aevea / commitsar Goto Github PK

Probably MergeBase goes back to only the closest point the two merge which would be the merge commit.

Example:
https://circleci.com/gh/kiwicom/iam/1080?utm_campaign=vcs-integration-link&utm_medium=referral&utm_source=github-build-link

Could you add a download script similar to what goreleaser has to the commitsar repository?
This would allow very simple installation on CI systems and the like by running something along these lines: curl -sfL https://install.commitsar.com/github.com/commitsar/commitsar.sh | sh

These scripts are usually generated using godownloader.

To my knowledge the specification for conventional commits does not limit scopes to letters, but allow any special character.

I noticed you use this regex pattern to check the validity of scopes:

^\w+( \w+)*$

What's the reason behind only allowing words and whitespaces? I think allowing e.g. dashes could be useful.

Provide function to strip title from Commit Message.

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

• chore(deps): update alpine docker tag to v3.19.1
• chore(deps): update golang docker tag
• fix(deps): update module github.com/go-git/go-git/v5 to v5.12.0
• fix(deps): update module github.com/spf13/viper to v1.18.2
• fix(deps): update module golang.org/x/oauth2 to v0.20.0
• chore(deps): update actions/setup-go action to v5
• fix(deps): update module github.com/google/go-github/v32 to v61
• Click on this checkbox to rebase all open PRs at once

Detected dependencies

• Check this box to trigger a request for Renovate to run again on this repository

Environmentent

I have downloaded commitsar executable on my custom action runner (running Ubuntu) and using it as below

    steps:
    - name: Checkout
      uses: actions/checkout@v2  # I have tried actions/checkout@v1 too

    - name: Validate Commits
      run: commitsar -v 

Problem

commitsar fails on a shallow clone

runner@runner-deployment-nzvgd-6kpsc:/runner/_work/.github/.github$ git log      
commit 048c926b55b5386bdc0cb4d0f0919a993afc46b3 (grafted, HEAD)
Author: Vikas Kumar <[email protected]>
Date:   Fri Sep 17 01:24:33 2021 +1000

    docs:  updated README
    
    Fixed the repository name in README
runner@runner-deployment-nzvgd-6kpsc:/runner/_work/.github/.github$

runner@runner-deployment-nzvgd-6kpsc:/runner/_work/.github/.github$ git branch -a
* (HEAD detached at 048c926)
runner@runner-deployment-nzvgd-6kpsc:/runner/_work/.github/.github$ 

runner@runner-deployment-nzvgd-6kpsc:/runner/_work/.github/.github$ commitsar -v
2021/09/16 15:56:51 config file not found, using defaults
   • Starting pipeline: commit-pipeline
   • Starting analysis of commits on branch HEAD
   • All pipelines complete   
   • [commit-pipeline] reference not found
Some errors were found
runner@runner-deployment-nzvgd-6kpsc:/runner/_work/.github/.github$ 

Workaround

    - name: Checkout
      uses: actions/checkout@v2
      with:
        fetch-depth: 0

or

    - name: Validate Commits
      run: |
        git fetch --unshallow
        commitsar -v 

Will commitsar use the .commitlintrc.js in the root of the repo, or does it use its own config?

From my testing, of at least the latest current container (digest 195395165b624550f4d9100407b6d1207369cc843c74d0eb7b6d7a7d2c089a0c) the bolded statement in the readme doesn't hold true, which is a good thing. I believe just the current dir needs to be the repository you wish commitsar to test.

I run it in the following configuration:

$ docker run -v "$PWD":/wd -w /wd --rm --entrypoint /app/commitsar fallion/commitsar

from the repository I want tested.

I was also going to recommend changing the entrypoint from ./commitsar which is why I need the entrypoint override, but I see that has been done already.

Just tried this tool, and ran into the issue where merge commits are being identified as non-compliant, but it seems this was fixed a few days ago. Since I'm using docker, would be useful to have that build updated, or better yet so it's automated :).

When disabling PR commits

commits:
  disabled: false

the github action doesn't checks anything and leaves with a message

Commit section skipped due to commits.disabled set to true in .commitsar.yaml

when the expectation was to validate only the PR title.

Docusaurus just results in constant dependency vulnerability warnings.

Right now the project is overly complex by using both Logger and DebugLogger. This could be simplified by simply using Logrus and a level flag.

