Skip to content
DCO

fixing github and gitmesh sync #80

Sign in to view logs

fixing github and gitmesh sync

fixing github and gitmesh sync #80

Workflow file for this run

.github/workflows/dco.yml at 0b7a44e
name: DCO
on:
pull_request:
branches:
- main
push:
branches:
- main
jobs:
dco:
name: Developer Certificate of Origin
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 100
- name: DCO Check
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
# Check if all commits have DCO sign-off
# Format: "Signed-off-by: Name <email>"
# Cutoff date: DCO requirement started on 2025-12-20
# Commits before this date are exempt
DCO_CUTOFF_DATE="2025-12-20T00:00:00Z"
# Get commits to check based on event type
if [ "${{ github.event_name }}" = "pull_request" ]; then
# For PRs, check commits in the PR
BASE_SHA="${{ github.event.pull_request.base.sha }}"
HEAD_SHA="${{ github.event.pull_request.head.sha }}"
COMMITS=$(git rev-list $BASE_SHA..$HEAD_SHA)
else
# For push events to main, check the pushed commits
if [ "${{ github.event.before }}" = "0000000000000000000000000000000000000000" ]; then
# New branch, check last commit only
COMMITS="${{ github.sha }}"
else
COMMITS=$(git rev-list ${{ github.event.before }}..${{ github.sha }})
fi
fi
if [ -z "$COMMITS" ]; then
echo "No commits to check"
exit 0
fi
echo "Checking DCO sign-off for commits..."
FAILED_COUNT=0
TOTAL=0
EXEMPT=0
for commit in $COMMITS; do
TOTAL=$((TOTAL + 1))
MESSAGE=$(git log -1 --format=%B $commit)
AUTHOR=$(git log -1 --format="%ae" $commit)
COMMIT_DATE=$(git log -1 --format=%aI $commit)
SUBJECT=$(git log -1 --format=%s $commit)
# Check if this is a merge commit by checking parent count or commit message
PARENT_COUNT=$(git cat-file -p $commit 2>/dev/null | grep -c "^parent " || echo "0")
if [ "$PARENT_COUNT" -gt 1 ]; then
echo "✅ Commit $commit is a merge commit (auto-pass)"
continue
fi
# Also check if commit subject starts with "Merge" (GitHub merge commits)
if [[ "$SUBJECT" =~ ^Merge ]]; then
echo "✅ Commit $commit is a merge commit by subject line (auto-pass)"
continue
fi
# Always pass DCO check for github-actions bot and copilot bot commits
# These use 'git commit -s' which properly signs commits
if [[ "$AUTHOR" == "41898282+github-actions[bot]@users.noreply.github.com" ]] || \
[[ "$AUTHOR" == *"github-actions"* ]] || \
[[ "$AUTHOR" == "198982749+Copilot@users.noreply.github.com" ]] || \
[[ "$AUTHOR" == "copilot@github.com" ]]; then
echo "✅ Commit $commit from automation bot (auto-pass)"
continue
fi
# Exempt commits created before DCO requirement
if [[ "$COMMIT_DATE" < "$DCO_CUTOFF_DATE" ]]; then
echo "✅ Commit $commit (exempt - predates DCO requirement)"
EXEMPT=$((EXEMPT + 1))
continue
fi
# Check for DCO sign-off in commit message
# Improved regex pattern to validate proper email format
if echo "$MESSAGE" | grep -qE "^Signed-off-by: .+ <[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}>"; then
echo "✅ Commit $commit has DCO sign-off"
else
echo "❌ Commit $commit is missing DCO sign-off"
echo " Author: $AUTHOR"
echo " Date: $COMMIT_DATE"
echo " Commit message:"
echo "$MESSAGE" | head -5
echo ""
FAILED_COUNT=$((FAILED_COUNT + 1))
fi
done
if [ $FAILED_COUNT -gt 0 ]; then
echo ""
echo "ERROR: Some commits are missing DCO sign-off."
echo "Please add 'Signed-off-by: Your Name <your.email@example.com>' to your commit messages."
echo "You can amend your last commit with: git commit --amend -s"
echo ""
echo "Summary: $FAILED_COUNT failed, $EXEMPT exempt, out of $TOTAL commits checked"
exit 1
fi
echo ""
if [ $EXEMPT -gt 0 ]; then
echo "✅ All $TOTAL commit(s) passed ($EXEMPT exempt, predating DCO requirement)"
else
echo "✅ All $TOTAL commit(s) have proper DCO sign-off or are from trusted bots"
fi