Skip to content

NO_MERGE This is an example PR with an upstream commit checker github action #323

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 4 commits into
base: ciqlts8_6
Choose a base branch
from
Open

NO_MERGE This is an example PR with an upstream commit checker github action #323

wants to merge 4 commits into from

Conversation

bmastbergen
Copy link
Collaborator

@bmastbergen bmastbergen commented Jun 6, 2025
edited
Loading

This is an example PR for testing an upstream commit checker github action. It has three commits that reference upstream commits. One references a bogus upstream commit. One references an upstream commit with a single fix available. And one references an upstream commit with multiple fixes available.

PlaidCat
PlaidCat reviewed Jun 6, 2025
View reviewed changes
.github/workflows/upstream-commit-check.yml Outdated
- name: Clone Linux Kernel
run: |
echo "Cloning Linux kernel repository (bare clone, single branch, no blobs) into 'linux' directory..."
git clone --bare --filter=blob:none --single-branch https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git linux
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Any reason we just can't use the kernel-mainline branch its updated daily

Copy link
Collaborator Author

@bmastbergen bmastbergen Jun 6, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It could. If you look below you'll see that the script doesn't actually checkout the kernel-src-tree repo. It uses the github api to get the commits in the PR. But yea, maybe actually checking out kernel-src-tree with its kernel-mainline branch included makes sense.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Initially the script used the github api to check the upstream kernel commits too, but that was taking forever

@bmastbergen
Copy link
Collaborator Author

closing this. its served its purpose

@bmastbergen bmastbergen closed this Jun 6, 2025
@thefossguy-ciq
Copy link

This is amazing! This could help us improve the quality of our tree better than RedHat's.

@bmastbergen
Copy link
Collaborator Author

Reopening for more testing

@bmastbergen bmastbergen reopened this Jun 10, 2025
@bmastbergen bmastbergen force-pushed the NO_MERGE-upstream-commit-checker-example branch from 971b5ac to 37e3a27 Compare June 10, 2025 14:37
@bmastbergen
This commit references a bogus upstream hash
13b3409 
jira VULN-XXXX
cve CVE-2025-1234
commit 1234567890abcde1234567890abcde1234567890

This isn't a real commit

Do i dont have to say anything here
@bmastbergen
This commit references an upstream hash with a fix available
7030739 
jira VULN-XXXX
cve CVE-2025-1234
commit a85fb91

This isn't a real commit

Do i dont have to say anything here
@bmastbergen bmastbergen force-pushed the NO_MERGE-upstream-commit-checker-example branch from 37e3a27 to 4bd3171 Compare June 10, 2025 14:58
@ctrliq ctrliq deleted a comment from github-actions bot Jun 10, 2025
@ctrliq ctrliq deleted a comment from github-actions bot Jun 10, 2025
@bmastbergen bmastbergen force-pushed the NO_MERGE-upstream-commit-checker-example branch 4 times, most recently from 025c28b to e6ae83a Compare June 10, 2025 17:58
@ctrliq ctrliq deleted a comment from github-actions bot Jun 10, 2025
@ctrliq ctrliq deleted a comment from github-actions bot Jun 10, 2025
@ctrliq ctrliq deleted a comment from github-actions bot Jun 10, 2025
@ctrliq ctrliq deleted a comment from github-actions bot Jun 10, 2025
@ctrliq ctrliq deleted a comment from github-actions bot Jun 11, 2025
@ctrliq ctrliq deleted a comment from github-actions bot Jun 11, 2025
@bmastbergen bmastbergen force-pushed the NO_MERGE-upstream-commit-checker-example branch 2 times, most recently from 5e214cb to b82196f Compare June 11, 2025 15:08
@github-actions GitHub Actions
Copy link

🔍 Upstream Linux Kernel Commit Check

  • ❗ PR commit 13b34099da48 (This commit references a bogus upstream hash) references upstream commit
    1234567890ab which does not exist in the upstream Linux kernel.

  • ⚠️ PR commit 7030739055fc (This commit references an upstream hash with a fix available) references upstream commit
    a85fb91e3d72 which has been referenced by a Fixes: tag in the upstream
    Linux kernel:

    27aabf27fd01 Bluetooth: fix use-after-free in device_for_each_child() (Dmitry Antipov)
  • ⚠️ PR commit 096902b3b681 (This commit references an upstream hash with multiple fixes) references upstream commit
    0d0f4174f6c8 which has been referenced by a Fixes: tag in the upstream
    Linux kernel:
    e6854be4d80e selftests: drv-net: tso: make bkg() wait for socat to quit (Jakub Kicinski)
    c68804c934e3 selftests: drv-net: tso: fix the GRE device name (Jakub Kicinski)
    7eb6b63aa3c3 selftests: drv-net: add configs for the TSO test (Jakub Kicinski)
    8af7a919c52f netlink: specs: rt-link: decode ip6gre (Jakub Kicinski)

This is an automated message from the kernel commit checker workflow.

@ctrliq ctrliq deleted a comment from github-actions bot Jun 11, 2025
@bmastbergen bmastbergen mentioned this pull request Jun 11, 2025
Open
@bmastbergen
github actions: Add upstream commit checker
97a0c5d 
This github actions checks the PR commits for references to upstream
linux commits (lines starting with "commit <hash>") and does two things:

1.  Checks that this hash exists in the upstream linux kernel history

2.  Checks if there are any Fixes: references for the referenced commit
in the upstream linux kernel history

If either of those are found to be true a comment is added to the PR with
the pertinent information.

The logic for the check is provided by the check_upstream_commits.py script
from kernel-src-tree-tools
@bmastbergen bmastbergen force-pushed the NO_MERGE-upstream-commit-checker-example branch from b82196f to 97a0c5d Compare June 12, 2025 14:12
@ctrliq ctrliq deleted a comment from github-actions bot Jun 12, 2025
@github-actions GitHub Actions
Copy link

🔍 Upstream Linux Kernel Commit Check

  • ❗ PR commit 13b34099da48 (This commit references a bogus upstream hash) references upstream commit
    1234567890ab which does not exist in the upstream Linux kernel.

  • ⚠️ PR commit 7030739055fc (This commit references an upstream hash with a fix available) references upstream commit
    a85fb91e3d72 which has been referenced by a Fixes: tag in the upstream
    Linux kernel:

    27aabf27fd01 Bluetooth: fix use-after-free in device_for_each_child() (Dmitry Antipov)
  • ⚠️ PR commit 096902b3b681 (This commit references an upstream hash with multiple fixes) references upstream commit
    0d0f4174f6c8 which has been referenced by a Fixes: tag in the upstream
    Linux kernel:
    e6854be4d80e selftests: drv-net: tso: make bkg() wait for socat to quit (Jakub Kicinski)
    c68804c934e3 selftests: drv-net: tso: fix the GRE device name (Jakub Kicinski)
    7eb6b63aa3c3 selftests: drv-net: add configs for the TSO test (Jakub Kicinski)
    8af7a919c52f netlink: specs: rt-link: decode ip6gre (Jakub Kicinski)

This is an automated message from the kernel commit checker workflow.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@PlaidCat PlaidCat PlaidCat left review comments

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@bmastbergen @thefossguy-ciq @PlaidCat