@@ -137,10 +137,82 @@ jobs:
137137
138138 console.log('Added trademark-addendum-signed label successfully');
139139
140- // Store the signature information for the next step
141- core.setOutput('pr_number', prNumber);
142- core.setOutput('pr_author', prAuthor);
143- core.setOutput('approved_by', prAuthor); // Self-signed agreement
140+ // IMMEDIATELY record the signature in the same step
141+ console.log('=== Recording signature immediately ===');
142+
143+ // Record signature using GitHub's REST API to create/update the file
144+ const currentDate = new Date().toISOString();
145+ const signaturesFilePath = 'contribute/trade-addendum-signatures.json';
146+
147+ // Get existing signatures file if it exists
148+ let existingContent = { signatures: [] };
149+ try {
150+ const { data: existingFile } = await github.rest.repos.getContent({
151+ owner: context.repo.owner,
152+ repo: context.repo.repo,
153+ path: signaturesFilePath
154+ });
155+
156+ const content = Buffer.from(existingFile.content, 'base64').toString('utf8');
157+ existingContent = JSON.parse(content);
158+ console.log('Found existing signatures file');
159+ } catch (error) {
160+ console.log('No existing signatures file found, creating new one');
161+ existingContent = { signatures: [] };
162+ }
163+
164+ // Check if signature already exists for this user and PR
165+ const existingSignature = existingContent.signatures.find(sig =>
166+ sig.username === prAuthor && sig.pr_number === parseInt(prNumber)
167+ );
168+
169+ if (!existingSignature) {
170+ // Add new signature
171+ const newSignature = {
172+ username: prAuthor,
173+ date: currentDate,
174+ pr_number: parseInt(prNumber),
175+ approved_by: prAuthor
176+ };
177+
178+ existingContent.signatures.push(newSignature);
179+ console.log(`Adding new signature for ${prAuthor}`);
180+
181+ // Create/update the file
182+ const updatedContent = JSON.stringify(existingContent, null, 2);
183+ const contentBase64 = Buffer.from(updatedContent).toString('base64');
184+
185+ try {
186+ // Try to update existing file
187+ const { data: existingFile } = await github.rest.repos.getContent({
188+ owner: context.repo.owner,
189+ repo: context.repo.repo,
190+ path: signaturesFilePath
191+ });
192+
193+ await github.rest.repos.createOrUpdateFileContents({
194+ owner: context.repo.owner,
195+ repo: context.repo.repo,
196+ path: signaturesFilePath,
197+ message: `Add trademark addendum signature for @${prAuthor} (PR #${prNumber})\n\nThis signature was recorded automatically by the CLA approval workflow.`,
198+ content: contentBase64,
199+ sha: existingFile.sha
200+ });
201+ } catch (error) {
202+ // File doesn't exist, create it
203+ await github.rest.repos.createOrUpdateFileContents({
204+ owner: context.repo.owner,
205+ repo: context.repo.repo,
206+ path: signaturesFilePath,
207+ message: `Add trademark addendum signature for @${prAuthor} (PR #${prNumber})\n\nThis signature was recorded automatically by the CLA approval workflow.`,
208+ content: contentBase64
209+ });
210+ }
211+
212+ console.log(`✅ Signature recorded successfully for ${prAuthor}`);
213+ } else {
214+ console.log(`ℹ️ Signature already exists for ${prAuthor} on PR #${prNumber}`);
215+ }
144216
145217 // Add confirmation comment
146218 const confirmationBody = [
@@ -162,168 +234,4 @@ jobs:
162234 body: confirmationBody
163235 });
164236
165- console.log(`✅ CLA agreement processed successfully for ${prAuthor} - proceeding to record signature`);
166-
167- name : Check out code
168- if : success() && steps.process-comment.outputs.pr_number != ''
169- uses : actions/checkout@v4
170- with :
171- fetch-depth : 0
172- token : ${{ steps.generate-token.outputs.token || secrets.GITHUB_TOKEN }}
173-
174- - name : Record CLA Signature
175- if : success() && steps.process-comment.outputs.pr_number != ''
176- run : |
177- set -e # Exit on any error
178-
179- echo "=== Recording CLA signature ==="
180- echo "Available outputs:"
181- echo " pr_number: '${{ steps.process-comment.outputs.pr_number }}'"
182- echo " pr_author: '${{ steps.process-comment.outputs.pr_author }}'"
183- echo " approved_by: '${{ steps.process-comment.outputs.approved_by }}'"
184-
185- # Extract signature details
186- USERNAME="${{ steps.process-comment.outputs.pr_author }}"
187- DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
188- PR_NUMBER="${{ steps.process-comment.outputs.pr_number }}"
189- APPROVED_BY="${{ steps.process-comment.outputs.approved_by }}"
190-
191- # Validate required fields
192- if [ -z "$USERNAME" ] || [ -z "$PR_NUMBER" ] || [ -z "$APPROVED_BY" ]; then
193- echo "ERROR: Missing required fields for signature recording"
194- echo " USERNAME: '$USERNAME'"
195- echo " PR_NUMBER: '$PR_NUMBER'"
196- echo " APPROVED_BY: '$APPROVED_BY'"
197- exit 1
198- fi
199-
200- echo "Recording CLA signature:"
201- echo " Username: $USERNAME"
202- echo " PR Number: $PR_NUMBER"
203- echo " Approved by: $APPROVED_BY"
204- echo " Date: $DATE"
205-
206- # Ensure contribute directory exists
207- mkdir -p contribute
208-
209- # Ensure signatures file exists and is valid JSON
210- SIGNATURES_FILE="contribute/trade-addendum-signatures.json"
211- if [ ! -f "$SIGNATURES_FILE" ]; then
212- echo '{"signatures": []}' > "$SIGNATURES_FILE"
213- echo "Created new $SIGNATURES_FILE file"
214- else
215- echo "$SIGNATURES_FILE already exists"
216- # Validate existing JSON
217- if ! jq empty "$SIGNATURES_FILE" 2>/dev/null; then
218- echo "WARNING: Existing $SIGNATURES_FILE is invalid JSON, recreating..."
219- cp "$SIGNATURES_FILE" "contribute/trade-addendum-signatures-backup-$(date +%s).json" || true
220- echo '{"signatures": []}' > "$SIGNATURES_FILE"
221- fi
222- fi
223-
224- # Check if this user already has a signature for this PR with error handling
225- EXISTING_SIGNATURE=""
226- if EXISTING_SIGNATURE=$(jq --arg user "$USERNAME" --arg pr "$PR_NUMBER" '.signatures[]? | select(.username == $user and .pr_number == ($pr | tonumber))' "$SIGNATURES_FILE" 2>/dev/null); then
227- echo "Successfully checked for existing signature"
228- else
229- echo "WARNING: Error checking for existing signature, assuming none exists"
230- EXISTING_SIGNATURE=""
231- fi
232-
233- if [ -z "$EXISTING_SIGNATURE" ]; then
234- # Add new signature entry with robust error handling
235- echo "Adding new signature entry..."
236- if jq --arg user "$USERNAME" \
237- --arg date "$DATE" \
238- --arg pr "$PR_NUMBER" \
239- --arg approved_by "$APPROVED_BY" \
240- '.signatures += [{
241- "username": $user,
242- "date": $date,
243- "pr_number": ($pr | tonumber),
244- "approved_by": $approved_by
245- }]' "$SIGNATURES_FILE" > tmp.json 2>/dev/null; then
246- mv tmp.json "$SIGNATURES_FILE"
247- echo "✅ New trademark addendum signature added successfully"
248- else
249- echo "ERROR: Failed to add signature with jq, using fallback method"
250- # Fallback: manually construct JSON entry
251- NEW_ENTRY="{\"username\": \"$USERNAME\", \"date\": \"$DATE\", \"pr_number\": $PR_NUMBER, \"approved_by\": \"$APPROVED_BY\"}"
252- if [ -s "$SIGNATURES_FILE" ]; then
253- # File has content, merge new entry
254- jq --argjson newEntry "$NEW_ENTRY" '.signatures += [$newEntry]' "$SIGNATURES_FILE" > tmp.json || {
255- echo "Fallback failed, creating new signatures file with entry"
256- echo "{\"signatures\": [$NEW_ENTRY]}" > "$SIGNATURES_FILE"
257- }
258- if [ -f tmp.json ]; then mv tmp.json "$SIGNATURES_FILE"; fi
259- else
260- echo "{\"signatures\": [$NEW_ENTRY]}" > "$SIGNATURES_FILE"
261- fi
262- echo "✅ Signature added using fallback method"
263- fi
264- else
265- echo "ℹ️ Signature already exists for this user and PR"
266- fi
267-
268- # Verify the signature was recorded
269- echo "=== Verifying signature was recorded ==="
270- if jq --arg user "$USERNAME" --arg pr "$PR_NUMBER" '.signatures[] | select(.username == $user and .pr_number == ($pr | tonumber))' "$SIGNATURES_FILE" >/dev/null 2>&1; then
271- echo "✅ VERIFICATION PASSED: Signature found in $SIGNATURES_FILE"
272- else
273- echo "❌ VERIFICATION FAILED: Signature NOT found in $SIGNATURES_FILE"
274- echo "Current signatures file content:"
275- cat "$SIGNATURES_FILE" || echo "Failed to read signatures file"
276- exit 1
277- fi
278-
279- # Commit the updated file with enhanced error handling
280- echo "=== Committing signature file ==="
281- git config user.name "github-actions[bot]"
282- git config user.email "github-actions[bot]@users.noreply.github.com"
283-
284- # Configure git to use the token for authentication
285- TOKEN="${{ steps.generate-token.outputs.token || secrets.GITHUB_TOKEN }}"
286- if [ -n "$TOKEN" ]; then
287- git remote set-url origin "https://x-access-token:${TOKEN}@github.com/${{ github.repository }}.git"
288- else
289- echo "WARNING: No authentication token available"
290- fi
291-
292- # Check if there are changes to commit
293- if git diff --quiet "$SIGNATURES_FILE"; then
294- echo "ℹ️ No changes to commit in $SIGNATURES_FILE"
295- else
296- git add "$SIGNATURES_FILE"
297- if git commit -m "Add trademark addendum signature for @$USERNAME (PR #$PR_NUMBER) by @$APPROVED_BY
298-
299- This signature was recorded automatically by the CLA approval workflow.
300-
301- Details:
302- - PR Number: #$PR_NUMBER
303- - PR Author: @$USERNAME
304- - Approved By: @$APPROVED_BY
305- - Date: $DATE
306- - Event: ${{ github.event_name }}"; then
307- echo "✅ Successfully committed signature file"
308-
309- # Attempt to push with retry logic
310- for i in {1..3}; do
311- if git push; then
312- echo "✅ Successfully pushed signature file (attempt $i)"
313- break
314- elif [ $i -eq 3 ]; then
315- echo "❌ Failed to push after 3 attempts"
316- echo "Signature was recorded locally but failed to push to remote"
317- exit 1
318- else
319- echo "⚠️ Push attempt $i failed, retrying in 5 seconds..."
320- sleep 5
321- fi
322- done
323- else
324- echo "❌ Failed to commit signature file"
325- exit 1
326- fi
327- fi
328-
329- echo "✅ CLA signature recorded successfully for ${prAuthor}"
237+ console.log(`✅ CLA agreement processed successfully for ${prAuthor}`);
0 commit comments