Closed martindekov closed 4 years ago
@martindekov I was chatting with Packet here https://github.com/tinkerbell/tink/issues/202 and recently accidentally merged two PRs that had a missing DCO.
Do you think this approach still makes sense, are there any unresolved issues, or if merged, would this give us the result we want?
Well the logic is pretty straight forward, not sure why I've put WIP
in the title this was some time ago 😄 I will re-base, test e2e and ping you for merge 👍
All pull requests: https://github.com/martindekov/push2/pulls reflect the testing on the feature
Feel free to double check and merge :+1:
The term "Unsigned" may be problematic and confusing vs. GPG signing. Could you suggest some alternatives?
Can the check's long text link to the contributing guide and to the Commits Page for the PR?
@martindekov please could you test what happens if a repo has DCO turned off in their repo settings?
For:
@martindekov please could you test what happens if a repo has DCO turned off in their repo settings?
Already tested and the check is turned off if the dco feature is turned off or not mentioned. For the Unsigned
term for failed it can be:
One or more of your commits are unsigned
-> All your commits need to be signed for the [Developer Certificate of Origin](https://en.wikipedia.org/wiki/Developer_Certificate_of_Origin)
We already have a URL for the CONTRIBUTING guide, so let's try this?
One or more of the commits in this Pull Request are not signed-off.
@martindekov could you update the message please? I'll get this released and we'll be able to start using it live.
Yep will update it today and ping you :+1:
@alexellis Now One or more of your commits are unsigned
-> One or more of the commits in this Pull Request are not signed-off.
as per your suggestion. Feel free to merge :+1:
Once merged and released, this didn't actually work.
derek-0100.1.d9wi3eb6z7md@derek.openfaas.com | 2020/07/23 13:31:24 Version: 0.18.10 SHA: 80b6976c106370a7081b2f8e9099a6ea9638e1f3
derek-0100.1.d9wi3eb6z7md@derek.openfaas.com | 2020/07/23 13:31:24 Timeouts: read: 15s, write: 15s hard: 0s.
derek-0100.1.d9wi3eb6z7md@derek.openfaas.com | 2020/07/23 13:31:24 Listening on port: 8080
derek-0100.1.d9wi3eb6z7md@derek.openfaas.com | 2020/07/23 13:31:24 Writing lock-file to: /tmp/.lock
derek-0100.1.d9wi3eb6z7md@derek.openfaas.com | 2020/07/23 13:31:24 Metrics listening on port: 8081
derek-0100.1.d9wi3eb6z7md@derek.openfaas.com | 2020/07/23 13:32:13 Forking fprocess.
derek-0100.1.d9wi3eb6z7md@derek.openfaas.com | 2020/07/23 13:32:13 Query
derek-0100.1.d9wi3eb6z7md@derek.openfaas.com | 2020/07/23 13:32:13 Path /
derek-0100.1.d9wi3eb6z7md@derek.openfaas.com | 2020/07/23 13:32:14 stderr: time="2020-07-23T13:32:14Z" level=fatal msg="Error while creating successful DCO check: Error while creating successful DCO check: POST https://api.github.com/repos/openfaas/org-tester/check-runs: 403 Resource not accessible by integration []"
derek-0100.1.d9wi3eb6z7md@derek.openfaas.com | 2020/07/23 13:32:14 Success=false, Error=exit status 1
derek-0100.1.d9wi3eb6z7md@derek.openfaas.com | 2020/07/23 13:32:14 Out=
Seems like we need to update the docs and permissions for Derek to add checks to his access.
Interesting ... let me check the permissions on my bot
Also strange, was that the label for no-dco wasn't added, which it should have been, I think?
The logic of dco check is above the logic of the dco label. So I suppose when we log.Fatal
on error the process exits with 1 before dco label is applied. That's why label is not present.
Think I found a bug here
It's not even adding labels anymore, the behaviour is missing commits without sign-off
I'm now seeing:
derek-0100.1.d9wi3eb6z7md@derek.openfaas.com | 2020/07/23 13:40:53 Out=
derek-0100.1.d9wi3eb6z7md@derek.openfaas.com | 2020/07/23 13:40:53 Forking fprocess.
derek-0100.1.d9wi3eb6z7md@derek.openfaas.com | 2020/07/23 13:40:53 Query
derek-0100.1.d9wi3eb6z7md@derek.openfaas.com | 2020/07/23 13:40:53 Path /
derek-0100.1.d9wi3eb6z7md@derek.openfaas.com | 2020/07/23 13:40:55 stderr: time="2020-07-23T13:40:55Z" level=fatal msg="Error getting commits for PR 30\nGET https://api.github.com/repos/openfaas/org-tester/pulls/30/commits: 401 Bad credentials []"
derek-0100.1.d9wi3eb6z7md@derek.openfaas.com | 2020/07/23 13:40:55 Success=false, Error=exit status 1
What other permissions are required?
I suppose Checks read and write. Not sure if by default the app has those as before Derek did not use check I think.
It has those now for the OpenFaaS org, the PR I linked to above shows a bug, could you try to repro locally?
Yeah will do now 👍
Thanks, I'll set Derek back to 0.9.13 for users in the meantime
Interesting:
https://github.com/martindekov/push2/pull/41
Labels and dco check is applied/removed when it should. Could this be a configuration problem?
and
Adding check which determines whether or not there are existing commits which are unsigned. The check is determined by the no-dco label.
Signed-off-by: Martin Dekov (VMware) mdekov@vmware.com
Adding succesful/failure check when unsigned commits are present in the PR
Description
Adding check which is successful by default and when
no-dco
label is applied the check fails, when the commits are signed the check is again successfulI think the
allow merge if all checks pass
would be turned on in the GitHub UI. I have red something about required status checks or somethingMotivation and Context
Fixes #95
Also suggestions on the text, the content of the titles body etc. Would be appreciated!
How Has This Been Tested?
Tested in repository here
Verbose diagram:
Types of changes
Checklist:
git commit -s