Close #3

Unfortunately, when the image is built automatically as part of a Container Action, it seems that global environment variables are not inherited. Therefore, enabling BuildKit globally through DOCKER_BUILDKIT does not work. That would be desirable in order to use https://github.com/moby/buildkit/blob/master/frontend/dockerfile/docs/syntax.md#build-mounts-run---mount in the dockerfile. For now, I worked around it by using a COPY statement (a layer) instead. Nonetheless, I kept the commit isolated, because it might be reverted when building the image is decoupled from the execution.

I added a very simple CI workflow for testing the execution of the Action. Yet, since there is no "demo" project here, execution is rather useless. It would be interesting if someone familiar with Verible would contribute an example project in a follow-up PR.

NOTE: Since GitHub Actions is not enabled in this repository yet, results are not shown below. See https://github.com/umarcor/verible-linter-action/actions

Similar to the verible-formatter-action, fetch the most recent version of verible and perform the linting.

Should the same arguments be used as before or should it be done the same way as the formatting action?

• -f fail fast without html error document
• -S shows an error message on fail
• -L follows a redirect

The current implementation of this Action is of type Composite. In the first five steps, the dependencies are downloaded and installed: https://github.com/chipsalliance/verible-linter-action/blob/main/action.yml#L31-L51. In the last step, which is a single bash script, the actual functionality is implemented: https://github.com/chipsalliance/verible-linter-action/blob/main/action.yml#L52-L87.

I recommend to convert this Action into a Container Action, since having it be a Composite does not provide any meaningful advantage in this use case.

The advantage of spliting dependency installation into a Dockerfile is that it can be later decoupled. That means, building and deploying the container image on one side, and using it in the action on the other side. As a result, the Action will be executed faster.

For reference, that approach is used in mithro/actions-includes:

• https://github.com/mithro/actions-includes/blob/main/action.yml#L27-L29
• https://github.com/mithro/actions-includes/blob/main/docker/Dockerfile
• https://github.com/mithro/actions-includes/blob/main/.github/workflows/publish-docker-image.yml

Similar strategy, without decoupling, in dbhi/qus:

• https://github.com/dbhi/qus/blob/main/action/action.yml
• https://github.com/dbhi/qus/blob/main/action/Dockerfile

and eine/tip:

• https://github.com/eine/tip/blob/master/action.yml
• https://github.com/eine/tip/blob/master/Dockerfile

This is a folloy-up of #4.

As commented in #3, building the container image separatedly and the using it at runtime can reduce the execution time for users of this Action. In this PR, a workflow is added, which builds image ghcr.io/chipsalliance/verible-linter-action and pushes it to the GitHub Container Registry, using the default token. Then, in the Action, that image is used instead of the Dockerfile.

• Current execution time (92s): https://github.com/chipsalliance/verible-linter-action/actions/runs/1192256099
• Image build and push time (131s): https://github.com/umarcor/verible-linter-action/actions/runs/1194493666
• Execution time using the image (22s): https://github.com/umarcor/verible-linter-action/actions/runs/1194493667

The workflows are scheduled weekly. Feel free to adjust that to your needs.

NOTE: CI will fail below because this PR does not have permission for pushing to ghcr.io/chipsalliance. That will work after this is merged to main. Precisely, workflow Container will work as soon as it is merged, and Test will need to be rerun afte the image is pushed for the first time. The references to my fork above did work because I temporarily used ghcr.io/umarcor instead.

Re-opening of #19 due to an error on my end.

Similar to the verible-formatter-action, fetch the most recent version of verible and perform the linting.

Reviewdog reports (e.g. here)

Unpacked dimension range must be declared in big-endian ([0N-1]) order. Declare zero-based big-endian unpacked dimensions sized as [N]. [Style unpacked-ordering] [unpacked-dimensions-range-ordering]

Look at the "[0N-1]" string, which should be "[0:N-1]" (the Verible source code agrees with me).

We somewhere loose the colon in the path between Verible and the GH action reporting.

The test would fail because the default reporter is "github-pr-review" and there wasn't a token provided. The reason I change the test, and not the code of the action, is because I assume that the correct usage of the action is to either:

1. Use a reporter that requires the token ("github-pr-review") AND provide the token.
2. Use a reporter that doesn't require the token (for example "local").

The workflow was successful here: https://github.com/antmicro/verible-linter-action/actions/runs/1266083502

This allows to choose whether the action should fail or not, depending on the result of running Verible. Use fail_on_error: 'true' to fail the action if a rule violation that is relevant to a PR exists.

For testing purposes, this PRs have been created:

1. Failing disabled, errors were posted as code review, but the workflow was successful anyway: https://github.com/antmicro/gha-playground/pull/95
2. Failing enabled, errors were posted as code review and the workflow failed: https://github.com/antmicro/gha-playground/pull/96
3. Failing enabled, but no rule violations were found, thus the workflow succeeded: https://github.com/antmicro/gha-playground/pull/97

Previously, the action would exit with non-zero code whenever rule violations were found, even if the violations did not belong to the changes in PR. We could either change it to return non-zero when violations are relevant, or always return zero. I'm changing this to always exit successfully and my reasoning here is that, if there are relevant violations, we'll see them in code review (so we don't really need the negative flag), and we can use non-zero exit codes for internal errors in the action, not related to output from Verible.

The newer version of Verible:

1. Prints rule violations to stderr, not stdout (This caused problems in Ibex repository).
2. Uses different values for autofix argument (I thought I had added this change already, and I'm adding it now).

A test PR was recreated here: https://github.com/antmicro/gha-playground/pull/93

The action needs to handle two remotes. One for the main repo, and the other for the source of the PR. This wasn't handled properly and is fixed here. The problem appeared here: https://github.com/lowRISC/ibex/pull/1434

Right now the script retrieves the URL of the remote from event.json and fetches the right branch from it. Additionally, hash of the HEAD is printed so that it's easy to confirm correctness of operation.

I've checked these scenarios:

1. The branch used in a PR doesn't exist in the main repo, and it works.
2. The branch used in a PR does exist in the main repo, and it's actually fetched from the fork. (Previously the script tried to fetch it from mainline)

We need to compile a list of repositories that contain SystemVerilog or Verilog (even simple test cases) where we could enable the Verible actions.

Let me start with

• UHDM integration tests
• sv-tests
• ibex (already integrated)
• opentitan (waiting for input from the authors, will be created shortly)

Please comment with suggestions of other repositories CC @hzeller @mkurc-ant @kgugala