Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: DCO issues when auto-creating API clients documentation PR #599

Open
danuw opened this issue Dec 17, 2024 · 7 comments
Open

[Bug]: DCO issues when auto-creating API clients documentation PR #599

danuw opened this issue Dec 17, 2024 · 7 comments
Labels
bug Something isn't working

Comments

@danuw
Copy link
Collaborator

danuw commented Dec 17, 2024

Contact Details

No response

What happened?

DCO issue occurs when github actions creates a PR for the latest API clients documentation.

Could the process be updated to ensure there are no DCO issues?

Link of the original DCO issue details page

client

WebAPI (Default)

Relevant log output

At the time of the issue, the DCO error stated the following :
---------------

DCO
There is one commit incorrectly signed off. This means that the author of this commit failed to include a Signed-off-by line in the commit message.

To avoid having PRs blocked in the future, always include Signed-off-by: Author Name <[email protected]> in every commit message. You can also do this automatically by using the -s flag (i.e., git commit -s).

Here is how to fix the problem so that this code can be merged.

Preferred method: Commit author adds a DCO remediation commit
A DCO Remediation Commit contains special text in the commit message that applies a missing Signed-off-by line in a subsequent commit. The primary benefit of this method is that the project’s history does not change, and there is no risk of breaking someone else’s work.

These authors can unblock this PR by adding a new commit to this branch with the following text in their commit message:

danuw <[[email protected]](mailto:[email protected])>


DCO Remediation Commit for danuw <[email protected]>

I, danuw <[email protected]>, hereby add my Signed-off-by to this commit: 5f97ba6fad1b42d7e5a4ddfa5a9da327a3feaf98

Signed-off-by: danuw [email protected]
Please note: You should avoid adding empty commits (i.e., git commit -s --allow-empty), because these will be discarded if someone rebases the branch / repo.

Least preferred method: Rebase the branch
If you have a local git environment and meet the criteria below, one option is to rebase the branch and add your Signed-off-by lines in the new commits. Please note that if others have already begun work based upon the commits in this branch, this solution will rewrite history and may cause serious issues for collaborators (described in the git documentation under "The Perils of Rebasing").

You should only do this if:

You are the only author of the commits in this branch
You are absolutely certain nobody else is doing any work based upon this branch
There are no empty commits in the branch (for example, a DCO Remediation Commit which was added using --allow-empty)
To add your Signed-off-by line to every commit in this branch:

Ensure you have a local copy of your branch by checking out the pull request locally via command line.
In your local branch, run: git rebase HEAD~1 --signoff
Force push your changes to overwrite the branch: git push --force-with-lease origin gha/pr/webapidoc-1.0.0
Summary
Commit sha: 5f97ba6, Author: danuw, Committer: github-actions[bot]; Commit by organization member is not verified.



### Code of Conduct

- [X] I agree to follow this project's Code of Conduct
@danuw danuw added the bug Something isn't working label Dec 17, 2024
This was referenced Dec 17, 2024
Merged
Open
@YaSuenag
Copy link
Member

I'm not sure what signature is valid for the commit like this.

I think Developer Certificate of Origin Version 1.1 license document appears to assume developer / contributor who creates PR. But the PRs for client API document like #597 would be created by GitHub Actions to add API documents generated by OpenAPI Generator automatically. Thus I think there are no qualified developer to list for the commit relates to the PR.

Hence can we cancel DCO in this case?

@YaSuenag
Copy link
Member

We have no plan to update WebAPI so far, thus I think this issue would not suffer in near future. But we need to consider how should we handle DCO rule in this case (auto-generated commit).

@danuw
Copy link
Collaborator Author

danuw commented Dec 17, 2024

It may just be about using the -s (signed) attribute or equivalent for the given action?

@YaSuenag
Copy link
Member

It may just be about using the -s (signed) attribute or equivalent for the given action?

Yes, but GitHub Actions bot would be set in this case - it means the bot submits the change under the open source license.

It is strange for me, but I will create a PR to add -s if it can be accepted. What do you think?

@danuw
Copy link
Collaborator Author

danuw commented Dec 17, 2024

Good idea. Seems to make sense to me too

@YaSuenag
Copy link
Member

I looked over DCO app: https://github.com/dcoapp/app

Looks like there are no way to configure accounts (like a bot) for avoiding the check. I found several similar reports on the issue.
And also I asked best practices of DCO and Bot to both ChatGPT and Gemini, but I could not get the solution.

Thus it seems to be the best way to bypass DCO check manually as you do so far...

@danuw
Copy link
Collaborator Author

danuw commented Dec 18, 2024

Thank you for looking into it and confirming

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@YaSuenag @danuw