Merge pull request #35 from OctagonalStar/dev #58
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Check Sign-off | |
| on: | |
| pull_request: | |
| types: [opened, synchronize, reopened] | |
| push: | |
| branches: [ main ] | |
| jobs: | |
| check-signoff: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Check for Sign-off | |
| run: | | |
| check_commit() { | |
| local commit_hash=$1 | |
| local commit_msg=$(git show -s --format=%B "$commit_hash") | |
| local commit_title=$(git show -s --format=%s "$commit_hash") | |
| # 跳过各种自动生成的提交 | |
| case "$commit_title" in | |
| # GitHub 合并提交 | |
| "Merge pull request"*) | |
| echo "跳过 GitHub PR 合并提交: $commit_hash - $commit_title" | |
| return 0 | |
| ;; | |
| # Git 合并提交 | |
| "Merge branch"*|"Merge remote-tracking"*|"Merge tag"*) | |
| echo "跳过 Git 合并提交: $commit_hash - $commit_title" | |
| return 0 | |
| ;; | |
| # Revert 提交 | |
| "Revert"*|"This reverts commit"*) | |
| echo "跳过还原提交: $commit_hash - $commit_title" | |
| return 0 | |
| ;; | |
| # 自动版本发布提交 | |
| "chore(release):"*|"release:"*|"Version"*|"Bump version"*) | |
| echo "跳过版本发布提交: $commit_hash - $commit_title" | |
| return 0 | |
| ;; | |
| # 依赖更新提交 (Dependabot, Renovate等) | |
| "chore(deps):"*|"build(deps):"*|"Update dependency"*|"Bump"*) | |
| echo "跳过依赖更新提交: $commit_hash - $commit_title" | |
| return 0 | |
| ;; | |
| # 自动化工具提交 | |
| "chore: auto-update"*|"ci:"*|"Automated"*) | |
| echo "跳过自动化工具提交: $commit_hash - $commit_title" | |
| return 0 | |
| ;; | |
| esac | |
| # 检查提交信息中是否包含跳过标记 | |
| if echo "$commit_msg" | grep -q -E "\[skip ci\]|\[ci skip\]|\[no signoff\]"; then | |
| echo "跳过标记了 [skip ci] 的提交: $commit_hash" | |
| return 0 | |
| fi | |
| # 检查合并提交 (通过父提交数量判断) | |
| local parent_count=$(git show --no-patch --format="%P" "$commit_hash" | wc -w) | |
| if [ "$parent_count" -gt 1 ]; then | |
| echo "跳过合并提交(多父提交): $commit_hash - $commit_title" | |
| return 0 | |
| fi | |
| # 检查空提交 (没有文件变更) | |
| if git show --format= --name-only "$commit_hash" | grep -q .; then | |
| # 有文件变更,检查 Sign-off | |
| if ! echo "$commit_msg" | grep -q "Signed-off-by:"; then | |
| echo "提交 $commit_hash 缺少 Signed-off-by 签署。" | |
| echo "提交标题: $commit_title" | |
| echo "请使用 'git commit -s' 添加签署,或手动在提交信息中包含 'Signed-off-by: Your Name <[email protected]>'。" | |
| return 1 | |
| fi | |
| else | |
| echo "跳过空提交: $commit_hash - $commit_title" | |
| return 0 | |
| fi | |
| } | |
| if [ "${{ github.event_name }}" = "push" ]; then | |
| if [ "${{ github.event.before }}" = "0000000000000000000000000000000000000000" ]; then | |
| COMMITS_TO_CHECK=$(git log --oneline --format=%H ${{ github.event.after }}) | |
| else | |
| COMMITS_TO_CHECK=$(git log --oneline --format=%H ${{ github.event.before }}..${{ github.event.after }}) | |
| fi | |
| else | |
| COMMITS_TO_CHECK=$(git log --oneline --format=%H ${{ github.event.pull_request.base.sha }}..${{ github.event.pull_request.head.sha }}) | |
| fi | |
| if [ -z "$COMMITS_TO_CHECK" ]; then | |
| echo "没有需要检查的提交" | |
| exit 0 | |
| fi | |
| echo "需要检查的提交:" | |
| echo "$COMMITS_TO_CHECK" | |
| HAS_ERROR=0 | |
| for commit in $COMMITS_TO_CHECK; do | |
| if ! check_commit "$commit"; then | |
| HAS_ERROR=1 | |
| fi | |
| done | |
| if [ $HAS_ERROR -eq 1 ]; then | |
| echo "::error::部分提交缺少开发者签署认证(DCO)。" | |
| exit 1 | |
| else | |
| echo "所有提交均已签署或已跳过。" | |
| fi |