diff options
| author | CoprDistGit <infra@openeuler.org> | 2023-05-30 17:11:02 +0000 |
|---|---|---|
| committer | CoprDistGit <infra@openeuler.org> | 2023-05-30 17:11:02 +0000 |
| commit | 5c5e33ab6b3b463c9400dc79e06292df815e403a (patch) | |
| tree | 94dba938e5ed631816d74fa7b68208636e23b033 | |
| parent | 35b7ddae90580e4a97485252c26e669ffa9283b4 (diff) | |
automatic import of python-dco-check
| -rw-r--r-- | .gitignore | 1 | ||||
| -rw-r--r-- | python-dco-check.spec | 537 | ||||
| -rw-r--r-- | sources | 1 |
3 files changed, 539 insertions, 0 deletions
@@ -0,0 +1 @@ +/dco-check-0.4.0.tar.gz diff --git a/python-dco-check.spec b/python-dco-check.spec new file mode 100644 index 0000000..633a203 --- /dev/null +++ b/python-dco-check.spec @@ -0,0 +1,537 @@ +%global _empty_manifest_terminate_build 0 +Name: python-dco-check +Version: 0.4.0 +Release: 1 +Summary: Simple DCO check script to be used in any CI. +License: Apache License, Version 2.0 +URL: https://github.com/christophebedard/dco-check/ +Source0: https://mirrors.nju.edu.cn/pypi/web/packages/d7/eb/25be1eb09b90a411a6ea81cd043e71dbbcbc94bfe6719f4b759e97e97b2e/dco-check-0.4.0.tar.gz +BuildArch: noarch + + +%description +# dco-check + +[](https://pypi.org/project/dco-check/) +[](https://codecov.io/gh/christophebedard/dco-check) +[](https://github.com/christophebedard/dco-check/blob/master/LICENSE) +[](https://hub.docker.com/r/christophebedard/dco-check) + +[](https://github.com/christophebedard/dco-check) +[](https://gitlab.com/christophebedard/dco-check/commits/master) +[](https://travis-ci.com/github/christophebedard/dco-check) +[](https://dev.azure.com/christophebedard/dco-check/_build/latest?definitionId=1&branchName=master) +[](https://ci.appveyor.com/project/christophebedard/dco-check) +[](https://circleci.com/gh/christophebedard/dco-check) + +Simple DCO check script to be used in [any CI](#ci-support). + +## Motivation + +Many open-source projects require the use of a `Signed-off-by:` line in every commit message. +This is to certify that a contributor has the right to submit their code according to the [Developer Certificate of Origin (DCO)](https://developercertificate.org/). +However, to my knowledge, there is no automated check that can run on any CI platform (or most platforms). +Some platforms simply do not possess such a feature. + +This was inspired by the [DCO GitHub App](https://github.com/apps/dco). + +## How to get & use + +There are a few options: + +1. Using the [package from PyPI](https://pypi.org/project/dco-check/) + ```shell + $ pip install dco-check + $ dco-check + ``` +1. Using the Docker image ([`christophebedard/dco-check`](https://hub.docker.com/r/christophebedard/dco-check)) with your CI (see [examples](#Example-CI-configurations)) + ```shell + $ dco-check + ``` +1. Downloading the script and running it (you can replace `master` with a specific version) + This is enabled by the fact that `dco-check` is a single Python file without any third-party dependencies. + ```shell + $ wget https://raw.githubusercontent.com/christophebedard/dco-check/master/dco_check/dco_check.py + $ python3 dco_check.py + ``` + +It exits with 0 if all checked commits have been signed-off. +Otherwise, it exits with a non-zero number. + +Run with `--help` for more information and options, including: + +* ignoring merge commits +* default branch +* default remote +* list of commit author emails to exclude from checks +* regular expression pattern to exclude generic emails when matched +* quiet mode +* verbose mode +* excluding certain author emails (e.g., for bots) + +Those options can alternatively be set through environment variables (see `--help`), but commandline arguments always have precedence over environment variables. + +## How it works + +`dco-check` focuses on two use-cases: + +1. Commits part of a feature branch, i.e. a proposed change (pull request or merge request) +1. Commits on the default branch, e.g. `master`, or more specifically the new commits pushed to the default branch + +The first use-case is easy to cover given a normal git repository. +We can simply use `git merge-base --fork-point $DEFAULT_BRANCH` to get the list of commits on a specific feature branch off of the default branch. +Some CIs provide even more information, such as the target branch of the change, which is useful if we don't expect