[AUTOPATCHER-kernel] Kernel CVE - branch main - CVE-2024-47671 CVE-2024-50010 CVE-2024-36893 CVE-2023-52913 CVE-2024-43846 CVE-2024-43839 CVE-2024-43834 CVE-2024-50036 CVE-2024-46859 CVE-2024-50072 CVE-2024-46695 CVE-2024-36972 CVE-2024-44931 CVE-2024-46852 CVE-2021-47482 CVE-2024-47672 CVE-2024-41080 CVE-2024-43849 CVE-2024-50058 CVE-2024-46855 CVE-2022-48635 CVE-2024-38545 CVE-2024-47670 CVE-2024-46858 CVE-2024-43835 CVE-2024-46849 CVE-2024-46854 CVE-2024-26875 CVE-2024-38538 CVE-2024-46853 CVE-2023-52601 CVE-2024-47673 CVE-2024-43841 CVE-2024-50086 CVE-2024-39463 #19830
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright (c) Microsoft Corporation. | |
| # Licensed under the MIT License. | |
| name: Spec %clean stage check | |
| on: | |
| push: | |
| branches: [main, dev, 1.0*, 2.0*, fasttrack/*] | |
| pull_request: | |
| branches: [main, dev, 1.0*, 2.0*, fasttrack/*] | |
| permissions: read-all | |
| jobs: | |
| spec-clean-stage-check: | |
| name: Spec %clean stage check | |
| runs-on: ubuntu-latest | |
| steps: | |
| # Checkout the branch of our repo that triggered this action | |
| - name: Workflow trigger checkout | |
| uses: actions/checkout@v4 | |
| - name: Get base commit for PRs | |
| if: ${{ github.event_name == 'pull_request' }} | |
| run: | | |
| git fetch origin ${{ github.base_ref }} | |
| echo "base_sha=$(git rev-parse origin/${{ github.base_ref }})" >> $GITHUB_ENV | |
| - name: Get base commit for Pushes | |
| if: ${{ github.event_name == 'push' }} | |
| run: | | |
| git fetch origin ${{ github.event.before }} | |
| echo "base_sha=${{ github.event.before }}" >> $GITHUB_ENV | |
| - name: Check the modified spec files | |
| run: | | |
| changed_specs=$(git diff-tree --diff-filter=d --no-commit-id --name-only -r ${{ env.base_sha }} ${{ github.sha }} | { grep "SPECS.*/.*\.spec$" || test $? = 1; }) | |
| for spec in $changed_specs | |
| do | |
| echo "Checking '$spec'." | |
| if grep -q "^\s*%clean" "$spec" | |
| then | |
| 1>&2 echo "**** ERROR ****" | |
| 1>&2 echo "Spec '$spec' contains a %clean stage, which should be unnecessary for CBL-Mariner. Please remove it or add an exception for this spec file." | |
| 1>&2 echo "**** ERROR ****" | |
| error_found=1 | |
| fi | |
| done | |
| if [[ -n $error_found ]] | |
| then | |
| exit 1 | |
| fi |