diff --git a/.github/workflows/check_cla.yml b/.github/workflows/check_cla.yml deleted file mode 100644 index d6cb0c8..0000000 --- a/.github/workflows/check_cla.yml +++ /dev/null @@ -1,93 +0,0 @@ -# Workflow to check if a user is eligible to contribute or needs to sign the CLA - -name: CLA Check Reusable Workflow - -on: - workflow_call: - -jobs: - check-membership: - uses: dfinity/public-workflows/.github/workflows/check_membership.yml@main - secrets: inherit - - check-external-contributions: - name: Check External Contributions - runs-on: ubuntu-latest - needs: check-membership - if: ${{ needs.check-membership.outputs.is_member != 'true' && needs.check-membership.result == 'success' }} - steps: - - name: Create GitHub App Token - uses: actions/create-github-app-token@v1 - id: app-token - with: - app-id: ${{ vars.CLA_BOT_APP_ID }} - private-key: ${{ secrets.CLA_BOT_PRIVATE_KEY }} - - - name: Checkout - uses: actions/checkout@v4 - with: - repository: 'dfinity/public-workflows' - - - name: Python Setup - uses: ./.github/workflows/python-setup - - - name: Check if accepting external contributions - id: accepts_external_contrib - run: | - export PYTHONPATH="$PWD/reusable_workflows/" - python reusable_workflows/check_membership/check_external_contrib.py - shell: bash - env: - GH_TOKEN: ${{ github.token }} - REPO: ${{ github.event.repository.name }} - - - name: Checkout - uses: actions/checkout@v4 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - - - name: Close Pull Request - id: close_pr - if: ${{ steps.accepts_external_contrib.outputs.accepts_contrib != 'true' }} - uses: superbrothers/close-pull-request@v3 - with: - comment: | - Thank you for contributing! Unfortunately this repository does not accept external contributions yet. - - We are working on enabling this by aligning our internal processes and our CI setup to handle external contributions. However this will take some time to set up so in the meantime we unfortunately have to close this Pull Request. - - We hope you understand and will come back once we accept external PRs. - - — The DFINITY Foundation""" - - - name: Add Label - uses: actions/github-script@v6 - if: ${{ steps.accepts_external_contrib.outputs.accepts_contrib != 'false' }} - with: - script: | - github.rest.issues.addLabels({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - labels: ["external-contributor"] - }) - - - name: Checkout - uses: actions/checkout@v4 - if: ${{ steps.accepts_external_contrib.outputs.accepts_contrib != 'false' }} - with: - repository: 'dfinity/public-workflows' - - - name: Check CLA - id: check-cla - run: | - export PYTHONPATH="$PWD/reusable_workflows/" - python reusable_workflows/check_cla/check_cla_pr.py - shell: bash - if: ${{ steps.accepts_external_contrib.outputs.accepts_contrib != 'false' }} - env: - GH_ORG: ${{ github.repository_owner }} - GH_TOKEN: ${{ steps.app-token.outputs.token }} - REPO: ${{ github.event.repository.name }} - PR_ID: ${{ github.event.number }} diff --git a/.github/workflows/check_cla_dev.yml b/.github/workflows/check_cla_dev.yml deleted file mode 100644 index 27bba88..0000000 --- a/.github/workflows/check_cla_dev.yml +++ /dev/null @@ -1,11 +0,0 @@ -# Runs only when changes are made to the workflow itself - -name: CLA Check Dev - -on: - pull_request: - -jobs: - call-check-cla: - uses: ./.github/workflows/check_cla.yml - secrets: inherit diff --git a/.github/workflows/check_cla_ruleset.yml b/.github/workflows/check_cla_ruleset.yml index cf7b774..f27cfe4 100644 --- a/.github/workflows/check_cla_ruleset.yml +++ b/.github/workflows/check_cla_ruleset.yml @@ -10,8 +10,89 @@ on: - 'master' - 'main' merge_group: - jobs: - call-check-cla: - uses: dfinity/public-workflows/.github/workflows/check_cla.yml@main + check-membership: + uses: dfinity/public-workflows/.github/workflows/check_membership.yml@main secrets: inherit + + check-external-contributions: + name: Check External Contributions + runs-on: ubuntu-latest + needs: check-membership + if: ${{ needs.check-membership.outputs.is_member != 'true' && needs.check-membership.result == 'success' }} + steps: + - name: Create GitHub App Token + uses: actions/create-github-app-token@v1 + id: app-token + with: + app-id: ${{ vars.CLA_BOT_APP_ID }} + private-key: ${{ secrets.CLA_BOT_PRIVATE_KEY }} + + - name: Checkout + uses: actions/checkout@v4 + with: + repository: 'dfinity/public-workflows' + + - name: Python Setup + uses: ./.github/workflows/python-setup + + - name: Check if accepting external contributions + id: accepts_external_contrib + run: | + export PYTHONPATH="$PWD/reusable_workflows/" + python reusable_workflows/check_membership/check_external_contrib.py + shell: bash + env: + GH_TOKEN: ${{ github.token }} + REPO: ${{ github.event.repository.name }} + + - name: Checkout + uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.ref }} + repository: ${{ github.event.pull_request.head.repo.full_name }} + + - name: Close Pull Request + id: close_pr + if: ${{ steps.accepts_external_contrib.outputs.accepts_contrib != 'true' }} + uses: superbrothers/close-pull-request@v3 + with: + comment: | + Thank you for contributing! Unfortunately this repository does not accept external contributions yet. + + We are working on enabling this by aligning our internal processes and our CI setup to handle external contributions. However this will take some time to set up so in the meantime we unfortunately have to close this Pull Request. + + We hope you understand and will come back once we accept external PRs. + + — The DFINITY Foundation""" + + - name: Add Label + uses: actions/github-script@v6 + if: ${{ steps.accepts_external_contrib.outputs.accepts_contrib != 'false' }} + with: + script: | + github.rest.issues.addLabels({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + labels: ["external-contributor"] + }) + + - name: Checkout + uses: actions/checkout@v4 + if: ${{ steps.accepts_external_contrib.outputs.accepts_contrib != 'false' }} + with: + repository: 'dfinity/public-workflows' + + - name: Check CLA + id: check-cla + run: | + export PYTHONPATH="$PWD/reusable_workflows/" + python reusable_workflows/check_cla/check_cla_pr.py + shell: bash + if: ${{ steps.accepts_external_contrib.outputs.accepts_contrib != 'false' }} + env: + GH_ORG: ${{ github.repository_owner }} + GH_TOKEN: ${{ steps.app-token.outputs.token }} + REPO: ${{ github.event.repository.name }} + PR_ID: ${{ github.event.number }} diff --git a/.github/workflows/check_cla_signed.yml b/.github/workflows/check_cla_signed.yml index 00dabd6..72d7c2e 100644 --- a/.github/workflows/check_cla_signed.yml +++ b/.github/workflows/check_cla_signed.yml @@ -2,6 +2,7 @@ name: Check Issue Signed +# this workflow is triggered from the repo https://github.com/dfinity/cla on: workflow_call: