From e36a54a8c040a395bd2e3baee06fb2924ed799f4 Mon Sep 17 00:00:00 2001 From: asangeethada <89409128+asangeethada@users.noreply.github.com> Date: Wed, 23 Apr 2025 13:39:05 -0400 Subject: [PATCH] Create cla.yml --- .github/workflows/cla.yml | 50 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 .github/workflows/cla.yml diff --git a/.github/workflows/cla.yml b/.github/workflows/cla.yml new file mode 100644 index 0000000000..ded4fd419b --- /dev/null +++ b/.github/workflows/cla.yml @@ -0,0 +1,50 @@ +name: "CLA Assistant" +on: + issue_comment: + types: [created] + pull_request_target: + types: [opened,closed,synchronize] + +# explicitly configure permissions, in case your GITHUB_TOKEN workflow permissions are set to read-only in repository settings +permissions: + actions: write + contents: write # this can be 'read' if the signatures are in remote repository + pull-requests: write + statuses: write + +jobs: + CLAAssistant: + runs-on: ubuntu-latest + steps: + - name: "CLA Assistant" + if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have hereby read the Digital Asset CLA and agree to its terms') || github.event_name == 'pull_request_target' + uses: digital-asset/cla-action@v0.0.2 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # the below token should have repo scope and must be manually added by you in the repository's secret + # This token is required only if you have configured to store the signatures in a remote repository/organization + PERSONAL_ACCESS_TOKEN: ${{ secrets.PAT_FG_CCI_VALIDATOR_CLA }} + with: + path-to-document: 'https://github.com/digital-asset/daml/blob/main/CODE_OF_CONDUCT.md' # e.g. a CLA or a DCO document + # branch should not be protected + branch: 'main' + allowlist: bot* + custom-notsigned-prcomment: '🎉 Thank you for your contribution! It appears you have not yet signed the Agreement [DA Contributor License Agreement (CLA)](https://gist.github.com/digitalasset-cla), which is required for your changes to be incorporated into an Open Source Software (OSS) project. Please kindly read the and reply on a new comment with the following text to agree:' + custom-pr-sign-comment: 'I have hereby read the Digital Asset CLA and agree to its terms' + custom-allsigned-prcomment: '✅ All required contributors have signed the CLA for this PR. Thank you!' + # Remote repository storing CLA signatures. + remote-organization-name: DACH-NY + remote-repository-name: cla-action-data + # Branch where CLA signatures are stored. + path-to-signatures: signatures/signatures.json + + # the followings are the optional inputs - If the optional inputs are not given, then default values will be taken + #remote-organization-name: enter the remote organization name where the signatures should be stored (Default is storing the signatures in the same repository) + #remote-repository-name: enter the remote repository name where the signatures should be stored (Default is storing the signatures in the same repository) + #create-file-commit-message: 'For example: Creating file for storing CLA Signatures' + #signed-commit-message: 'For example: $contributorName has signed the CLA in $owner/$repo#$pullRequestNo' + #custom-notsigned-prcomment: 'pull request comment with Introductory message to ask new contributors to sign' + #custom-pr-sign-comment: 'The signature to be committed in order to sign the CLA' + #custom-allsigned-prcomment: 'pull request comment when all contributors has signed, defaults to **CLA Assistant Lite bot** All Contributors have signed the CLA.' + #lock-pullrequest-aftermerge: false - if you don't want this bot to automatically lock the pull request after merging (default - true) + #use-dco-flag: true - If you are using DCO instead of CLA