Add action guaranteeing DCO signoff

Does not allow for manual override like DCO check, but does not have the niceness of the DCO instructions. So keep both. Signed-off-by: Samuel E. Browne <[email protected]>
trilinos · Sep 26, 2024 · 4b6374a · 4b6374a
1 parent 6b7a2ce
commit 4b6374a
Show file tree

Hide file tree

Showing 2 changed files with 41 additions and 0 deletions.
diff --git a/.github/workflows/per-commit.yml b/.github/workflows/per-commit.yml
@@ -0,0 +1,23 @@
+name: Per-Commit Checks
+
+on:
+  pull_request:
+
+permissions:
+  contents: read
+
+jobs:
+  All commits signed off:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Check out code
+      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+      with:
+        fetch-depth: 0
+
+    - name: Search for signoff statements in commit messages
+      run: |
+        $GITHUB_WORKSPACE/commonTools/test/utilities/check-commit-signoffs.sh \
+        origin/${{ github.event.pull_request.base.ref }} \
+        ${{ github.event.pull_request.head.sha }}
diff --git a/commonTools/test/utilities/check-commit-signoffs.sh b/commonTools/test/utilities/check-commit-signoffs.sh
@@ -0,0 +1,18 @@
+#!/bin/bash    
+
+set -o nounset
+set -o errexit
+set -o pipefail
+
+target_branch=${1}
+source_branch=${2}
+
+estat=0
+for commit in $(git log --format=%H ${source_branch} --not ${target_branch})
+do
+    echo "Processing commit ${commit}"
+    git diff -U0 --ignore-all-space ${commit}~1 ${commit} | grep "Signed-off-by:\s+\S+.*<\S+@\S+\.\S+>" \
+    || { echo -e "Commit ${commit} does not contain the required DCO (https://developercertificate.org) sign-off!\nThe "DCO" check for this PR should have failed, and manual override is not permitted.\n" ; estat=1 ; }
+done
+
+exit ${estat}