From 6015a3f19f3ee520d4c25342d220f373c6013f22 Mon Sep 17 00:00:00 2001 From: Mark Stacey Date: Fri, 21 Aug 2020 12:58:25 -0300 Subject: [PATCH 1/5] Add CLA Signature bot The CLA signature bot will check the authors of each PR to ensure they have all signed the CLA. If any authors still need to sign the CLA, it will leave a comment explaining how it can be signed, and will check back upon each comment to see if it has been signed. The bot used is `MetaMask/cla-signature-bot`, which is a fork of `Roblox/cla-signature-bot`. The fork has a couple of improvements, and it updated the PR comment text to be more appropriate for our usage. Currently the only whitelisted user is `dependabot`, meaning that even ConsenSys employees will need to sign the CLA. We could add all employees to the whitelist, but I figured it'd be easier to get everyone to sign individually rather than maintaining this list here. The signatures are stored in `cla.json` on the `cla-signatures` branch, which is in this repository as a distinct root. We can consider moving this to a separate repository in the future - this was just easier to setup. --- .github/workflows/cla.yml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 .github/workflows/cla.yml diff --git a/.github/workflows/cla.yml b/.github/workflows/cla.yml new file mode 100644 index 000000000000..1287aee8a8ea --- /dev/null +++ b/.github/workflows/cla.yml @@ -0,0 +1,22 @@ +name: "CLA Signature Bot" +on: + issue_comment: + types: [created] + pull_request_target: + types: [opened,closed,synchronize] + +jobs: + CLABot: + runs-on: ubuntu-latest + steps: + - name: "CLA Signature Bot" + uses: MetaMask/cla-signature-bot@v3.0.0 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + path-to-signatures: 'cla.json' + url-to-cladocument: 'https://metamask.io/cla.html' + # This branch can't have protections, commits are made directly to the specified branch. + branch: 'cla-signatures' + whitelist: dependabot + blockchain-storage-flag: false From 5c16eda828441fb065ec2d2d0e586ac2f63d12af Mon Sep 17 00:00:00 2001 From: Mark Stacey Date: Tue, 25 Aug 2020 18:14:43 -0300 Subject: [PATCH 2/5] Ignore comments from non-PRs --- .github/workflows/cla.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/cla.yml b/.github/workflows/cla.yml index 1287aee8a8ea..24674d992129 100644 --- a/.github/workflows/cla.yml +++ b/.github/workflows/cla.yml @@ -7,6 +7,7 @@ on: jobs: CLABot: + if: github.event_name == 'pull_request_target' || contains(github.event.comment.html_url, '/pull/') runs-on: ubuntu-latest steps: - name: "CLA Signature Bot" From 485431ce2fa6d65b43fbb1894f988ee4cc2d63f5 Mon Sep 17 00:00:00 2001 From: Mark Stacey Date: Tue, 25 Aug 2020 22:50:20 -0300 Subject: [PATCH 3/5] Update to v3.0.1 of `MetaMask/cla-signature-bot` The version of `MetaMask/cla-signature-bot` has been updated from `v3.0.0` to `v3.0.1`. This version is more tolerant of being run against issue comments, and it has replaced the `whitelist` input parameter with `allowlist`. --- .github/workflows/cla.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/cla.yml b/.github/workflows/cla.yml index 24674d992129..6dcf0dcc2376 100644 --- a/.github/workflows/cla.yml +++ b/.github/workflows/cla.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: "CLA Signature Bot" - uses: MetaMask/cla-signature-bot@v3.0.0 + uses: MetaMask/cla-signature-bot@v3.0.1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -19,5 +19,5 @@ jobs: url-to-cladocument: 'https://metamask.io/cla.html' # This branch can't have protections, commits are made directly to the specified branch. branch: 'cla-signatures' - whitelist: dependabot + allowlist: dependabot blockchain-storage-flag: false From 0dc2f2e06334d736d21247d211035db2266efb0a Mon Sep 17 00:00:00 2001 From: Mark Stacey Date: Wed, 26 Aug 2020 10:56:46 -0300 Subject: [PATCH 4/5] Enable `allowOrganizationMembers` A new input parameter, `allowOrganizationMembers`, has been added in `v3.0.2` of `MetaMask/cla-signature-bot`. This parameter automatically includes all organization members in the allowlist. --- .github/workflows/cla.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/cla.yml b/.github/workflows/cla.yml index 6dcf0dcc2376..4beda38993bb 100644 --- a/.github/workflows/cla.yml +++ b/.github/workflows/cla.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: "CLA Signature Bot" - uses: MetaMask/cla-signature-bot@v3.0.1 + uses: MetaMask/cla-signature-bot@v3.0.2 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -20,4 +20,5 @@ jobs: # This branch can't have protections, commits are made directly to the specified branch. branch: 'cla-signatures' allowlist: dependabot + allowOrganizationMembers: true blockchain-storage-flag: false From 85b03a6e6de3d5eb32afbb05670ed2f482eea44d Mon Sep 17 00:00:00 2001 From: Mark Stacey Date: Wed, 26 Aug 2020 13:24:34 -0300 Subject: [PATCH 5/5] Fix parameter name The `allow-organization-members` input parameter was incorrectly named. It has been fixed. The version of the `cla-signature-bot` has been updated as well, because I have reset the tags used on that repo. `v3.0.0` now refers to the latest version. --- .github/workflows/cla.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/cla.yml b/.github/workflows/cla.yml index 4beda38993bb..dc339a4729b3 100644 --- a/.github/workflows/cla.yml +++ b/.github/workflows/cla.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: "CLA Signature Bot" - uses: MetaMask/cla-signature-bot@v3.0.2 + uses: MetaMask/cla-signature-bot@v3.0.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -20,5 +20,5 @@ jobs: # This branch can't have protections, commits are made directly to the specified branch. branch: 'cla-signatures' allowlist: dependabot - allowOrganizationMembers: true + allow-organization-members: true blockchain-storage-flag: false