From 6097f0a3a1909536189cba90f42c0c68ef8593a5 Mon Sep 17 00:00:00 2001 From: Remi Gacogne Date: Fri, 30 May 2025 17:20:40 +0200 Subject: [PATCH] Require Developer Certificate of Origin in pull requests Signed-off-by: Remi Gacogne --- .github/workflows/dco.yml | 39 +++++++++++++++++++++++++++++++++++++++ CONTRIBUTING.md | 17 +++++++++++++++++ 2 files changed, 56 insertions(+) create mode 100644 .github/workflows/dco.yml diff --git a/.github/workflows/dco.yml b/.github/workflows/dco.yml new file mode 100644 index 000000000..caf4fba35 --- /dev/null +++ b/.github/workflows/dco.yml @@ -0,0 +1,39 @@ +name: Test Developer Certificate of Origin + +on: + pull_request: + +permissions: + contents: read + +jobs: + build: + name: Test Developer Certificate of Origin + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.sha }} + fetch-depth: 0 + persist-credentials: false + - name: Determine branch name + run: | + BRANCH="${GITHUB_BASE_REF#refs/heads/}" + echo "Checking DCO for every commit on branch ${BRANCH}" + echo "BRANCH=${BRANCH}" >> ${GITHUB_ENV} + - name: Test DCO for every commit + run: | + RET=0 + # this will not work properly if what we are testing is not a pull request + for commit in $(git rev-list HEAD ^origin/${BRANCH}); do + echo "=== Checking commit '${commit}'" + body="$(git show -s --format=%b ${commit})" + expected="$(git show -s --format='Signed-off-by: %aN <%aE>' ${commit})" + if echo "${body}" | grep -qF "${expected}"; then + echo "Signed-off-by matches author" + else + echo "Signed-off-by is missing or doesn't match author (should be '${expected}')" + RET=1 + fi + done + exit ${RET} diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 138f38b80..2bc3d04bc 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -72,6 +72,23 @@ plus various other directories with `regression-tests.*` names. * The rest of the commit body should be wrapped at 72 characters (see [this](https://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html) for more info) * If this commit fixes an issue, put "Closes #XXXX" in the message * Do not put whitespace fixes/cleanup and functionality changes in the same commit +* Include a valid Signed-Off line as a [Developer Certificate of Origin](https://en.wikipedia.org/wiki/Developer_Certificate_of_Origin) + +# Developer Certificate of Origin + +We require a "Signed-Off" on all commits contributed to the PowerDNS codebase, as a [Developer Certificate of Origin](https://en.wikipedia.org/wiki/Developer_Certificate_of_Origin) + +If you have properly configured `user.name` and `user.email` in your `Git` configuration, `Git` includes a `-s` command line option to append this line automatically to your commit message: + +```sh +git commit -s -m 'Commit message' +``` + +If you already committed your changes, you can do a `git rebase` to add a sign-off to existing commits. For example, if your branch is based on the `master` one: + +```sh +git rebase --signoff master +``` # Formatting and Coding Guidelines -- 2.47.3