Skip to content

Commit

Permalink
feat: remediation commits (#171)
Browse files Browse the repository at this point in the history
  • Loading branch information
gr2m authored Jan 18, 2022
1 parent 2d79bc9 commit 1137575
Show file tree
Hide file tree
Showing 13 changed files with 12,878 additions and 8,874 deletions.
19 changes: 19 additions & 0 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
name: Release
"on":
push:
branches:
- master
jobs:
release:
name: release
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v2
with:
node-version: lts/*
cache: npm
- run: npm ci
- run: npx semantic-release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
19 changes: 19 additions & 0 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
name: Test
on:
push:
branches:
- master
pull_request:
types: [opened, synchronize]

jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v2
with:
node-version: "lts/*"
cache: npm
- run: npm ci
- run: npm test
31 changes: 29 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,7 +1,5 @@
# Probot: DCO

[![Greenkeeper badge](https://badges.greenkeeper.io/dcoapp/app.svg)](https://greenkeeper.io/)

a GitHub Integration built with [probot](https://github.com/probot/probot) that enforces the [Developer Certificate of Origin](https://developercertificate.org/) (DCO) on Pull Requests. It requires all commit messages to contain the `Signed-off-by` line with an email address that matches the commit author.

## Usage
Expand All @@ -10,6 +8,35 @@ a GitHub Integration built with [probot](https://github.com/probot/probot) that

See [docs/deploy.md](docs/deploy.md) if you would like to run your own instance of this plugin.

## Modes of operations

### Default

By default, Probot DCO enforces the presence of [valid DCO signoffs](#how-it-works) on all commits (excluding bots and merges). If a PRs contains commits that lack a valid Signed-off-by line, they are blocked until a correctly signed-off revision of the commit is pushed. This closely mirrors the upstream Linux kernel process.

### Individual remediation commit support

Optionally, a project can allow individual remediation commit support, where the failing commit's author can push an additional properly signed-off commit with additional text in the commit log that indicates they apply their signoff retroactively.

To enable this, place the following configuration file in `.github/dco.yml` on the default branch:

```yaml
allowRemediationCommits:
individual: true
```
### Third-party remediation support
Additionally, a project can allow third-parties to sign off on an author's behalf by pushing an additional properly signed-off commit with additional text in the commit log that indicates they sign off on behalf of the author. Third-party remediation requires individual remediation to be enabled.
To enable this, place the following configuration file in `.github/dco.yml` on the default branch:

```yaml
allowRemediationCommits:
individual: true
thirdParty: true
```

### Skipping sign-off for organization members

It is possible to disable the check for commits authored and [signed](https://help.github.com/articles/signing-commits-using-gpg/) by members of the organization the repository belongs to. To do this, place the following configuration file in `.github/dco.yml` on the default branch:
Expand Down
8 changes: 8 additions & 0 deletions api/github/webhooks/index.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
const { createNodeMiddleware, createProbot } = require('probot')

const app = require('../../../')

module.exports = createNodeMiddleware(app, {
probot: createProbot(),
webhooksPath: '/api/github/webhooks'
})

This comment has been minimized.

Copy link
@asphillih27

asphillih27 Jan 24, 2023

set inpection and troubleshoot

Loading

0 comments on commit 1137575

Please sign in to comment.