diff --git a/.github/workflows/ValidatePullRequest.yml b/.github/workflows/ValidatePullRequest.yml index fcc9a3992..a5b6cb378 100644 --- a/.github/workflows/ValidatePullRequest.yml +++ b/.github/workflows/ValidatePullRequest.yml @@ -67,6 +67,14 @@ jobs: - name: Spell Check Repo uses: crate-ci/typos@v1.32.0 + license-headers: + name: check license headers + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Check License Headers + run: ./dev/check-license-headers.sh + # Gate PR merges on this specific "join-job" which requires all other # jobs to run first. We need this job since we cannot gate on particular jobs # in the workflow, since they can sometimes be skipped (e.g. if the PR only touches docs). @@ -77,6 +85,7 @@ jobs: - rust - fuzzing - spelling + - license-headers if: always() runs-on: ubuntu-latest steps: diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 05a167088..d6a9c586c 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -4,7 +4,7 @@ This project welcomes contributions. Most contributions require you to signoff o the Developer Certificate of Origin (DCO). When you submit a pull request, a DCO-bot will automatically determine whether you need to provide signoff for your commit. Please follow the instructions provided by DCO-bot, as pull requests cannot be merged until the author(s) have provided signoff to fulfill the DCO requirement. -You may find more information on the DCO requirements [below](#developer-certificate-of-origin-signing-your-work). +You may find more information on the DCO requirements [below](#developer-certificate-of-origin-and-gpg-signing). ## Issues @@ -31,7 +31,7 @@ All contributions come through pull requests. To submit a proposed change, we re - Code changes require tests - Make sure to run the linters to check and format the code 4. Update relevant documentation for the change -5. Commit with [DCO sign-off](#developer-certificate-of-origin-signing-your-work) and open a PR +5. Commit with [DCO sign-off](#developer-certificate-of-origin-and-gpg-signing) and open a PR 6. Wait for the CI process to finish and make sure all checks are green 7. A maintainer of the project will be assigned, and you can expect a review within a few days @@ -39,12 +39,20 @@ All contributions come through pull requests. To submit a proposed change, we re A good way to communicate before investing too much time is to create a "Work-in-progress" PR and share it with your reviewers. The standard way of doing this is to add a "[WIP]" prefix in your PR's title and open the pull request as a draft. -### Developer Certificate of Origin: Signing your work +### Developer Certificate of Origin and GPG Signing #### Every commit needs to be signed +This project requires two types of signatures on all commits: + +1. **Developer Certificate of Origin (DCO) Sign-off**: A text attestation that you have the right to submit the code +2. **GPG Signature**: A cryptographic signature verifying your identity + +**For DCO Sign-offs:** + The Developer Certificate of Origin (DCO) is a lightweight way for contributors to certify that they wrote or otherwise have the right to submit the code they are contributing to the project. Here is the full text of the [DCO](https://developercertificate.org/), reformatted for readability: -``` + +```text By making a contribution to this project, I certify that: (a) The contribution was created in whole or in part by me and I have the right to submit it under the open source license indicated in the file; or @@ -70,18 +78,41 @@ Git even has a `-s` command line option to append this automatically to your com git commit -s -m 'This is my commit message' ``` -Each Pull Request is checked whether or not commits in a Pull Request do contain a valid Signed-off-by line. +**For GPG Signatures:** + +GPG signatures verify the identity of the committer. For detailed setup instructions, see GitHub's documentation on [signing commits](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits). + +Quick setup: -#### I didn't sign my commit, now what?! +```sh +git config --global user.signingkey YOUR_KEY_ID +git config --global commit.gpgsign true +``` + +**For both DCO sign-off and GPG signature in one command:** + +```sh +git commit -S -s -m 'This is my signed and signed-off commit message' +``` + +For detailed instructions on setting up GPG signing, see [GitHub's documentation on signing commits](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits). + +Each Pull Request is checked to ensure all commits contain valid DCO sign-offs and GPG signatures. + +#### I didn't sign my commit, now what? No worries - You can easily replay your changes, sign them and force push them! +**For adding both DCO sign-off and GPG signature:** + ```sh git checkout -git commit --amend --no-edit --signoff +git commit --amend --no-edit -S -s git push --force-with-lease ``` +For more detailed instructions on setting up GPG signing, see [GitHub's documentation on signing commits](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits). + *Credit: This doc was cribbed from Dapr.* ### Rust Analyzer diff --git a/Justfile b/Justfile index f7e76c6df..eae0f1368 100644 --- a/Justfile +++ b/Justfile @@ -131,6 +131,9 @@ fmt-check: cargo +nightly fmt --manifest-path src/tests/rust_guests/dummyguest/Cargo.toml -- --check cargo +nightly fmt --manifest-path src/hyperlight_guest_capi/Cargo.toml -- --check +check-license-headers: + ./dev/check-license-headers.sh + fmt-apply: cargo +nightly fmt --all cargo +nightly fmt --manifest-path src/tests/rust_guests/callbackguest/Cargo.toml diff --git a/dev/check-license-headers.sh b/dev/check-license-headers.sh new file mode 100755 index 000000000..8fd7749dd --- /dev/null +++ b/dev/check-license-headers.sh @@ -0,0 +1,60 @@ +#!/bin/bash +# This script checks for the presence of the required license header in Rust source files. + +# Get the repository root +REPO_ROOT="$(git rev-parse --show-toplevel)" +cd "$REPO_ROOT" || exit 1 + +# Define the license header pattern to look for +LICENSE_PATTERN="Copyright .* The Hyperlight Authors..*Licensed under the Apache License, Version 2.0" + +# Define the full license header for files that need it +LICENSE_HEADER='/* +Copyright 2025 The Hyperlight Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +' + +# Initialize a variable to track missing headers +MISSING_HEADERS=0 +MISSING_FILES="" + +# Find all Rust files, excluding target directory +while IFS= read -r file; do + # Skip auto-generated files + if grep -q "@generated" "$file" || grep -q "Automatically generated" "$file"; then + continue + fi + + # Check if the file has the license header (allowing for multi-line matching) + if ! grep -q -z "$LICENSE_PATTERN" "$file"; then + echo "Missing or invalid license header in $file" + MISSING_FILES="$MISSING_FILES\n $file" + MISSING_HEADERS=$((MISSING_HEADERS + 1)) + fi +done < <(find src -name "*.rs" -type f) + +if [ $MISSING_HEADERS -gt 0 ]; then + echo "Found $MISSING_HEADERS files with missing or invalid license headers:" + echo -e "$MISSING_FILES" + echo "" + echo "Please add the following license header to these files:" + echo "$LICENSE_HEADER" + echo "You can also run: just check-license-headers to verify your changes." + exit 1 +else + echo "All Rust files have the required license header" + exit 0 +fi \ No newline at end of file diff --git a/src/hyperlight_common/src/outb.rs b/src/hyperlight_common/src/outb.rs index 36b944775..78afbc2ae 100644 --- a/src/hyperlight_common/src/outb.rs +++ b/src/hyperlight_common/src/outb.rs @@ -1,3 +1,19 @@ +/* +Copyright 2025 The Hyperlight Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + use core::convert::TryFrom; use anyhow::{anyhow, Error}; diff --git a/src/hyperlight_guest_bin/src/exceptions/idtr.rs b/src/hyperlight_guest_bin/src/exceptions/idtr.rs index 47ea727d1..76dc6441d 100644 --- a/src/hyperlight_guest_bin/src/exceptions/idtr.rs +++ b/src/hyperlight_guest_bin/src/exceptions/idtr.rs @@ -1,3 +1,20 @@ +/* +Copyright 2025 The Hyperlight Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +use core::mem::size_of; use core::ptr::addr_of; use crate::exceptions::idt::{init_idt, IdtEntry, IDT}; diff --git a/src/hyperlight_guest_capi/build.rs b/src/hyperlight_guest_capi/build.rs index 06e04bc0d..9d7b1ec21 100644 --- a/src/hyperlight_guest_capi/build.rs +++ b/src/hyperlight_guest_capi/build.rs @@ -1,3 +1,19 @@ +/* +Copyright 2025 The Hyperlight Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + use std::env; fn main() { diff --git a/src/hyperlight_guest_capi/src/dispatch.rs b/src/hyperlight_guest_capi/src/dispatch.rs index a292769d5..241db188a 100644 --- a/src/hyperlight_guest_capi/src/dispatch.rs +++ b/src/hyperlight_guest_capi/src/dispatch.rs @@ -1,3 +1,19 @@ +/* +Copyright 2025 The Hyperlight Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + use alloc::boxed::Box; use alloc::slice; use alloc::vec::Vec; diff --git a/src/hyperlight_guest_capi/src/error.rs b/src/hyperlight_guest_capi/src/error.rs index 49dde4b93..a6be2bf59 100644 --- a/src/hyperlight_guest_capi/src/error.rs +++ b/src/hyperlight_guest_capi/src/error.rs @@ -1,3 +1,19 @@ +/* +Copyright 2025 The Hyperlight Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + use core::ffi::c_char; use hyperlight_common::flatbuffer_wrappers::guest_error::ErrorCode; diff --git a/src/hyperlight_guest_capi/src/flatbuffer.rs b/src/hyperlight_guest_capi/src/flatbuffer.rs index a9717000d..14022e3b5 100644 --- a/src/hyperlight_guest_capi/src/flatbuffer.rs +++ b/src/hyperlight_guest_capi/src/flatbuffer.rs @@ -1,3 +1,19 @@ +/* +Copyright 2025 The Hyperlight Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + use alloc::boxed::Box; use core::ffi::{c_char, CStr}; diff --git a/src/hyperlight_guest_capi/src/lib.rs b/src/hyperlight_guest_capi/src/lib.rs index 88011211d..fcf9aa2c1 100644 --- a/src/hyperlight_guest_capi/src/lib.rs +++ b/src/hyperlight_guest_capi/src/lib.rs @@ -1,3 +1,19 @@ +/* +Copyright 2025 The Hyperlight Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + #![no_std] #![allow(non_snake_case, non_camel_case_types, non_upper_case_globals)] diff --git a/src/hyperlight_guest_capi/src/logging.rs b/src/hyperlight_guest_capi/src/logging.rs index 2846fa3fe..d25750f40 100644 --- a/src/hyperlight_guest_capi/src/logging.rs +++ b/src/hyperlight_guest_capi/src/logging.rs @@ -1,3 +1,19 @@ +/* +Copyright 2025 The Hyperlight Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + use core::ffi::c_char; #[unsafe(no_mangle)] diff --git a/src/hyperlight_guest_capi/src/types.rs b/src/hyperlight_guest_capi/src/types.rs index 64cb0b0eb..148a113f6 100644 --- a/src/hyperlight_guest_capi/src/types.rs +++ b/src/hyperlight_guest_capi/src/types.rs @@ -1,3 +1,19 @@ +/* +Copyright 2025 The Hyperlight Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + mod function_call; pub use function_call::*; diff --git a/src/hyperlight_guest_capi/src/types/function_call.rs b/src/hyperlight_guest_capi/src/types/function_call.rs index 391ebef82..5cabe3177 100644 --- a/src/hyperlight_guest_capi/src/types/function_call.rs +++ b/src/hyperlight_guest_capi/src/types/function_call.rs @@ -1,3 +1,19 @@ +/* +Copyright 2025 The Hyperlight Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + use alloc::boxed::Box; use alloc::ffi::CString; use alloc::slice; diff --git a/src/hyperlight_guest_capi/src/types/parameter.rs b/src/hyperlight_guest_capi/src/types/parameter.rs index 8a7d18a30..e65399298 100644 --- a/src/hyperlight_guest_capi/src/types/parameter.rs +++ b/src/hyperlight_guest_capi/src/types/parameter.rs @@ -1,3 +1,19 @@ +/* +Copyright 2025 The Hyperlight Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + use alloc::ffi::CString; use core::ffi::{c_char, CStr}; diff --git a/src/hyperlight_guest_capi/src/types/vec.rs b/src/hyperlight_guest_capi/src/types/vec.rs index ec7a8fd69..aff68cef4 100644 --- a/src/hyperlight_guest_capi/src/types/vec.rs +++ b/src/hyperlight_guest_capi/src/types/vec.rs @@ -1,3 +1,19 @@ +/* +Copyright 2025 The Hyperlight Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + use alloc::boxed::Box; use alloc::slice; use alloc::vec::Vec; diff --git a/src/hyperlight_host/src/func/utils.rs b/src/hyperlight_host/src/func/utils.rs index d34521e5d..de21f501b 100644 --- a/src/hyperlight_host/src/func/utils.rs +++ b/src/hyperlight_host/src/func/utils.rs @@ -1,3 +1,19 @@ +/* +Copyright 2024 The Hyperlight Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + /// An utility macro to execute a macro for each tuple of parameters /// up to 32 parameters. This is useful to implement traits on functions /// for may parameter tuples. diff --git a/src/hyperlight_host/src/hypervisor/crashdump.rs b/src/hyperlight_host/src/hypervisor/crashdump.rs index a70dc34c1..de3fe7253 100644 --- a/src/hyperlight_host/src/hypervisor/crashdump.rs +++ b/src/hyperlight_host/src/hypervisor/crashdump.rs @@ -1,3 +1,19 @@ +/* +Copyright 2024 The Hyperlight Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + use std::io::Write; use tempfile::NamedTempFile;