From d6b06d70158b8914a5e40e3284780397d4447f32 Mon Sep 17 00:00:00 2001 From: Thomas Cardin <49320132+ThomasCardin@users.noreply.github.com> Date: Thu, 9 Jan 2025 10:36:02 -0500 Subject: [PATCH 1/6] issue #49: check email author signature --- .github/workflows/workflow-check-author-email.md | 0 .github/workflows/workflow-check-author-email.yml | 14 ++++++++++++++ 2 files changed, 14 insertions(+) create mode 100644 .github/workflows/workflow-check-author-email.md create mode 100644 .github/workflows/workflow-check-author-email.yml diff --git a/.github/workflows/workflow-check-author-email.md b/.github/workflows/workflow-check-author-email.md new file mode 100644 index 00000000..e69de29b diff --git a/.github/workflows/workflow-check-author-email.yml b/.github/workflows/workflow-check-author-email.yml new file mode 100644 index 00000000..1887f04a --- /dev/null +++ b/.github/workflows/workflow-check-author-email.yml @@ -0,0 +1,14 @@ +name: Verify Committer Email +on: + workflow_call: + +jobs: + check-commit-author: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: dguo/check-author-and-committer-action@v1 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + committer-email-regex: '@gc\.ca$' + custom-error-message: "Commits must be signed with an email address ending in .gc.ca. Please configure your email address correctly." From 437ee2804c48608b2adefb169b178bd4785a7784 Mon Sep 17 00:00:00 2001 From: Thomas Cardin <49320132+ThomasCardin@users.noreply.github.com> Date: Thu, 9 Jan 2025 10:37:33 -0500 Subject: [PATCH 2/6] issue #49: workflow doc --- .../workflows/workflow-check-author-email.md | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/.github/workflows/workflow-check-author-email.md b/.github/workflows/workflow-check-author-email.md index e69de29b..90b1f387 100644 --- a/.github/workflows/workflow-check-author-email.md +++ b/.github/workflows/workflow-check-author-email.md @@ -0,0 +1,28 @@ +# GitHub Actions Workflow: Verify Committer Email for `.gc.ca` Domain + +- **Purpose:** This GitHub Actions workflow ensures that commits pushed +to the repository or part of a pull request are signed with an email +address ending in `.gc.ca`. This helps verify that contributors use a +valid government email domain when committing changes. + +- **Usage:** Add this workflow to your repository to enforce email validation +on all pushes and pull requests targeting the `main` branch. + +- **Required Secrets:** + - `GITHUB_TOKEN`: Token for authentication with GitHub. + +## Workflow Steps + +1. **Checkout the Repository:** + The workflow uses the `actions/checkout@v3` action to clone the repository + into the runner's workspace. + +2. **Validate Committer Email:** + The workflow leverages the `dguo/check-author-and-committer-action@v1` + action to check that the committer's email matches the specified + domain pattern (`@gc.ca`). + +3. **Custom Error Messaging:** + If any commit does not meet the email criteria, a custom error message + is displayed, guiding contributors to configure their email + address correctly. From f444e026e088993e4bf22ed9e1d2ad7170eb81d9 Mon Sep 17 00:00:00 2001 From: Thomas Cardin <49320132+ThomasCardin@users.noreply.github.com> Date: Fri, 10 Jan 2025 14:52:23 -0500 Subject: [PATCH 3/6] issue #49: added on push --- .github/workflows/workflow-check-author-email.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/workflow-check-author-email.yml b/.github/workflows/workflow-check-author-email.yml index 1887f04a..e2cd8460 100644 --- a/.github/workflows/workflow-check-author-email.yml +++ b/.github/workflows/workflow-check-author-email.yml @@ -1,6 +1,7 @@ name: Verify Committer Email on: workflow_call: + push: jobs: check-commit-author: From b215f5980c0c222000cf449441040c0bff95a06c Mon Sep 17 00:00:00 2001 From: Thomas Cardin <49320132+ThomasCardin@users.noreply.github.com> Date: Fri, 10 Jan 2025 14:58:03 -0500 Subject: [PATCH 4/6] issue #49: test --- .github/workflows/workflow-check-author-email.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/workflow-check-author-email.yml b/.github/workflows/workflow-check-author-email.yml index e2cd8460..6bf5cb05 100644 --- a/.github/workflows/workflow-check-author-email.yml +++ b/.github/workflows/workflow-check-author-email.yml @@ -12,4 +12,4 @@ jobs: with: github-token: ${{ secrets.GITHUB_TOKEN }} committer-email-regex: '@gc\.ca$' - custom-error-message: "Commits must be signed with an email address ending in .gc.ca. Please configure your email address correctly." + custom-error-message: "Commits must be signed with an email address ending in .gc.ca. Please configure your email address correctly.." From b7772e5559b577e20e2c3e3958b6ca4a73ac63ae Mon Sep 17 00:00:00 2001 From: Thomas Cardin Date: Fri, 10 Jan 2025 15:00:49 -0500 Subject: [PATCH 5/6] issue #49: test --- .github/workflows/workflow-check-author-email.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/workflow-check-author-email.yml b/.github/workflows/workflow-check-author-email.yml index 6bf5cb05..e2cd8460 100644 --- a/.github/workflows/workflow-check-author-email.yml +++ b/.github/workflows/workflow-check-author-email.yml @@ -12,4 +12,4 @@ jobs: with: github-token: ${{ secrets.GITHUB_TOKEN }} committer-email-regex: '@gc\.ca$' - custom-error-message: "Commits must be signed with an email address ending in .gc.ca. Please configure your email address correctly.." + custom-error-message: "Commits must be signed with an email address ending in .gc.ca. Please configure your email address correctly." From 4434a03c024839dc67bdf84130a7e45bf8467e4c Mon Sep 17 00:00:00 2001 From: Thomas Cardin Date: Fri, 10 Jan 2025 15:02:24 -0500 Subject: [PATCH 6/6] issue #49: changed regex expression --- .github/workflows/workflow-check-author-email.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/workflow-check-author-email.yml b/.github/workflows/workflow-check-author-email.yml index e2cd8460..fe07325b 100644 --- a/.github/workflows/workflow-check-author-email.yml +++ b/.github/workflows/workflow-check-author-email.yml @@ -11,5 +11,5 @@ jobs: - uses: dguo/check-author-and-committer-action@v1 with: github-token: ${{ secrets.GITHUB_TOKEN }} - committer-email-regex: '@gc\.ca$' + committer-email-regex: '@(?:[a-zA-Z0-9-]+\.)?gc\.ca$' custom-error-message: "Commits must be signed with an email address ending in .gc.ca. Please configure your email address correctly."