Would it be possible to use refs instead of checking against master specifically?

In our test setup, the pipeline doesn't have to test a given branch, or a known sha, but will rather merge, or rebase and generare a new sha.

I'd love to be able to have a CLI flag which will be used to find relevant commits, rather than checking against master.

Example input to said CLI flag: 00eb86529a18a07e8e04c69daf34b4f539555fd0...3a5ab85fb13ae8d37925e37ea56eee8834eee854

#167 reported that branch name is not printed in the output when starting commitsar.

Since 0.9.0 had in its release notes that commitsar now should run on master I was curious to try it, but it seems to me that it's not working.

To reproduce:

1. Clone a repo, (my example [email protected]:go-task/task.git)
2. cd into repo, make sure master is checked out, which it is by default.
3. I have commitsar 0.9.0 in my PATH, so I run commitsar

The resulting output:

❯ commitsar                                                                                                      
Starting analysis of commits on branch

1 commits filtered out

Found 0 commit to check
No commits found, please check you are on a branch outside of main

I ran git rev-list --count master to count the commits on the master branch of go-task, the result is 698. I guess this confirms that commitsar is not doing it's thing correctly?

Why is the first line of output from commitsar Starting analysis of commits on branch not stating a branch name?

For JS projects that limit scope it would be useful to provide a mechanic for extracting allowed scopes based on their package.json files.

Since they are JSON compliant this shouldn't be too much of an issue.

BREAKING CHANGE should be on first line of commit description.

Currently the project is too complex with the introduction of the runners. These may be an over optimisation so we should explore how this can be simplified.

I'm suggest to add some package to management the log messages like logrus, and stop to make

if debug {
    fmt.Printf("[DEBUG].......")
}

and add something like this on startup

if verboseFlag {
   logrus.SetLevel(logrus.DebugLevel)
}

and use like this

logrus.Debugf("..........")

According to https://www.conventionalcommits.org/en/v1.0.0/:

3. BREAKING CHANGE: a commit that has a footer BREAKING CHANGE:, or appends a ! after the type/scope, introduces a breaking API change (correlating with MAJOR in semantic versioning). A BREAKING CHANGE can be part of commits of any type.

When I committed: `feat!: use git clone for agoric init', it came back with:

FAIL   cbc82f35c5e1f1d81389e01d0ccae31660f97f9d   use git clone for agoric init   breaking change must contain commit body

Example given in the spec that doesn't contain a commit body: https://www.conventionalcommits.org/en/v1.0.0/#commit-message-with-to-draw-attention-to-breaking-change

Starting analysis of commits on branch
reference not found

when added master branch to my new repo it started working again

Slightly related to #213

It'd be great if commitsar could enforce the existence of the scope part in the commit title. The scope is considered optional by the conventional commits spec, but that feature would be very beneficial to repositories requiring stricter checks. The next step could potentially be, restricting the allowed scopes to a configurable list.

Let me know, if that makes sense and if you'd be interested in such a feature. I'd be happy to PR it.

For nicer usage on Mac OS ship to Brew.

Could you add a "docker run ..." command example to the repository README.md docs?
I've been trying to run commitsar with a direct docker run command, and I think I have it running correctly with this: docker run --rm --name="commitsar" -w /src -v "$(pwd)":/src commitsar/commitsar:0.10.0

But the result is incorrect. I ran the above container from a repository with a master branch containing 71 commits, but commitsar just finds the latest commit and reports 1 of 1 commits are not conventional commit compliant. Why are the other 70 commits ignored?

If I have a single commit like revert: some message, it gets filtered out by the patch in #434, and commitsar fails because it can't find any commit to check.

commitsar -v
   • Starting pipeline: commit-pipeline
   • Starting analysis of commits on branch refs/heads/test
   • Commit found: [hash] 0000000000000000000000000000000000000000 [message] some message
   • 1 commits filtered out   
   • Found 0 commit to check  
   • All pipelines complete   
   • [commit-pipeline] No commits found, please check you are on a branch outside of main
   ⨯ pipeline: commit-pipeline, error: No commits found, please check you are on a branch outside of main
some errors were found

Probably commitsar shouldn't exit with error if all the commits have been filtered out.

App should allow these commits to pass.

