-
Notifications
You must be signed in to change notification settings - Fork 6
Adds signoff to backport workflow #9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: main
Are you sure you want to change the base?
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
@@ -42,6 +42,20 @@ jobs: | |||||||||||||||||
| - uses: tibdex/backport@9565281eda0731b1d20c4025c43339fb0a23812e | ||||||||||||||||||
| with: | ||||||||||||||||||
| github_token: ${{ secrets.dapr_bot_token }} | ||||||||||||||||||
| - uses: actions/checkout@v4 | ||||||||||||||||||
| with: | ||||||||||||||||||
| fetch-depth: 2 | ||||||||||||||||||
| - name: Add DCO signoff to backport commits | ||||||||||||||||||
| run: | | ||||||||||||||||||
| PR_NUMBER="${{ github.event.pull_request.number }}" | ||||||||||||||||||
| for BRANCH in $(git ls-remote --heads origin | grep "backport-${PR_NUMBER}-to-" | awk '{print $2}' | sed 's|refs/heads/||'); do | ||||||||||||||||||
|
||||||||||||||||||
| for BRANCH in $(git ls-remote --heads origin | grep "backport-${PR_NUMBER}-to-" | awk '{print $2}' | sed 's|refs/heads/||'); do | |
| for BRANCH in $(git ls-remote --heads origin | grep -F "backport-${PR_NUMBER}-to-" | awk '{print $2}' | sed 's|refs/heads/||'); do |
Copilot
AI
Mar 11, 2026
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This only amends HEAD, so if the backport branch contains multiple commits (e.g., a rebase-merged PR with several commits), only the last commit gets a DCO signoff and earlier commits remain unsigned. If the intent is to ensure DCO compliance for the whole backport, update the workflow to add signoffs to all commits on the backport branch (for example by rebasing with signoff or otherwise rewriting each commit), then force-push once.
| AUTHOR_NAME=$(git log -1 --format='%an') | |
| AUTHOR_EMAIL=$(git log -1 --format='%ae') | |
| git -c user.name="${AUTHOR_NAME}" -c user.email="${AUTHOR_EMAIL}" commit --amend --signoff --no-edit | |
| TARGET_BRANCH="${BRANCH#backport-${PR_NUMBER}-to-}" | |
| git fetch origin "${TARGET_BRANCH}" | |
| AUTHOR_NAME=$(git log -1 --format='%an') | |
| AUTHOR_EMAIL=$(git log -1 --format='%ae') | |
| GIT_COMMITTER_NAME="${AUTHOR_NAME}" GIT_COMMITTER_EMAIL="${AUTHOR_EMAIL}" git rebase --signoff "origin/${TARGET_BRANCH}" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
actions/checkoutis using the defaultGITHUB_TOKEN, but this reusable workflow setspermissions: {}and the latergit pushwill therefore run without a token that can write toorigin. As a result, the force-push is very likely to fail. Pass${{ secrets.dapr_bot_token }}toactions/checkout(and keep credentials persisted) or otherwise configure git credentials so that pushes authenticate with the bot token.