to always target the default branch. +Then we can just check every commit using `git log` and make sure it is signed-off by the author. + +The second use-case isn't really possible with simple git repositories, because they do not contain the necessary information (AFAIK). +Fortunately, some CIs do provide this information. + +Furthermore, by default, some CI platforms only clone git repositories up to a specific depth, i.e. you only get a partial commit history. +This depth can sometimes be 1 for some CIs, i.e. a shallow clone. +For those cases, it is usually possible to prevent shallow cloning by setting the right parameter(s) in the job configuration. +However, since one of the goals of `dco-check` is to be as easy to use as possible, it tries not to rely on that. + +This is why `dco-check` detects the current CI platform and uses whatever information that platform can provide. +Otherwise, it falls back on a default generic implementation which uses simple git commands. +In those cases, the CLI options allow users to provide a lot of the missing information. + +## CI support + +Below is a summary of the supported CIs along with their known behaviours. + +| CI | Detects new changes when pushing to default branch | Detects PRs/MRs | Gets base branch using | Gets default branch using | Notes | +|:--:|:--------------------------------------------------:|:---------------:|:----------------------:|:-------------------------:|:-----:| +|GitHub|✓|✓|CI|(not used)|retrieves commit data using the GitHub API, since GitHub does shallow clones by default| +|GitLab|✓|✓|CI|CI|detects normal GitLab MRs and external (GitHub) MRs| +|Azure Pipelines||✓|CI|CLI arguments|| +|AppVeyor||✓|CI|CLI arguments|| +|CircleCI|✓||CI\* (or CLI arguments)|CLI arguments|\*can use base revision information if provided (see example)| +|Travis CI|||CLI arguments|CLI arguments|supported by default as a normal git repo| +|default (git)|||CLI arguments|CLI arguments|use locally; using in an unsupported CI which only does a shallow clone might cause problems| + +## Example CI configurations + +Here are some example CI configurations. + +### GitHub + +```yaml +# .github/workflows/dco.yml +name: DCO +on: + pull_request: + push: + branches: + - master +jobs: + check: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Set up Python 3.x + uses: actions/setup-python@v4 + with: + python-version: '3.x' + - name: Check DCO + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + pip3 install -U dco-check + dco-check +``` + +### GitLab + +```yaml +# .gitlab-ci.yml +variables: + DOCKER_DRIVER: overlay2 +dco: + image: christophebedard/dco-check:latest + rules: + - if: $CI_MERGE_REQUEST_ID + - if: $CI_EXTERNAL_PULL_REQUEST_IID + - if: $CI_COMMIT_BRANCH == 'master' + script: + - pip3 install -U dco-check # optional + - dco-check +``` + +## Python version support + +Python 3.6+ is required because of the use of f-strings. +However, it shouldn't be too hard to remove them to support older versions of Python 3, if there is a demand for it, or if such a change is contributed to `dco-check`. + +## Contributing + +See [`CONTRIBUTING.md`](./CONTRIBUTING.md). + + +%package -n python3-dco-check +Summary: Simple DCO check script to be used in any CI. +Provides: python-dco-check +BuildRequires: python3-devel +BuildRequires: python3-setuptools +BuildRequires: python3-pip +%description -n python3-dco-check +# dco-check + +[](https://pypi.org/project/dco-check/) +[](https://codecov.io/gh/christophebedard/dco-check) +[](https://github.com/christophebedard/dco-check/blob/master/LICENSE) +[](https://hub.docker.com/r/christophebedard/dco-check) + +[](https://github.com/christophebedard/dco-check) +[](https://gitlab.com/christophebedard/dco-check/commits/master) +[](https://travis-ci.com/github/christophebedard/dco-check) +[](https://dev.azure.com/christophebedard/dco-check/_build/latest?definitionId=1&branchName=master) +[](https://ci.appveyor.com/project/christophebedard/dco-check) +[](https://circleci.com/gh/christophebedard/dco-check) + +Simple DCO check script to be used in [any CI](#ci-support). + +## Motivation + +Many open-source projects require the use of a `Signed-off-by:` line in every commit message. +This is to certify that a contributor has the right to submit their code according to the [Developer Certificate of Origin (DCO)](https://developercertificate.org/). +However, to my knowledge, there is no automated check that can run on any CI platform (or most platforms). +Some platforms simply do not possess such a feature. + +This was inspired by the [DCO GitHub App](https://github.com/apps/dco). + +## How to get & use + +There are a few options: + +1. Using the [package from PyPI](https://pypi.org/project/dco-check/) + ```shell + $ pip install dco-check + $ dco-check + ``` +1. Using the Docker image ([`christophebedard/dco-check`](https://hub.docker.com/r/christophebedard/dco-check)) with your CI (see [examples](#Example-CI-configurations)) + ```shell + $ dco-check + ``` +1. Downloading the script and running it (you can replace `master` with a specific version) + This is enabled by the fact that `dco-check` is a single Python file without any third-party dependencies. + ```shell + $ wget https://raw.githubusercontent.com/christophebedard/dco-check/master/dco_check/dco_check.py + $ python3 dco_check.py + ``` + +It exits with 0 if all checked commits have been signed-off. +Otherwise, it exits with a non-zero number. + +Run with `--help` for more information and options, including: + +* ignoring merge commits +* default branch +* default remote +* list of commit author emails to exclude from checks +* regular expression pattern to exclude generic emails when matched +* quiet mode +* verbose mode +* excluding certain author emails (e.g., for bots) + +Those options can alternatively be set through environment variables (see `--help`), but commandline arguments always have precedence over environment variables. + +## How it works + +`dco-check` focuses on two use-cases: + +1. Commits part of a feature branch, i.e. a proposed change (pull request or merge request) +1. Commits on the default branch, e.g. `master`, or more specifically the new commits pushed to the default branch + +The first use-case is easy to cover given a normal git repository. +We can simply use `git merge-base --fork-point $DEFAULT_BRANCH` to get the list of commits on a specific feature branch off of the default branch. +Some CIs provide even more information, such as the target branch of the change, which is useful if we don't expect to always target the default branch. +Then we can just check every commit using `git log` and make sure it is signed-off by the author. + +The second use-case isn't really possible with simple git repositories, because they do not contain the necessary information (AFAIK). +Fortunately, some CIs do provide this information. + +Furthermore, by default, some CI platforms only clone git repositories up to a specific depth, i.e. you only get a partial commit history. +This depth can sometimes be 1 for some CIs, i.e. a shallow clone. +For those cases, it is usually possible to prevent shallow cloning by setting the right parameter(s) in the job configuration. +However, since one of the goals of `dco-check` is to be as easy to use as possible, it tries not to rely on that. + +This is why `dco-check` detects the current CI platform and uses whatever information that platform can provide. +Otherwise, it falls back on a default generic implementation which uses simple git commands. +In those cases, the CLI options allow users to provide a lot of the missing information. + +## CI support + +Below is a summary of the supported CIs along with their known behaviours. + +| CI | Detects new changes when pushing to default branch | Detects PRs/MRs | Gets base branch using | Gets default branch using | Notes | +|:--:|:--------------------------------------------------:|:---------------:|:----------------------:|:-------------------------:|:-----:| +|GitHub|✓|✓|CI|(not used)|retrieves commit data using the GitHub API, since GitHub does shallow clones by default| +|GitLab|✓|✓|CI|CI|detects normal GitLab MRs and external (GitHub) MRs| +|Azure Pipelines||✓|CI|CLI arguments|| +|AppVeyor||✓|CI|CLI arguments|| +|CircleCI|✓||CI\* (or CLI arguments)|CLI arguments|\*can use base revision information if provided (see example)| +|Travis CI|||CLI arguments|CLI arguments|supported by default as a normal git repo| +|default (git)|||CLI arguments|CLI arguments|use locally; using in an unsupported CI which only does a shallow clone might cause problems| + +## Example CI configurations + +Here are some example CI