@@ -9,6 +9,7 @@ pipeline {

     }

     parameters {

         booleanParam(name: 'unit_validate', defaultValue: true, description: 'amd64 (x86_64) unit tests and vendor check')

+        booleanParam(name: 'validate_force', defaultValue: false, description: 'force validation steps to be run, even if no changes were detected')

         booleanParam(name: 'amd64', defaultValue: true, description: 'amd64 (x86_64) Build/Test')

         booleanParam(name: 'arm64', defaultValue: true, description: 'ARM (arm64) Build/Test')

         booleanParam(name: 's390x', defaultValue: true, description: 'IBM Z (s390x) Build/Test')

@@ -62,6 +63,12 @@ pipeline {

                         expression { params.unit_validate }

                     }

                     agent { label 'amd64 && ubuntu-1804 && overlay2' }

+                    environment {

+                        // On master ("non-pull-request"), force running some validation checks (vendor, swagger),

+                        // even if no files were changed. This allows catching problems caused by pull-requests

+                        // that were merged out-of-sequence.

+                        TEST_FORCE_VALIDATE = sh returnStdout: true, script: 'if [ "${BRANCH_NAME%%-*}" != "PR" ] || [ "${CHANGE_TARGET:-master}" != "master" ] || [ "${validate_force}" = "true" ]; then echo "1"; fi'

+                    }

                     stages {

                         stage("Print info") {

@@ -90,6 +97,7 @@ pipeline {

                                   -e DOCKER_EXPERIMENTAL \

                                   -e DOCKER_GITCOMMIT=${GIT_COMMIT} \

                                   -e DOCKER_GRAPHDRIVER \

+                                  -e TEST_FORCE_VALIDATE \

                                   -e VALIDATE_REPO=${GIT_URL} \

                                   -e VALIDATE_BRANCH=${CHANGE_TARGET} \

                                   docker:${GIT_COMMIT} \

@@ -197,6 +205,7 @@ pipeline {

                                   -e DOCKER_EXPERIMENTAL \

                                   -e DOCKER_GITCOMMIT=${GIT_COMMIT} \

                                   -e DOCKER_GRAPHDRIVER \

+                                  -e TEST_FORCE_VALIDATE \

                                   -e VALIDATE_REPO=${GIT_URL} \

                                   -e VALIDATE_BRANCH=${CHANGE_TARGET} \

                                   docker:${GIT_COMMIT} \

@@ -65,6 +65,7 @@ DOCKER_ENVS := \

 	-e DOCKER_TEST_HOST \

 	-e DOCKER_USERLANDPROXY \

 	-e DOCKERD_ARGS \

+	-e TEST_FORCE_VALIDATE \

 	-e TEST_INTEGRATION_DIR \

 	-e TEST_SKIP_INTEGRATION \

 	-e TEST_SKIP_INTEGRATION_CLI \

@@ -4,13 +4,13 @@

 export SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"

-. ${SCRIPTDIR}/dco

-. ${SCRIPTDIR}/default-seccomp

-. ${SCRIPTDIR}/golangci-lint

-. ${SCRIPTDIR}/pkg-imports

-. ${SCRIPTDIR}/swagger

-. ${SCRIPTDIR}/swagger-gen

-. ${SCRIPTDIR}/toml

-. ${SCRIPTDIR}/changelog-well-formed

-. ${SCRIPTDIR}/changelog-date-descending

-#. ${SCRIPTDIR}/deprecate-integration-cli

+. "${SCRIPTDIR}"/dco

+. "${SCRIPTDIR}"/default-seccomp

+. "${SCRIPTDIR}"/pkg-imports

+. "${SCRIPTDIR}"/swagger

+. "${SCRIPTDIR}"/swagger-gen

+. "${SCRIPTDIR}"/toml

+. "${SCRIPTDIR}"/changelog-well-formed

+. "${SCRIPTDIR}"/changelog-date-descending

+. "${SCRIPTDIR}"/deprecate-integration-cli

+. "${SCRIPTDIR}"/golangci-lint

@@ -7,7 +7,7 @@ IFS=$'\n'

 files=( $(validate_diff --diff-filter=ACMR --name-only -- 'profiles/seccomp' || true) )

 unset IFS

-if [ ${#files[@]} -gt 0 ]; then

+if [ -n "${TEST_FORCE_VALIDATE:-}" ] || [ ${#files[@]} -gt 0 ]; then

 	# We run 'go generate' and see if we have a diff afterwards

 	go generate ./profiles/seccomp/ >/dev/null

 	# Let see if the working directory is clean

@@ -23,6 +23,6 @@ if [ ${#files[@]} -gt 0 ]; then

 		} >&2

 		false

 	else

-		echo 'Congratulations! Seccomp profile generation is done correctly.'

+		echo 'Congratulations!  Seccomp profile generation is done correctly.'

 	fi

 fi

@@ -5,21 +5,21 @@ export SCRIPTDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"

 source "${SCRIPTDIR}/.validate"

 new_tests=$(

-	validate_diff --diff-filter=ACMR --unified=0 -- 'integration-cli/*_cli_*.go' |

+	validate_diff --diff-filter=ACMR --unified=0 -- 'integration-cli/*_api_*.go' 'integration-cli/*_cli_*.go' |

 	grep -E '^\+func (.*) Test' || true

 )

-if [ -z "$new_tests" ]; then

-	echo 'Congratulations!  No new tests added to integration-cli.'