Example:
https://circleci.com/gh/kiwicom/iam/1080?utm_campaign=vcs-integration-link&utm_medium=referral&utm_source=github-build-link

Allow user to set the path of the repo to check via flag.

I run this project on the latest version in my gitlab ci pipeline on different branches and experience some weird behaviour:
On some branches it works fine, while on others it throws this error:

$ commitsar -v
Starting analysis of commits on branch HEAD
reference not found

There is a git history available:

 $ git --no-pager log --oneline
c7c1561 chore: commit
5710afe chore: another commit
bea536b Merge branch 'branch' into 'develop'  <-- This is the latest commit to the branch I branched out from
236c3dc ci: add stuff

I'm not too familiar with the code of this project, how can I debug this further?

There is an error with this repository's Renovate configuration that needs to be fixed. As a precaution, Renovate will stop PRs until it is resolved.

Error type: undefined. Note: this is a nested preset so please contact the preset author if you are unable to fix it yourself.

Right now Commitsar will fail on first commit that fails the check.

From a user perspective it would be nicer if these are listed out after all are checked.

Strict mode should disallow any type that is not covered by conventional commits. It should be a flag passed to the container/app for now.

https://www.conventionalcommits.org/en/v1.0.0-beta.4/#examples

Types: [ fix, feat, chore, docs, style, refactor, perf, test ]

It would be great to have a windows executable too in the releases.

Right now merge commits are handled using the following Regexes:

Merge commit '(?P<hash>\S+)'
^Merge branch '(?P<incoming>\w+)' into (?P<current>\S+)
^Merge pull request (?P<incoming>#\d+) from (?P<current>\S+)
^Merge (?P<incoming>\w+) into (?P<current>\S+)

Does it make sense to be this precise? The main downside is maintainability, every new format must be handled, added and released. Until then clients are blocked.

Proposed solution is to simply track Merge keyword and allow any characters after that.

Internal functions should not need to care if Debug is on. This change would remove all:

if Debug {
 //log something heree
}

I have commitsar running in Gitlab CI, but today for some reason it has stopped working for me.
I am running with the docker executor, so the repo is mounted into the commitsar container, and the check run from inside.
But as seen below, even if explicitly fetching the branch from origin and checking it out, the --all flag fails, and states it's on the branch refs/heads/goreleaser.

The error message Some errors were found is of no help, there really should be better error output.

If I run the same repo and branch manually in CLI with docker run..., mounted to /src and with --all, then it works fine. So how come it doesn't work in this case? I even checked in the CI job, ls -la outputs the repo contents, so the repo is there.

$ git fetch origin $CI_COMMIT_REF_NAME
From https://<url>
 * branch            goreleaser -> FETCH_HEAD
 * [new branch]      goreleaser -> origin/goreleaser
$ git checkout $CI_COMMIT_REF_NAME
Branch 'goreleaser' set up to track remote branch 'goreleaser' from 'origin'.
Switched to a new branch 'goreleaser'
$ commitsar --all
2021/04/10 18:03:16 config file not found, using defaults
   • Starting pipeline: commit-pipeline
   • Starting analysis of commits on branch refs/heads/goreleaser
Some errors were found

I use Bottlerocket AMI on EKS clusters which use containerd and not docker socket.

It fails with these errors

Build container for action use: '/runner/_work/_actions/aevea/commitsar/v0.16.0/Dockerfile'.
  /usr/local/bin/docker build -t 60e226:7de2787af7e04b038ce49eb6a1a987d8 -f "/runner/_work/_actions/aevea/commitsar/v0.16.0/Dockerfile" "/runner/_work/_actions/aevea/commitsar/v0.16.0"
  Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
  Warning: Docker build failed with exit code 1, back off 8.072 seconds before retry.
  /usr/local/bin/docker build -t 60e226:7de2787af7e04b038ce49eb6a1a987d8 -f "/runner/_work/_actions/aevea/commitsar/v0.16.0/Dockerfile" "/runner/_work/_actions/aevea/commitsar/v0.16.0"
  Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
  Warning: Docker build failed with exit code 1, back off 4.07 seconds before retry.
  /usr/local/bin/docker build -t 60e226:7de2787af7e04b038ce49eb6a1a987d8 -f "/runner/_work/_actions/aevea/commitsar/v0.16.0/Dockerfile" "/runner/_work/_actions/aevea/commitsar/v0.16.0"
  Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
Error: Docker build failed with exit code 1

When dealing with commits on branches/PRs, commitsar works as expected, but it behaves inconsistently on main branch:

When PR lands on main, as the last commit (fast-forward merge without merge commit) and CI (gitlab CI) manages to finish the commitsar pipeline before any new changes land, everything works as expected: Only a single/last commit is being found and checked.