configurations. + +### GitHub + +```yaml +# .github/workflows/dco.yml +name: DCO +on: + pull_request: + push: + branches: + - master +jobs: + check: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Set up Python 3.x + uses: actions/setup-python@v4 + with: + python-version: '3.x' + - name: Check DCO + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + pip3 install -U dco-check + dco-check +``` + +### GitLab + +```yaml +# .gitlab-ci.yml +variables: + DOCKER_DRIVER: overlay2 +dco: + image: christophebedard/dco-check:latest + rules: + - if: $CI_MERGE_REQUEST_ID + - if: $CI_EXTERNAL_PULL_REQUEST_IID + - if: $CI_COMMIT_BRANCH == 'master' + script: + - pip3 install -U dco-check # optional + - dco-check +``` + +## Python version support + +Python 3.6+ is required because of the use of f-strings. +However, it shouldn't be too hard to remove them to support older versions of Python 3, if there is a demand for it, or if such a change is contributed to `dco-check`. + +## Contributing + +See [`CONTRIBUTING.md`](./CONTRIBUTING.md). + + +%package help +Summary: Development documents and examples for dco-check +Provides: python3-dco-check-doc +%description help +# dco-check + +[](https://pypi.org/project/dco-check/) +[](https://codecov.io/gh/christophebedard/dco-check) +[](https://github.com/christophebedard/dco-check/blob/master/LICENSE) +[](https://hub.docker.com/r/christophebedard/dco-check) + +[](https://github.com/christophebedard/dco-check) +[](https://gitlab.com/christophebedard/dco-check/commits/master) +[](https://travis-ci.com/github/christophebedard/dco-check) +[](https://dev.azure.com/christophebedard/dco-check/_build/latest?definitionId=1&branchName=master) +[](https://ci.appveyor.com/project/christophebedard/dco-check) +[](https://circleci.com/gh/christophebedard/dco-check) + +Simple DCO check script to be used in [any CI](#ci-support). + +## Motivation + +Many open-source projects require the use of a `Signed-off-by:` line in every commit message. +This is to certify that a contributor has the right to submit their code according to the [Developer Certificate of Origin (DCO)](https://developercertificate.org/). +However, to my knowledge, there is no automated check that can run on any CI platform (or most platforms). +Some platforms simply do not possess such a feature. + +This was inspired by the [DCO GitHub App](https://github.com/apps/dco). + +## How to get & use + +There are a few options: + +1. Using the [package from PyPI](https://pypi.org/project/dco-check/) + ```shell + $ pip install dco-check + $ dco-check + ``` +1. Using the Docker image ([`christophebedard/dco-check`](https://hub.docker.com/r/christophebedard/dco-check)) with your CI (see [examples](#Example-CI-configurations)) + ```shell + $ dco-check + ``` +1. Downloading the script and running it (you can replace `master` with a specific version) + This is enabled by the fact that `dco-check` is a single Python file without any third-party dependencies. + ```shell + $ wget https://raw.githubusercontent.com/christophebedard/dco-check/master/dco_check/dco_check.py + $ python3 dco_check.py + ``` + +It exits with 0 if all checked commits have been signed-off. +Otherwise, it exits with a non-zero number. + +Run with `--help` for more information and options, including: + +* ignoring merge commits +* default branch +* default remote +* list of commit author emails to exclude from checks +* regular expression pattern to exclude generic emails when matched +* quiet mode +* verbose mode +* excluding certain author emails (e.g., for bots) + +Those options can alternatively be set through environment variables (see `--help`), but commandline arguments always have precedence over environment variables. + +## How it works + +`dco-check` focuses on two use-cases: + +1. Commits part of a feature branch, i.e. a proposed change (pull request or merge request) +1. Commits on the default branch, e.g. `master`, or more specifically the new commits pushed to the default branch + +The first use-case is easy to cover given a normal git repository. +We can simply use `git merge-base --fork-point $DEFAULT_BRANCH` to get the list of commits on a specific feature branch off of the default branch. +Some CIs provide even more information, such as the target branch of the change, which is useful if we don't expect to always target the