/riscv64-linux-gnu-gcov-${GCC_MAJOR_VERSION} && \ + + echo "\n\n\n Cleaning cache" \ + && apt-get autoremove \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* {% raw %} # @@ -192,10 +221,12 @@ RUN update-alternatives \ # FROM build AS test -ARG QEMU_URL="https://gitlab.com/qemu-project/qemu.git" -ARG QEMU_BRANCH="v9.0.0" +ARG QEMU_URL="https://gitlab.com/qemu-project/qemu.git" \ + QEMU_BRANCH="v9.0.0" -RUN apt-get update && apt-get install --yes --no-install-recommends \ +RUN echo "Installing needed software" \ + && apt-get update \ + && apt-get install --yes --no-install-recommends \ autoconf \ automake \ autotools-dev \ @@ -211,14 +242,20 @@ RUN apt-get update && apt-get install --yes --no-install-recommends \ ninja-build \ tar \ && \ - git clone "${QEMU_URL}" --branch "${QEMU_BRANCH}" --depth 1 qemu && \ - cd qemu && \ - ./configure --target-list=x86_64-softmmu,aarch64-softmmu --enable-gtk && \ - make install -j $(nproc) && \ - cd .. && \ - rm -rf qemu && \ - apt remove --yes ninja-build && \ - apt-get clean + + echo "\n\n Installing/Building qemu" \ + && git clone "${QEMU_URL}" --branch "${QEMU_BRANCH}" --depth 1 qemu \ + && cd qemu \ + && ./configure --target-list=x86_64-softmmu,aarch64-softmmu --enable-gtk \ + && make install -j $(nproc) \ + && cd .. \ + && rm -rf qemu \ + && apt-get remove --yes ninja-build && \ + + echo "\n\n Cleaning cache" \ + && apt-get autoremove \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* # # The dev container layer is intended for local use and has more robust tooling @@ -226,10 +263,16 @@ RUN apt-get update && apt-get install --yes --no-install-recommends \ # FROM test AS dev -RUN apt-get update && \ - apt-get install --yes --no-install-recommends \ +RUN echo "Installing nano/less" \ + && apt-get update \ + && apt-get install --yes --no-install-recommends \ nano \ less \ && \ - apt-get clean + + echo "\n\n Cleaning cache" \ + && apt-get autoremove \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* + {% endraw %} From 24d6aeb4bfd000d2d8f3d9eab75c9649ccd17052 Mon Sep 17 00:00:00 2001 From: Michael Kubacki Date: Fri, 1 Nov 2024 11:33:49 -0400 Subject: [PATCH 2/3] Add release branch backport workflow (#386) Closes #372 This new workflow will attempt to automatically cherry-pick marked contributions to a development branch to its corresponding release branch. If a merge conflict occurs, the commit is committed to a new branch with merge markers and then a PR is created into the target branch with those markers. The PR is labeled with `type:release-merge-conflict` to indicate that it needs manual resolution. The PR (if created) is expected to fail compilation and status checks of course due to the merge conflict markers. A human should then checkout the PR branch, resolve the conflicts, and push the changes back to the PR branch. --- - To mark a PR going into the development branch so that it should be cherry-picked to the release branch, add the `type:backport` label to the PR. --- Notes: - The workflow is synced to all repos that currently have a `dev` branch. - Each repo that `backport-to-release-branch.yml` is synced to must have a `CHERRY_PICK_TOKEN` defined with repo write permission. Signed-off-by: Michael Kubacki --- .sync/Files.yml | 37 ++- .../pull_requests/pull_request_template.md | 3 + .../label-issues/regex-pull-requests.yml | 9 +- .../leaf/backport-to-release-branch.yml | 235 ++++++++++++++++++ 4 files changed, 275 insertions(+), 9 deletions(-) create mode 100644 .sync/workflows/leaf/backport-to-release-branch.yml diff --git a/.sync/Files.yml b/.sync/Files.yml index 0e48ba7b..7a2696ec 100644 --- a/.sync/Files.yml +++ b/.sync/Files.yml @@ -403,6 +403,20 @@ group: