Skip to content

ci: sync workflows from central-workflows #134

ci: sync workflows from central-workflows

ci: sync workflows from central-workflows #134

Workflow file for this run

# SPDX-License-Identifier: Apache-2.0
# This GitHub Actions workflow checks that all commits in a pull request (PR) have a "Signed-off-by" line to ensure Developer Certificate of Origin (DCO) compliance.
name: DCO
# Trigger the workflow on pull request events
on: [pull_request]
jobs:
dco:
# Define the runner environment
runs-on: ubuntu-latest
steps:
# Step to check out the repository
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Fetch all history for all branches to ensure complete commit history is available
# Step to check each commit in the pull request for a Signed-off-by line
- name: Check for DCO Sign-off
run: |
# Get the base branch and head branch of the pull request
base_branch=${{ github.event.pull_request.base.ref }}
head_branch=${{ github.event.pull_request.head.ref }}
# Get the list of commit hashes between the head branch and base branch
commits=$(git log --pretty=format:%H origin/${head_branch}..origin/${base_branch})
non_compliant_commits=""
# Loop through each commit and check for the Signed-off-by line
for commit in $commits; do
# Check if the commit message contains the Signed-off-by line
if ! git show --quiet --format=%B $commit | grep -q "^Signed-off-by: "; then
# If not, add the commit hash to the list of non-compliant commits
non_compliant_commits="$non_compliant_commits $commit"
fi
done
# If there are any non-compliant commits, output their hashes and fail the job
if [ -n "$non_compliant_commits" ]; then
echo "The following commits do not have a Signed-off-by line:"
for commit in $non_compliant_commits; do
echo "- $commit"
done
exit 1
fi
shell: bash