commit 789decfc87c56fc559c6b0212f82217cbc905797
author Harrison Mutai <harrison.mutai@arm.com> Wed Jul 16 08:26:58 2025 +0000
committer Harrison Mutai <harrison.mutai@arm.com> Wed Jul 16 21:23:38 2025 +0100
tree 0e09b8f95a8c55cb3244a6ac6a816cf60578cbd2
parent 941a4f000185c20ebb192b549aa9b910a19d5edf

fix: make merge base fetching more robust

Several static check scripts rely on identifying the Git merge base via
get_merge_base, which may fail if the local Git history is too shallow.
This causes issues when checking patches on CI or LTS branches with
limited fetch depth.

To address this:

- Reuse a single evaluated merge_base instead of invoking get_merge_base
  multiple times.
- If merge_base is not found initially, attempt to fetch more history
  from the remote using the appropriate GERRIT_REFSPEC.
- Exit with an error if a merge base cannot be found even after
  fetching.

This improves reliability of static checks when working on partial
clones or CI environments where fetch depth is restricted.

Change-Id: Icccec0eb2f29d254e54bbd6b639f6c1ef11291a3
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>

script/static-checks/static-checks-banned-apis.sh

diff --git a/script/static-checks/static-checks-banned-apis.sh b/script/static-checks/static-checks-banned-apis.sh
index 4bab6a7..424bbcb 100755
--- a/script/static-checks/static-checks-banned-apis.sh
+++ b/script/static-checks/static-checks-banned-apis.sh
@@ -17,7 +17,7 @@
   echo "# Check for banned APIs in the patch"
   TEST_CASE="Banned API check on patch(es)"
   "$CI_ROOT/script/static-checks/check-banned-api.py" --tree "$1" \
-      --patch --from-ref $(get_merge_base) \
+      --patch --from-ref ${merge_base} \
       &> "$LOG_FILE"
 else
   echo "# Check for banned APIs in entire source tree"

script/static-checks/static-checks-check-copyright.sh

diff --git a/script/static-checks/static-checks-check-copyright.sh b/script/static-checks/static-checks-check-copyright.sh
index 9759b5f..522bbe8 100755
--- a/script/static-checks/static-checks-check-copyright.sh
+++ b/script/static-checks/static-checks-check-copyright.sh
@@ -19,7 +19,7 @@
 
 LOG_FILE=`mktemp -t common.XXXX`
 
-"$CI_ROOT"/script/static-checks/check-copyright.py --tree "$DIRECTORY" --patch --from-ref $(get_merge_base) &> "$LOG_FILE"
+"$CI_ROOT"/script/static-checks/check-copyright.py --tree "$DIRECTORY" --patch --from-ref ${merge_base} &> "$LOG_FILE"
 RES=$?
 
 if [ -s "$LOG_FILE" ]; then

script/static-checks/static-checks-coding-style-line-endings.sh

diff --git a/script/static-checks/static-checks-coding-style-line-endings.sh b/script/static-checks/static-checks-coding-style-line-endings.sh
index 9c0cda7..8dddace 100755
--- a/script/static-checks/static-checks-coding-style-line-endings.sh
+++ b/script/static-checks/static-checks-coding-style-line-endings.sh
@@ -20,7 +20,7 @@
 if [[ "$2" == "patch" ]]; then
     cd "$1"
     shopt -s globstar
-    parent=$(get_merge_base)
+    parent=${merge_base}
     git diff $parent..HEAD --no-ext-diff --unified=0 --exit-code -a \
       --no-prefix **/*.{S,c,h,i,dts,dtsi,rst,mk} Makefile | \
       awk '/^\+/ && /\r$/' &> "$LOG_FILE"

script/static-checks/static-checks-coding-style.sh

diff --git a/script/static-checks/static-checks-coding-style.sh b/script/static-checks/static-checks-coding-style.sh
index 4483b15..9ff51cf 100755
--- a/script/static-checks/static-checks-coding-style.sh
+++ b/script/static-checks/static-checks-coding-style.sh
@@ -24,7 +24,7 @@
 chmod +x $CI_ROOT/script/static-checks/checkpatch.pl
 
 CHECKPATCH=$CI_ROOT/script/static-checks/checkpatch.pl \
-  make checkpatch BASE_COMMIT=$(get_merge_base) &> "$LOG_FILE"
+  make checkpatch BASE_COMMIT=${merge_base} &> "$LOG_FILE"
 RES=$?
 