default branch. +Then we can just check every commit using `git log` and make sure it is signed-off by the author. + +The second use-case isn't really possible with simple git repositories, because they do not contain the necessary information (AFAIK). +Fortunately, some CIs do provide this information. + +Furthermore, by default, some CI platforms only clone git repositories up to a specific depth, i.e. you only get a partial commit history. +This depth can sometimes be 1 for some CIs, i.e. a shallow clone. +For those cases, it is usually possible to prevent shallow cloning by setting the right parameter(s) in the job configuration. +However, since one of the goals of `dco-check` is to be as easy to use as possible, it tries not to rely on that. + +This is why `dco-check` detects the current CI platform and uses whatever information that platform can provide. +Otherwise, it falls back on a default generic implementation which uses simple git commands. +In those cases, the CLI options allow users to provide a lot of the missing information. + +## CI support + +Below is a summary of the supported CIs along with their known behaviours. + +| CI | Detects new changes when pushing to default branch | Detects PRs/MRs | Gets base branch using | Gets default branch using | Notes | +|:--:|:--------------------------------------------------:|:---------------:|:----------------------:|:-------------------------:|:-----:| +|GitHub|✓|✓|CI|(not used)|retrieves commit data using the GitHub API, since GitHub does shallow clones by default| +|GitLab|✓|✓|CI|CI|detects normal GitLab MRs and external (GitHub) MRs| +|Azure Pipelines||✓|CI|CLI arguments|| +|AppVeyor||✓|CI|CLI arguments|| +|CircleCI|✓||CI\* (or CLI arguments)|CLI arguments|\*can use base revision information if provided (see example)| +|Travis CI|||CLI arguments|CLI arguments|supported by default as a normal git repo| +|default (git)|||CLI arguments|CLI arguments|use locally; using in an unsupported CI which only does a shallow clone might cause problems| + +## Example CI configurations + +Here are some example CI configurations. + +### GitHub + +```yaml +# .github/workflows/dco.yml +name: DCO +on: + pull_request: + push: + branches: + - master +jobs: + check: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Set up Python 3.x + uses: actions/setup-python@v4 + with: + python-version: '3.x' + - name: Check DCO + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + pip3 install -U dco-check + dco-check +``` + +### GitLab + +```yaml +# .gitlab-ci.yml +variables: + DOCKER_DRIVER: overlay2 +dco: + image: christophebedard/dco-check:latest + rules: + - if: $CI_MERGE_REQUEST_ID + - if: $CI_EXTERNAL_PULL_REQUEST_IID + - if: $CI_COMMIT_BRANCH == 'master' + script: + - pip3 install -U dco-check # optional + - dco-check +``` + +## Python version support + +Python 3.6+ is required because of the use of f-strings. +However, it shouldn't be too hard to remove them to support older versions of Python 3, if there is a demand for it, or if such a change is contributed to `dco-check`. + +## Contributing + +See [`CONTRIBUTING.md`](./CONTRIBUTING.md). + + +%prep +%autosetup -n dco-check-0.4.0 + +%build +%py3_build + +%install +%py3_install +install -d -m755 %{buildroot}/%{_pkgdocdir} +if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi +if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi +if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi +if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi +pushd %{buildroot} +if [ -d usr/lib ]; then + find usr/lib -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/lib64 ]; then + find usr/lib64 -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/bin ]; then + find usr/bin -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/sbin ]; then + find usr/sbin -type f -printf "/%h/%f\n" >> filelist.lst +fi +touch doclist.lst +if [ -d usr/share/man ]; then + find usr/share/man -type f -printf "/%h/%f.gz\n" >> doclist.lst +fi +popd +mv %{buildroot}/filelist.lst . +mv %{buildroot}/doclist.lst . + +%files -n python3-dco-check -f filelist.lst +%dir %{python3_sitelib}/* + +%files help -f doclist.lst +%{_docdir}/* + +%changelog +* Tue May 30 2023 Python_Bot <Python_Bot@openeuler.org> - 0.4.0-1 +- Package Spec generated @@ -0,0 +1 @@ +f661ca14d4bd03ea2325e6bd5dfeaa56 dco-check-0.4.0.tar.gz |