When new changes land on main BEFORE the commitsar pipeline runs for previous commits, the following error happens:

$ commitsar --verbose
[DEBUG] Starting pipeline: commit-pipeline
Starting analysis of commits on branch HEAD
[DEBUG] Stopped getting commits on branch: object not found
[DEBUG] Stopped getting commits on branch: object not found
0 commits filtered out
Found 0 commit to check
[DEBUG] All pipelines complete
[DEBUG] [commit-pipeline] No commits found, please check you are on a branch outside of main
Some errors were found

While this mostly happens for frequent commits scenarios, the easiest way to deterministically reproduce it is to re-run a pipeline that previously passed on the main branch, but now has new commits ahead of it. This is always consistent and results in failure.

IMO Expected behaviour would be to check a single commit, that's triggering the CI and ensure the pipeline results is deterministic and re-running it on same commit produces the same output

Possibly related: #167

it's similar exception as when doing git merge: https://git-scm.com/docs/git-revert, alternatively it could be done with edit message param git revert -e

the default message is Revert "..."

--all will allow users to check the entirety of accessible history. Keep in mind if GIT_DEPTH is used then Commitsar will only check that depth.

Referenced from #183

Failure should show the correct format of a commit message to help guide the user.

Currently the action fails on push to master branch.

Commit message:

all: Fix tests and lint

Fix failing tests and lint the whole project.

Not sure what the desired behavior here is but I would love to use this on my private repo where I push right into the master and repair failed action by ammending to the commit in case anything fails (yup.. not the best practice under the sun).

If update branch feature of Github is used or Kodiak updates the branch using merge into branch it will cause the entire history of master to be scanned.

Example: https://cloud.drone.io/fallion/commitsar/130/1/4

Steps to reproduce:

• create branch behind master
• update it by merging master into it
  

Commitsar ouputs lines in this format when commits don't follow the convention:

FAIL   054f4a01525dbac5dc3188d3aa6b27fd29908221   added --version flag with same output as version cmd   category missing
FAIL   21985dc84927833c8a80ad548162903f28b9ccfb   add SetLogger to db package   category missing
FAIL   304a8a71b7ed7e377dbf323e17395c4df2123232   refactored main into multiple packages, updated tests   category missing

The part at the end, category missing, is added by commitsar to point out the error, but the formatting of the lines doesn't make this very readable.

It would be better if the error was put before the commit message, in it's own column:

FAIL   054f4a01525dbac5dc3188d3aa6b27fd29908221   category missing   added --version flag with same output as version cmd
FAIL   21985dc84927833c8a80ad548162903f28b9ccfb   category missing   add SetLogger to db package
FAIL   304a8a71b7ed7e377dbf323e17395c4df2123232   category missing   refactored main into multiple packages, updated tests

This would make the output a lot more readable, just set the column width of the error message to the longest of the errors present or something like that.

Hi,

I would like to use commitsar on remote ref like this: commitsar -v origin/prod~10...origin/prod which seems to not be supported for now. Have you plan to do it in the future ?

Quick example of what I have in mind:

mkdir tmp && cd tmp
git init
git remote add origin ...
git fetch --filter=blob:none --filter=tree:0

commitsar -v origin/prod~10...origin/prod

Its unnecessarily difficult to check which version of the commitsar binary you have at the moment, adding a "--version" flag or a "commitsar version" command would solve this.

Currently commitsar defaults to master branch. Given the recent changes by Github it would be good to also default to main, unless specified differently in .commitsar.yml

For flows which use merge commits it is important to skip the merge commit when running commitsar on master.

Found during #167

Example history: https://github.com/go-task/task/commits/master

Hello,

I'd like to use commitsar with gitlab on a project where all "components" of the app are treated as branches:

• componentX/dev
• componentX/feature/myfeature
• componentY/dev
• etc...
  All branches have a least 500 commits not respecting the conventional message.
  How can I use commitsar on those branches from new commit and leave the past to the past ?

Thanks a lot.