From c746eb32b95e36e228e587ccc5ac6801acbdd64d Mon Sep 17 00:00:00 2001 From: Derek Parker Date: Tue, 30 May 2023 10:51:16 -0700 Subject: [PATCH] check generated patch via diff We want to ensure that the 001 patch committed in the repository for each branch is the most up to date patch so that when it is used to alter the Go tree during RPM builds it will always apply cleanly and produce the correct code. We enforce this by issuing a `git diff` command with the `--exit-code` flag to fail the CI step if a diff is present. --- .github/workflows/test-pr-set.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/test-pr-set.yml b/.github/workflows/test-pr-set.yml index 5be62aa..04d301b 100644 --- a/.github/workflows/test-pr-set.yml +++ b/.github/workflows/test-pr-set.yml @@ -137,6 +137,7 @@ jobs: # lower the go build version to 1.16 sed -i "s/go mod tidy/go mod tidy -go=1.16/g" scripts/create-secondary-patch.sh ./scripts/setup-initial-patch.sh -r $(realpath ../openssl-fips) ${{ inputs.go_ref }} + git diff --exit-code patches/ - name: "Apply FIPS patches" shell: bash