-
Notifications
You must be signed in to change notification settings - Fork 0
36 lines (28 loc) · 1.24 KB
/
pr-commit-signatures.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
name: "Commit signatures"
on:
pull_request:
jobs:
check:
runs-on: ubuntu-latest
steps:
- name: Fetch commits
run: curl -s "${{ github.event.pull_request._links.commits.href }}" > commits.json
- name: Filter unverified commits
run: jq '[.[].commit | select(.verification.verified == false)]' < commits.json > unverified-commits.json
- name: List unverified commits
run: jq '.[] | [{message, tree, author, committer, verification}]' < unverified-commits.json
- name: Result
run: |
COUNT="$(jq '. | length' < unverified-commits.json)"
if [[ "$COUNT" == "0" ]];
then
echo "✅ All commits are verified."
exit 0
fi
echo "❌ PR contains $COUNT unverified commit(s)!"
echo ""
echo "Please note that we require that all commits are signed."
echo "Please see the documentation about signed commits and how to sign yours on GitHub:"
echo "- https://docs.github.com/en/authentication/managing-commit-signature-verification/about-commit-signature-verification"
echo "- https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits"
exit 1