-
Notifications
You must be signed in to change notification settings - Fork 122
38 lines (38 loc) · 1.69 KB
/
dco.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
name: "Developer Certificate of Origin"
on: [pull_request]
jobs:
commits_check_job:
name: "Validate presence of DCO information"
runs-on: ubuntu-latest
steps:
- id: get-pr-commits
name: "Get PR Commits"
uses: tim-actions/get-pr-commits@master
with:
token: "${{ secrets.GITHUB_TOKEN }}"
- name: "DCO Check"
uses: tim-actions/dco@master
with:
commits: "${{ steps.get-pr-commits.outputs.commits }}"
run_if_failure:
runs-on: ubuntu-latest
if: ${{ always() && contains(join(needs.*.result, ','), 'failure') }}
needs: [commits_check_job]
name: Follow steps to sign Developer Certificate of Origin
steps:
- uses: mshick/add-pr-comment@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
message: |
Please signoff on all commits with your name, email and gpg key for the Developer's Certificate of Origin.
`git config --global user.name your_name`
`git config --global user.email you_email`
COMMAND : `git commit -s -S -m your_commit_message`
`-s` = `Signed-off-by`
`-S` = `Verify commit using gpg key`
If there is more than one commit in your pull request and your git client is modern enough (2.13+), rebase the required number of commits with --signoff:
`git rebase --signoff -S HEAD~<number_of_commits>`
Then, force push:
`git push -f origin <your_branch>`
For instructions on managing gpg signature verification please visit: https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits