From 1a20df17f2e3187b4b706b24dd954283d344f200 Mon Sep 17 00:00:00 2001 From: "C.Lee Taylor" <47312074+leet4tari@users.noreply.github.com> Date: Thu, 1 Aug 2024 08:45:28 +0200 Subject: [PATCH] ci(feature): check for signed commits (#6403) Description Workflow to check all commits are signed Motivation and Context Secure all git commits How Has This Been Tested? Tested in local fork with personal unsigned and signed commits What process can a PR reviewer use to test or verify this change? --- Breaking Changes --- - [x] None - [ ] Requires data directory on base node to be deleted - [ ] Requires hard fork - [ ] Other - Please specify --- .github/workflows/pr_signed_commits_check.yml | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 .github/workflows/pr_signed_commits_check.yml diff --git a/.github/workflows/pr_signed_commits_check.yml b/.github/workflows/pr_signed_commits_check.yml new file mode 100644 index 0000000000..cd72593e6e --- /dev/null +++ b/.github/workflows/pr_signed_commits_check.yml @@ -0,0 +1,24 @@ +--- +# Checks if the comments are signed or not +name: PR - Signed commits check + +'on': + pull_request_target + +concurrency: + # https://docs.github.com/en/actions/examples/using-concurrency-expressions-and-a-test-matrix + group: '${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}' + cancel-in-progress: ${{ !startsWith(github.ref, 'refs/tags/v') || github.ref != 'refs/heads/development' || github.ref != 'refs/heads/nextnet' || github.ref != 'refs/heads/stagenet' }} + +permissions: {} + +jobs: + check-signed-commits: + name: Check signed commits in PR + runs-on: ubuntu-latest + permissions: + contents: read + pull-requests: write + steps: + - name: Check signed commits in PR + uses: 1Password/check-signed-commits-action@v1