Signed Commit Authors #20
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Org-wide required workflow enforced by the org ruleset "workflows" rule. | |
| # | |
| # The verifier and SSH signing policy live in rocicorp/.github. Configure repo | |
| # and branch targeting in the ruleset; required workflow event filters such as | |
| # branches, paths, and types are ignored by GitHub. | |
| # | |
| # Because this is a required workflow, it must subscribe to merge_group too. | |
| # The verifier needs a pull_request payload, so merge_group no-ops and passes. | |
| name: Signed Commit Authors | |
| on: | |
| pull_request: | |
| merge_group: | |
| permissions: {} | |
| concurrency: | |
| group: '${{ github.workflow }} @ ${{ github.event.pull_request.number || github.event.merge_group.head_sha || github.run_id }}' | |
| cancel-in-progress: true | |
| jobs: | |
| verify: | |
| name: Verify Signed Commit Authors | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read # Required to fetch commits. | |
| steps: | |
| - name: Merge group no-op | |
| if: github.event_name == 'merge_group' | |
| run: echo "merge_group event - pull request commits are verified before entering the queue" | |
| - name: Verify signed commit authors | |
| if: github.event_name == 'pull_request' | |
| uses: rocicorp/.github/.github/actions/verify-signed-commit-authors@088d5c5d2e03a20c25cea0876a45fb1b1675e8c4 | |
| with: | |
| enforce: false # Temporary until allowed_signers is populated. | |
| github-token: ${{ github.token }} |