-	exit

+if [ -n "$new_tests" ]; then

+	{

+		echo "The following new tests were added to integration-cli:"

+		echo

+		echo "$new_tests"

+		echo

+		echo "integration-cli is deprecated. Please add an API integration test to"

+		echo "./integration/COMPONENT/. See ./TESTING.md for more details."

+		echo

+	} >&2

+	false

+else

+	echo 'Congratulations!  No new tests were added to integration-cli.'

 fi

-

-echo "The following new tests were added to integration-cli:"

-echo

-echo "$new_tests"

-echo

-echo "integration-cli is deprecated. Please add an API integration test to"

-echo "./integration/COMPONENT/. See ./TESTING.md for more details."

-echo

-

-exit 1

@@ -17,6 +17,8 @@ elif ${PKG_CONFIG} 'libsystemd-journal' 2> /dev/null ; then

 	DOCKER_BUILDTAGS+=" journald journald_compat"

 fi

+echo -e "\n\033[0;36mINFO\033[0m Start validation with golang-ci-lint"

+

 # TODO use --out-format=junit-xml and store artifacts

 # shellcheck disable=SC2086

 GOGC=75 golangci-lint run \

@@ -20,7 +20,7 @@ for f in "${files[@]}"; do

 done

 if [ ${#badFiles[@]} -eq 0 ]; then

-	echo 'Congratulations!  "./pkg/..." is safely isolated from internal code.'

+	echo 'Congratulations!  Packages in "./pkg/..." are safely isolated from internal code.'

 else

 	{

 		echo 'These files import internal code: (either directly or indirectly)'

@@ -7,7 +7,12 @@ IFS=$'\n'

 files=( $(validate_diff --diff-filter=ACMR --name-only -- 'api/swagger.yaml' || true) )

 unset IFS

-if [ ${#files[@]} -gt 0 ]; then

-	LANG=C.UTF-8 yamllint -c ${SCRIPTDIR}/.swagger-yamllint api/swagger.yaml

-	swagger validate api/swagger.yaml

+if [ -n "${TEST_FORCE_VALIDATE:-}" ] || [ ${#files[@]} -gt 0 ]; then

+	LANG=C.UTF-8 yamllint -c "${SCRIPTDIR}"/.swagger-yamllint api/swagger.yaml

+	if out=$(swagger validate api/swagger.yaml); then

+		echo "Congratulations!  ${out}"

+	else

+		echo  "${out}" >&2

+		false

+	fi

 fi

@@ -7,8 +7,8 @@ IFS=$'\n'

 files=( $(validate_diff --diff-filter=ACMR --name-only -- 'api/types/' 'api/swagger.yaml' || true) )

 unset IFS

-if [ ${#files[@]} -gt 0 ]; then

-	${SCRIPTDIR}/../generate-swagger-api.sh 2> /dev/null

+if [ -n "${TEST_FORCE_VALIDATE:-}" ] || [ ${#files[@]} -gt 0 ]; then

+	"${SCRIPTDIR}"/../generate-swagger-api.sh 2> /dev/null

 	# Let see if the working directory is clean

 	diffs="$(git diff -- api/types/)"

 	if [ "$diffs" ]; then

@@ -17,12 +17,12 @@ if [ ${#files[@]} -gt 0 ]; then

 			echo

 			echo "$diffs"

 			echo

-			echo 'Please update api/swagger.yaml with any api changes, then '

-			echo 'run `hack/generate-swagger-api.sh`.'

+			echo 'Please update api/swagger.yaml with any API changes, then '

+			echo 'run hack/generate-swagger-api.sh.'

 		} >&2

 		false

 	else

-		echo 'Congratulations! All api changes are done the right way.'

+		echo 'Congratulations!  All API changes are done the right way.'

 	fi

 else

 	echo 'No api/types/ or api/swagger.yaml changes in diff.'

@@ -9,22 +9,22 @@ unset IFS

 badFiles=()

 for f in "${files[@]}"; do

-	# we use "git show" here to validate that what's committed has valid toml syntax

+	# we use "git show" here to validate that what's committed has valid TOML syntax

 	if ! git show "$VALIDATE_HEAD:$f" | tomlv /proc/self/fd/0 ; then

 		badFiles+=( "$f" )

 	fi

 done

 if [ ${#badFiles[@]} -eq 0 ]; then

-	echo 'Congratulations!  All toml source files changed here have valid syntax.'

+	echo 'Congratulations!  All TOML source files changed here have valid syntax.'

 else

 	{

-		echo "These files are not valid toml:"

+		echo "These files are not valid TOML:"

 		for f in "${badFiles[@]}"; do

 			echo " - $f"

 		done

 		echo

-		echo 'Please reformat the above files as valid toml'

+		echo 'Please reformat the above files as valid TOML'

 		echo

 	} >&2

 	false

@@ -8,7 +8,7 @@ validate_vendor_diff(){

 	files=( $(validate_diff --diff-filter=ACMR --name-only -- 'vendor.conf' 'vendor/' || true) )

 	unset IFS

-	if [ ${#files[@]} -gt 0 ]; then

+	if [ -n "${TEST_FORCE_VALIDATE:-}" ] || [ ${#files[@]} -gt 0 ]; then

 		# recreate vendor/

 		vndr

 		# check if any files have changed