From 3230a721a7dbc1e90bd6d02ef7ee5c07727ae63b Mon Sep 17 00:00:00 2001 From: Denny Septian Panggabean Date: Wed, 13 Sep 2023 16:13:47 +0700 Subject: [PATCH 1/6] gh: auto labeling unsigned PR --- .github/workflows/label-signing.yml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 .github/workflows/label-signing.yml diff --git a/.github/workflows/label-signing.yml b/.github/workflows/label-signing.yml new file mode 100644 index 000000000000..9b12e4c34793 --- /dev/null +++ b/.github/workflows/label-signing.yml @@ -0,0 +1,20 @@ +name: Check Signed PR +on: pull_request + +jobs: + build: + name: Check Signed Commit + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Check signed commits in PR + uses: 1Password/check-signed-commits-action@v1 + with: + comment: | + You must GPG-sign your work, certifying that you either wrote the work or otherwise have the right to pass it on to an open-source project. See Developer's Certificate of Origin. See [signing][1]. + + **Note that all your commits must be signed.** If you have an unsigned commit, you can sign the previous commits by referring to [gpg-signing-old-commits][2]. + [1]: https://github.com/codeigniter4/CodeIgniter4/blob/develop/contributing/pull_request.md#signing + [2]: https://github.com/codeigniter4/CodeIgniter4/blob/develop/contributing/workflow.md#gpg-signing-old-commits From 49852f0d93ab1f9bfa31843d2835e2c6dfe1eada Mon Sep 17 00:00:00 2001 From: Denny Septian Panggabean Date: Wed, 13 Sep 2023 16:20:47 +0700 Subject: [PATCH 2/6] add permission --- .github/workflows/label-signing.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/workflows/label-signing.yml b/.github/workflows/label-signing.yml index 9b12e4c34793..44d29cbcdcb9 100644 --- a/.github/workflows/label-signing.yml +++ b/.github/workflows/label-signing.yml @@ -1,6 +1,15 @@ name: Check Signed PR on: pull_request +concurrency: + group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +permissions: + contents: read + issues: write + pull-requests: write + jobs: build: name: Check Signed Commit From 5401c1a0961f2fee5f83af51045978ade0e8bf42 Mon Sep 17 00:00:00 2001 From: Denny Septian Panggabean Date: Wed, 13 Sep 2023 16:23:59 +0700 Subject: [PATCH 3/6] added specified branch --- .github/workflows/label-signing.yml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.github/workflows/label-signing.yml b/.github/workflows/label-signing.yml index 44d29cbcdcb9..dde8c1160fe3 100644 --- a/.github/workflows/label-signing.yml +++ b/.github/workflows/label-signing.yml @@ -1,5 +1,11 @@ name: Check Signed PR -on: pull_request +on: + pull_request: + branches: + - 'dev' + push: + branches: + - 'dev' concurrency: group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} From b3fb4391de9e959b3138f7709258cbfc7059d164 Mon Sep 17 00:00:00 2001 From: Denny Septian Panggabean Date: Wed, 13 Sep 2023 16:25:17 +0700 Subject: [PATCH 4/6] fix wrong branch --- .github/workflows/label-signing.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/.github/workflows/label-signing.yml b/.github/workflows/label-signing.yml index dde8c1160fe3..8bee779fb276 100644 --- a/.github/workflows/label-signing.yml +++ b/.github/workflows/label-signing.yml @@ -2,10 +2,8 @@ name: Check Signed PR on: pull_request: branches: - - 'dev' - push: - branches: - - 'dev' + - 'develop' + - '4.*' concurrency: group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} From 7eabbb5d7c96cca9cacd5bd6b8f1d02c737f8144 Mon Sep 17 00:00:00 2001 From: Denny Septian Panggabean <97607754+ddevsr@users.noreply.github.com> Date: Wed, 13 Sep 2023 19:35:17 +0700 Subject: [PATCH 5/6] Update .github/workflows/label-signing.yml Co-authored-by: MGatner --- .github/workflows/label-signing.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/label-signing.yml b/.github/workflows/label-signing.yml index 8bee779fb276..3061d341f40e 100644 --- a/.github/workflows/label-signing.yml +++ b/.github/workflows/label-signing.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Check signed commits in PR uses: 1Password/check-signed-commits-action@v1 From a5420240ffc054c139b40da0d9b0026d1fcc493f Mon Sep 17 00:00:00 2001 From: Denny Septian Panggabean <97607754+ddevsr@users.noreply.github.com> Date: Thu, 14 Sep 2023 10:11:11 +0700 Subject: [PATCH 6/6] remove permission issue --- .github/workflows/label-signing.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/label-signing.yml b/.github/workflows/label-signing.yml index 3061d341f40e..389ad8844411 100644 --- a/.github/workflows/label-signing.yml +++ b/.github/workflows/label-signing.yml @@ -11,7 +11,6 @@ concurrency: permissions: contents: read - issues: write pull-requests: write jobs: