Add checker for signed off commits

Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
This commit is contained in:
Lukas Reschke 2016-09-21 23:55:18 +02:00 committed by Bjoern Schiessle
parent 232b315d63
commit f9a4bb94f6
No known key found for this signature in database
GPG Key ID: 2378A753E2BF04F6
2 changed files with 128 additions and 0 deletions

View File

@ -26,6 +26,13 @@ pipeline:
when: when:
matrix: matrix:
TESTS: app-check-code TESTS: app-check-code
signed-off-check:
image: nextcloudci/php7.0:php7.0-2
commands:
- php ./build/signed-off-checker.php
when:
matrix:
TESTS: signed-off-check
syntax-php5.6: syntax-php5.6:
image: nextcloudci/php5.6:php5.6-2 image: nextcloudci/php5.6:php5.6-2
commands: commands:
@ -153,6 +160,7 @@ pipeline:
matrix: matrix:
include: include:
- TESTS: signed-off-check
- TESTS: integration - TESTS: integration
- TESTS: jsunit - TESTS: jsunit
- TESTS: check-autoloader - TESTS: check-autoloader

View File

@ -0,0 +1,120 @@
<?php
/**
* @copyright Copyright (c) 2016 Lukas Reschke <lukas@statuscode.ch>
*
* @author Lukas Reschke <lukas@statuscode.ch>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
/**
* Script to verify that all commits have been signed-off, if a commit doesn't end
* with a signed-off message the script is failing.
*/
$baseDir = __DIR__ . '/../';
$pullRequestNumber = getenv('DRONE_PULL_REQUEST');
if(!is_string($pullRequestNumber) || $pullRequestNumber === '') {
echo("The environment variable DRONE_PULL_REQUEST has no proper value.\n");
exit(1);
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_URL, 'https://api.github.com/repos/nextcloud/server/pulls/'.$pullRequestNumber.'/commits');
curl_setopt($ch, CURLOPT_USERAGENT, 'CI for Nextcloud (https://github.com/nextcloud/server)');
$response = curl_exec($ch);
curl_close($ch);
shell_exec(
sprintf(
'cd %s && git fetch',
escapeshellarg($baseDir),
escapeshellarg($pullRequestNumber)
)
);
$decodedResponse = json_decode($response, true);
if(!is_array($decodedResponse) || count($decodedResponse) === 0) {
echo("Could not decode JSON response from GitHub API.\n");
exit(1);
}
// Get all commits SHAs
$commits = [];
foreach($decodedResponse as $commit) {
if(!isset($commit['sha'])) {
echo("No SHA specified in $commit\n");
exit(1);
}
$commits[] = $commit['sha'];
}
if(count($commits) < 1) {
echo("Could not read commits.\n");
exit(1);
}
$notSignedCommits = [];
foreach($commits as $commit) {
if($commit === '') {
continue;
}
$signOffMessage = false;
$commitMessageLines =
explode(
"\n",
shell_exec(
sprintf(
'cd %s && git rev-list --format=%%B --max-count=1 %s',
$baseDir,
$commit
)
)
);
foreach($commitMessageLines as $line) {
if(preg_match('/^Signed-off-by: .* <.*@.*>$/', $line)) {
echo "$commit is signed-off with \"$line\"\n";
$signOffMessage = true;
continue;
}
}
if($signOffMessage === true) {
continue;
}
$notSignedCommits[] = $commit;
}
if($notSignedCommits !== []) {
echo("\n");
echo("Some commits were not signed off!\n");
echo("Missing signatures on:\n");
foreach ($notSignedCommits as $commit) {
echo("- " . $commit . "\n");
}
echo("Build has failed\n");
exit(1);
} else {
exit(0);
}