microsoft/mu_tiano_platforms microsoft/mu_tiano_plus +# Leaf Workflow - Backport Dev Branch Changes to Release Branch + - files: + - source: .sync/workflows/leaf/backport-to-release-branch.yml + dest: .github/workflows/backport-to-release-branch.yml + template: true + repos: | + microsoft/mu_basecore + microsoft/mu_common_intel_min_platform + microsoft/mu_oem_sample + microsoft/mu_plus + microsoft/mu_silicon_arm_tiano + microsoft/mu_silicon_intel_tiano + microsoft/mu_tiano_plus + # Leaf Workflow - CodeQL # Note: This workflow should be used in repos that build firmware # packages from a CI builder (i.e. a CISettings.py file). @@ -658,13 +672,29 @@ group: repos: | microsoft/mu_tiano_platforms -# Pull Request Template - Common Template +# Pull Request Template - Common Template - Backport Option - files: - source: .sync/github_templates/pull_requests/pull_request_template.md dest: .github/pull_request_template.md + template: + additional_checkboxes: + - Backport to release branch? repos: | microsoft/mu_basecore microsoft/mu_common_intel_min_platform + microsoft/mu_oem_sample + microsoft/mu_plus + microsoft/mu_silicon_arm_tiano + microsoft/mu_silicon_intel_tiano + microsoft/mu_tiano_plus + +# Pull Request Template - Common Template + - files: + - source: .sync/github_templates/pull_requests/pull_request_template.md + dest: .github/pull_request_template.md + template: + additional_checkboxes: [] + repos: | microsoft/mu_crypto_release microsoft/mu_feature_config microsoft/mu_feature_debugger @@ -672,15 +702,10 @@ group: microsoft/mu_feature_ipmi microsoft/mu_feature_mm_supv microsoft/mu_feature_uefi_variable - microsoft/mu_oem_sample - microsoft/mu_plus microsoft/mu_rust_helpers microsoft/mu_rust_hid microsoft/mu_rust_pi - microsoft/mu_silicon_arm_tiano - microsoft/mu_silicon_intel_tiano microsoft/mu_tiano_platforms - microsoft/mu_tiano_plus # Rust - Pipeline Files - files: diff --git a/.sync/github_templates/pull_requests/pull_request_template.md b/.sync/github_templates/pull_requests/pull_request_template.md index eb455e34..4388294a 100644 --- a/.sync/github_templates/pull_requests/pull_request_template.md +++ b/.sync/github_templates/pull_requests/pull_request_template.md @@ -9,6 +9,9 @@ For details on how to complete these options and their meaning refer to [CONTRIB - [ ] Breaking change? - [ ] Includes tests? - [ ] Includes documentation? +{% for additional_checkbox in additional_checkboxes %} +- [ ] {{ additional_checkbox }} +{% endfor %} ## How This Was Tested diff --git a/.sync/workflows/config/label-issues/regex-pull-requests.yml b/.sync/workflows/config/label-issues/regex-pull-requests.yml index 484fc6ce..8cb0b123 100644 --- a/.sync/workflows/config/label-issues/regex-pull-requests.yml +++ b/.sync/workflows/config/label-issues/regex-pull-requests.yml @@ -14,9 +14,15 @@ # Maintenance: Keep labels organized in ascending alphabetical order - easier to scan, identify duplicates, etc. +type:backport: + - '\s*-\s*\[\s*[x|X]\s*\] Backport to release branch\?' + impact:breaking-change: - '\s*-\s*\[\s*[x|X]\s*\] Breaking change\?' +type:documentation: + - '\s*-\s*\[\s*[x|X]\s*\] Includes documentation\?' + impact:non-functional: - '\s*-\s*\[\s*(?![x|X])\s*\] Impacts functionality\?' @@ -25,6 +31,3 @@ impact:security: impact:testing: - '\s*-\s*\[\s*[x|X]\s*\] Includes tests\?' - -type:documentation: - - '\s*-\s*\[\s*[x|X]\s*\] Includes documentation\?' diff --git a/.sync/workflows/leaf/backport-to-release-branch.yml b/.sync/workflows/leaf/backport-to-release-branch.yml new file mode 100644 index 00000000..85651e42 --- /dev/null +++ b/.sync/workflows/leaf/backport-to-release-branch.yml @@ -0,0 +1,235 @@ +# This workflow moves marked commits from a development branch to a release branch. +# +# Each commit in the development branch is cherry-picked to the release branch if the commit originates from a merged +# PR that is marked for backport. +# +# Merge conflicts should be rare. Should one occur, the changes are committed to a new branch with merge markers and +# then a PR is created into the target branch with those markers. The PR is labeled with "type:release-merge-conflict" +# to indicate that it needs manual resolution. +# +# The PR is expected to fail compilation and status checks (of course) due to the merge conflict markers. A human +# should then checkout the PR branch, resolve the conflicts, and push the changes back to the PR branch. +# +# NOTE: This file is automatically synchronized from Mu DevOps. Update the original file there +# instead of the file in this repo. +# +# - Mu DevOps Repo: https://github.com/microsoft/mu_devops +# - File Sync Settings: https://github.com/microsoft/mu_devops/blob/main/.sync/Files.yml +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +# + +{% import '../../Version.njk' as sync_version -%} + +name: Backport Commits to Release Branch + +on: + push: + branches: + - {{ sync_version.latest_mu_release_branch | replace("release", "dev") }} + +{% raw %}jobs: + backport: + name: Backport Dev Branch Commits to Release Branch + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + token: ${{ secrets.CHERRY_PICK_TOKEN }} + + - name: Determine Contribution Info + id: backport_info + uses: actions/github-script@v7 + with: + script: | + const BOLD = "\u001b[1m"; + const GREEN = "\u001b[32m"; + + const ref = process.env.GITHUB_REF; + const sourceBranchName = ref.replace('refs/heads/', ''); + const targetBranchName = sourceBranchName.replace('dev', 'release'); + + const commits = context.payload.commits; + const commitCount = commits.length; + + if (commits.length === 0) { + console.log(GREEN + "No commits found. Exiting workflow."); + core.setOutput('backport_needed', 'false'); + process.exit(0); + } + + console.log(`Source branch name is ${sourceBranchName}`); + console.log(`Target branch name is ${targetBranchName}\n`); + + core.startGroup(`${commitCount} Commit(s) in this Contribution`); + commits.forEach((commit, index) => { + console.log(BOLD + `Commit #${index + 1}: ${commit.id}`); + console.log(`${commit.message}\n`); + }); + core.endGroup(); + + core.setOutput('backport_needed', 'true'); + core.setOutput('source_branch_name', sourceBranchName); + core.setOutput('target_branch_name', targetBranchName); + core.setOutput('first_commit_id', commits[0].id); + core.setOutput('commits', JSON.stringify(commits)); + core.setOutput('commit_by_id', commits.map(commit => commit.id).join(' ')); + core.setOutput('commit_messages', commits.map(commit => `${commit.message.split('\n')[0]}\n${commit.message.split('\n').slice(1).join('\n')}\n---`).join('\n')); + core.setOutput('commit_count', commitCount); + + - name: Check if Backport is Requested + id: backport_check + uses: actions/github-script@v7 + with: + script: | + if (${{ steps.backport_info.outputs.backport_needed }} === 'false') { + core.setOutput('backport_needed', 'false'); + process.exit(0); + } + + const BOLD = "\u001b[1m"; + const GREEN = "\u001b[32m"; + const MAGENTA = "\u001b[35m"; + + const response = await github.request("GET /repos/${{ github.repository }}/commits/${{ steps.backport_info.outputs.first_commit_id }}/pulls", { + headers: { + authorization: `token ${process.env.GITHUB_TOKEN}` + } + }); + + const prNumber = response.data.length > 0 ? response.data[0].number : null; + + console.log(`Associated Pull Request Number: ${prNumber}\n`); + + if (!prNumber) { + console.log(GREEN + "No associated pull request found. Nothing to backport! Exiting."); + core.setOutput('backport_needed', 'false'); + process.exit(0); + } + + const { data: pull } = await github.rest.pulls.get({ + owner: context.repo.owner, + repo: context.repo.repo, + pull_number: prNumber + }); + + core.startGroup(`${pull.labels.length} Label(s) in the PR`); + pull.labels.forEach((label, index) => { + console.log(BOLD + `Label #${index + 1}: \"${label.name}\"`); + }); + core.endGroup(); + + const label = pull.labels.find(l => l.name === 'type:backport'); + if (!label) { + console.log(GREEN + "Changes are not requested for backport. Exiting."); + core.setOutput('backport_needed', 'false'); + process.exit(0); + } + + console.log(MAGENTA + "The changes are requested for backport. Proceeding with backport.\n"); + + core.setOutput('pr_number', prNumber); + core.setOutput('backport_needed', 'true'); + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + - name: Checkout a Local ${{ steps.backport_info.outputs.target_branch_name }} Branch (Destination Branch) + if: steps.backport_check.outputs.backport_needed == 'true' + run: | + git config --global user.email "mubot@microsoft.com" + git config --global user.name "Project Mu Bot" + git checkout -b ${{ steps.backport_info.outputs.target_branch_name }} origin/${{ steps.backport_info.outputs.target_branch_name }} + + - name: Check for Merge Conflicts + if: steps.backport_check.outputs.backport_needed == 'true' + id: merge_conflicts + run: | + conflict=false + + for commit in ${{ steps.backport_info.outputs.commit_by_id }}; do + echo -e "\nAttempting to cherry-pick commit $commit..." + + set +e + cherry_pick_output=$( { git cherry-pick $commit; } 2>&1 ) + set -e + + if echo "$cherry_pick_output" | grep -q "The previous cherry-pick is now empty"; then + echo "Cherry-picking $commit resulted in an empty commit. Skipping it."; + git cherry-pick --skip; + elif echo "$cherry_pick_output" | grep -q "Merge conflict in"; then + echo "Merge conflict detected for commit $commit! Committing it with conflict markers."; + original_author=$(git log -1 --pretty=format:'%an <%ae>' $commit) + original_date=$(git log -1 --pretty=format:'%ad' --date=iso-strict $commit) + original_message=$(git log -1 --pretty=%B $commit) + git add -A + GIT_COMMITTER_DATE="$original_date" GIT_AUTHOR_DATE="$original_date" git commit --author="$original_author" -m "[CONFLICT] $original_message" + conflict=true; + else + echo "$commit was cherry-picked successfully."; + fi + done + + echo "merge_conflict=$conflict" >> $GITHUB_ENV + continue-on-error: true + + - name: Push to ${{ steps.backport_info.outputs.target_branch_name }} if No Conflicts + if: steps.backport_check.outputs.backport_needed == 'true' && env.merge_conflict == 'false' + run: | + git push origin ${{ steps.backport_info.outputs.target_branch_name }}:${{ steps.backport_info.outputs.target_branch_name }} + + - name: Generate a Unique PR Branch Name (On Merge Conflict) + if: steps.backport_check.outputs.backport_needed == 'true' && env.merge_conflict == 'true' + id: merge_conflict_branch_info + run: | + TIMESTAMP=$(date +%Y%m%d%H%M%S) + branch_name="merge-conflict/${{ steps.backport_info.outputs.target_branch_name }}/$TIMESTAMP" + + echo -e "\nMerge conflict branch name generated: $branch_name" + + git branch -m $branch_name + git push origin refs/heads/$branch_name:refs/heads/$branch_name + + echo "branch_name=$branch_name" >> $GITHUB_OUTPUT + + - name: Create Pull Request (On Merge Conflict) + if: steps.backport_check.outputs.backport_needed == 'true' && env.merge_conflict == 'true' + run: | + PR_BRANCH="${{ steps.merge_conflict_branch_info.outputs.branch_name }}" + BASE_BRANCH="${{ steps.backport_info.outputs.target_branch_name }}" + PR_TITLE="Manual Merge Conflict Resolution for ${{ steps.backport_info.outputs.commit_count }} Commits into ${{ steps.backport_info.outputs.target_branch_name }}" + PR_BODY="This pull request is created to resolve the merge conflict that occurred while backporting the commits + from ${{ steps.backport_info.outputs.source_branch_name }} to ${{ steps.backport_info.outputs.target_branch_name }}. + + **Commits in this PR:** + + ${{ steps.backport_info.outputs.commit_messages }} + + **Instructions:** + + 1. Checkout this PR branch locally. + 2. Verify all commits that are being backported are present in the branch. + 3. Resolve the merge conflict markers in the files. + 4. Commit the changes. + 5. Push the changes back to this PR branch. + + **Note:** + + If it is too complicated to use this branch as-is, then simply attempt to merge the same set of commits into + the release branch locally, resolve the conflicts, and force push the changes to the PR branch." + + echo "PR Title: $PR_TITLE" + echo "PR Body: $PR_BODY" + echo "PR Branch: $PR_BRANCH" + echo "Base Branch: $BASE_BRANCH" + + curl -s -X POST https://api.github.com/repos/${{ github.repository }}/pulls \ + -H "Authorization: token $CHERRY_PICK_TOKEN" \ + -H "Content-Type: application/json" \ + -d "{\"title\":\"$PR_TITLE\",\"body\":\"$PR_BODY\",\"head\":\"$PR_BRANCH\",\"base\":\"$BASE_BRANCH\",\"labels\":[\"type:release-merge-conflict\"]}" + env: + CHERRY_PICK_TOKEN: ${{ secrets.CHERRY_PICK_TOKEN }} +{% endraw %} From c073aef53fc09598188f9d3d5c9d30f6f590c205 Mon Sep 17 00:00:00 2001 From: Ilolm Date: Wed, 6 Nov 2024 19:04:45 +0200 Subject: [PATCH 3/3] Changed some comments + resolved mistake with double && --- .sync/containers/Ubuntu-22/Dockerfile | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.sync/containers/Ubuntu-22/Dockerfile b/.sync/containers/Ubuntu-22/Dockerfile index 8cabd3ed..6a919ab0 100644 --- a/.sync/containers/Ubuntu-22/Dockerfile +++ b/.sync/containers/Ubuntu-22/Dockerfile @@ -78,13 +78,13 @@ RUN echo "Installing needed system packages" \ gcc-${GCC_MAJOR_VERSION}-aarch64-linux-gnu \ gcc-${GCC_MAJOR_VERSION}-riscv64-linux-gnu \ gcc-${GCC_MAJOR_VERSION}-arm-linux-gnueabi \ - gcc-${GCC_MAJOR_VERSION}-arm-linux-gnueabihf && \ + gcc-${GCC_MAJOR_VERSION}-arm-linux-gnueabihf \ && curl -O https://bootstrap.pypa.io/get-pip.py \ && {% endraw %}python{{ sync_version.python_version }}{% raw %} get-pip.py \ && {% endraw %}python{{ sync_version.python_version }}{% raw %} -m pip install --upgrade setuptools \ && rm get-pip.py \ && apt-get upgrade -y && \ - + echo "\n\n Cleaning cache" \ && apt-get autoremove \ && apt-get clean \ @@ -122,7 +122,7 @@ RUN echo "Upgrading pip/lcov_cobertura" \ && cd .. \ && rm -rf iasl_temp && \ - echo "\n\n Installing microsoft-prod packages" \ + echo "\n\n Installing powershell" \ && wget -q "https://packages.microsoft.com/config/ubuntu/$(lsb_release -rs)/packages-microsoft-prod.deb" \ && dpkg -i packages-microsoft-prod.deb \ && rm packages-microsoft-prod.deb \ @@ -133,7 +133,7 @@ RUN echo "Upgrading pip/lcov_cobertura" \ && apt-get autoremove \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* - + # # Rust support # @@ -224,7 +224,7 @@ FROM build AS test ARG QEMU_URL="https://gitlab.com/qemu-project/qemu.git" \ QEMU_BRANCH="v9.0.0" -RUN echo "Installing needed software" \ +RUN echo "Installing needed software to build qemu." \ && apt-get update \ && apt-get install --yes --no-install-recommends \ autoconf \ @@ -274,5 +274,5 @@ RUN echo "Installing nano/less" \ && apt-get autoremove \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* - + {% endraw %}