 if [[ "$RES" == 0 ]]; then

script/static-checks/static-checks-cpu-erratum-order.sh

diff --git a/script/static-checks/static-checks-cpu-erratum-order.sh b/script/static-checks/static-checks-cpu-erratum-order.sh
index 89b5fa0..8631c48 100755
--- a/script/static-checks/static-checks-cpu-erratum-order.sh
+++ b/script/static-checks/static-checks-cpu-erratum-order.sh
@@ -14,7 +14,7 @@
   TEST_CASE="Checking ascending order of CPU ERRATUM and CVE in the patch series"
   echo "# $TEST_CASE"
   "$CI_ROOT/script/static-checks/static-checks-cpu-erratum-order.py" --tree "$1" \
-      --patch --from-ref $(get_merge_base) &> "$LOG_FILE"
+      --patch --from-ref ${merge_base} &> "$LOG_FILE"
 else
   TEST_CASE="Checking ascending order of CPU ERRATUM and CVE in the entire source tree"
   echo "# $TEST_CASE"

script/static-checks/static-checks-detect-newly-added-files.sh

diff --git a/script/static-checks/static-checks-detect-newly-added-files.sh b/script/static-checks/static-checks-detect-newly-added-files.sh
index 5b85ce6..008a147 100755
--- a/script/static-checks/static-checks-detect-newly-added-files.sh
+++ b/script/static-checks/static-checks-detect-newly-added-files.sh
@@ -60,7 +60,7 @@
   echo "# Check to detect whether newly added files are analysed by Coverity in the patch"
   TEST_CASE="Newly added files detection check for Coverity Scan analysis on patch(es)"
 # Extracting newly added source files added between commits.
-  git diff $(get_merge_base)..HEAD --name-only --diff-filter=A "*.c" &> "$TFA_PATCH_NEWFILES_LIST"
+  git diff ${merge_base}..HEAD --name-only --diff-filter=A "*.c" &> "$TFA_PATCH_NEWFILES_LIST"
   if [ -s "$TFA_PATCH_NEWFILES_LIST" ]
   then
     file_updation_report

script/static-checks/static-checks-include-order.sh

diff --git a/script/static-checks/static-checks-include-order.sh b/script/static-checks/static-checks-include-order.sh
index 364929c..21fcb72 100755
--- a/script/static-checks/static-checks-include-order.sh
+++ b/script/static-checks/static-checks-include-order.sh
@@ -17,7 +17,7 @@
   TEST_CASE="Order of includes on the patch series"
   echo "# $TEST_CASE"
   "$CI_ROOT/script/static-checks/check-include-order.py" --tree "$1" \
-      --patch --from-ref $(get_merge_base) \
+      --patch --from-ref ${merge_base} \
       &> "$LOG_FILE"
 else
   echo "# Check order of includes of the entire source tree"

script/static-checks/static-checks.sh

diff --git a/script/static-checks/static-checks.sh b/script/static-checks/static-checks.sh
index fe2f7b0..c805e14 100755
--- a/script/static-checks/static-checks.sh
+++ b/script/static-checks/static-checks.sh
@@ -17,7 +17,31 @@
 
 . $CI_ROOT/script/static-checks/common.sh
 
-# Initialize log file
+merge_base=$(get_merge_base)
+if [[ -z "$merge_base" ]]; then
+    echo "Failed to find merge base, fetching entire change history"
+
+    # Set GERRIT_REFSPEC if not already defined
+    if [[ -z "$GERRIT_REFSPEC" ]]; then
+        if [[ "$TF_GERRIT_PROJECT" == *tf-a-tests ]]; then
+            GERRIT_REFSPEC="$TFTF_GERRIT_REFSPEC"
+        else
+            GERRIT_REFSPEC="$TF_GERRIT_REFSPEC"
+        fi
+    fi
+
+    git fetch --depth=100 origin "$GERRIT_REFSPEC"
+    git checkout FETCH_HEAD
+
+    merge_base=$(get_merge_base)
+
+    if [[ -z "$merge_base" ]]; then
+        echo "Failed to determine merge base after fetching. Exiting." >&2
+        exit 1
+    fi
+fi
+
+export merge_base
 
 export LOG_TEST_FILENAME=$(pwd)/static-checks.log
 
@@ -29,10 +53,11 @@
 echo >> "$LOG_TEST_FILENAME"
 
 echo "Patch series being checked:" >> "$LOG_TEST_FILENAME"
-git log --oneline $(get_merge_base)..HEAD >> "$LOG_TEST_FILENAME"
+git log --oneline ${merge_base}..HEAD >> "$LOG_TEST_FILENAME"
 echo >> "$LOG_TEST_FILENAME"
 echo "Base branch reference commit:" >> "$LOG_TEST_FILENAME"
-git log --oneline -1 $(get_merge_base) >> "$LOG_TEST_FILENAME"
+git log --oneline -1 ${merge_base} >> "$LOG_TEST_FILENAME"
+
 
 echo >> "$LOG_TEST_FILENAME"