dandri/Draupnir
1
0
Fork 0
mirror of https://github.com/the-draupnir-project/Draupnir.git synced 2026-05-25 09:54:00 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
aa1879e1c19ca11dfdeecf1b5f642909236aaf3f
Draupnir/.github/workflows/sign-off.yml
T
Catalan Lover 5c8f6a30a1
Docker Hub - Develop / docker-latest (push) Failing after 1m0s
Details
GHCR - Development Branches / ghcr-publish (push) Failing after 28s
Details
Tests / Build & Lint (push) Failing after 3m43s
Details
Tests / Unit tests (push) Successful in 3m4s
Details
Tests / Integration tests (push) Failing after 15s
Details
Tests / Application Service Integration tests (push) Failing after 12s
Details
Pin our CI to Sha Digests instead of moving version tags and add Renovate maintenance for this. (#1134) 
* Move all workflows to digest pinned versioning.

* Infrastructure Upgrades for Automatic Reonvate CI PRs

* Add minimum release age at 7 days for renovate CI updates
2026-05-17 12:07:19 +02:00

61 lines
2.5 KiB
YAML
Raw Blame History

# Copyright 2024 Catalan Lover <catalanlover@protonmail.com>
# Copyright 2022 - 2024 The Matrix.org Foundation C.I.C.
#
# SPDX-License-Identifier: Apache-2.0
#
# SPDX-FileAttributionText: <text>
# This modified file incorporates work from matrix-org/backend-meta
# https://github.com/matrix-org/backend-meta
# </text>
name: Contribution requirements
on:
pull_request:
types: [opened, edited, synchronize]
workflow_call:
jobs:
signoff:
runs-on: ubuntu-latest
steps:
- name: Check PR for sign-off text
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3
with:
script: |
// We don't require owners or members of the org to sign off.
const authorAssociation = context.payload.pull_request.author_association;
if (['OWNER', 'MEMBER'].includes(authorAssociation) ||
// GitHub sometimes mislables users as 'CONTRIBUTOR'/'COLLABORATOR',
// so check that the user created the PR on the base project to check they have write access.
context.payload.pull_request.head.user.login === context.repo.owner) {
core.notice('Pull request does not require sign-off.');
return;
}
// This regex is intentionally left lenient.
const signOffRegex = /signed[_\- ]off[_\- ]by: [\S ]+ <?.+(@|at).+>?/i;
if (signOffRegex.test(context.payload.pull_request.body ?? "")) {
core.notice('Pull request body contains a sign-off notice');
return;
}
const commits = await github.rest.pulls.listCommits({
pull_number: context.payload.pull_request.number,
owner: context.repo.owner,
repo: context.repo.repo,
// It's *possible* the author has buried the sign-off 101 commits down, but
// we don't want to max out the API searching for it.
per_page: 100,
});
const commit = commits.data.find(c => signOffRegex.test(c.commit.message));
if (commit) {
core.notice(`Commit '${commit.id}' contains a sign-off notice`);
return;
}
core.setFailed('No sign off found. Please ensure you have signed off following the advice in https://the-draupnir-project.github.io/draupnir-documentation/contributing#sign-off .')
core.notice('Ensure you have matched the format `Signed-off-by: Your Name <your@email.example.org>`')
Reference in New Issue View Git Blame Copy Permalink