Skip to content
/ dco-bot Public

Bot for a GitHub webhook to check commits for DCO sign-off via AWS Lambda

License

ISC license
5 stars 9 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

deptofdefense/dco-bot

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

32 Commits

.gitignore

.gitignore

 
 

CONTRIBUTING.md

CONTRIBUTING.md

 
 

INTENT.md

INTENT.md

 
 

LICENSE.md

LICENSE.md

 
 

README.md

README.md

 
 

handler.js

handler.js

 
 

package.json

package.json

 
 

serverless.yml.template

serverless.yml.template

 
 

Repository files navigation

dco-bot

GitHub webhook for a AWS Lambda Bot to check commits for DCO sign-off

Usage

If you are a member of deptofdefense, add https://1iexi2zo5a.execute-api.us-east-1.amazonaws.com/dev/dco-bot as a webhook on your repo with Pull Request triggers. Anyone else will have to proceed with installation on your own AWS account as outlined below.

The bot will check for a sign-off in the form:

Signed-off-by: Bob Boberton <bob.boberton@example.com>

Installation

npm install serverless -g

Ensure your aws credentials are set up at ~/.aws/credentials. These allow the deployment of the AWS Lambda function to your account.

To secure GitHub to Lambda communication: GITHUB_WEBHOOK_SECRET in serverless.yml shall be set to whatever the webook uses.

To secure Lambda to GitHub communication: GITHUB_SECRET in serverless.yaml shall be set to a GitHub access token - comments will be made in this accounts name.

Rename serverless.yml.template to serverless.yml once your edits are complete.

Deploy

serverless deploy

This will upload your function to CloudFormation, S3, and Lambda. The output will contain an endpoint which looks like:

Service Information
service: dco-bot
stage: dev
region: us-east-1
api keys:
  None
endpoints:
  POST - https://SOMEENDPOINT.execute-api.us-east-1.amazonaws.com/dev/dco-bot
functions:
  dco-bot-dev-dcobot

Configure GitHub webhook

These instructions are inspired by Serverless Github webhook listener (MIT license).

Paste the endpoint as the webhook in GitHub as follows:

Configure your webhook in your github repository settings. Setting up a Webhook

  1. Plugin your API POST endpoint. (https://abcdefg.execute-api.us-east-1.amazonaws.com/dev/webhook in this example). Run sls info to grab your endpoint if you don't have it handy.
  2. Plugin your secret from GITHUB_WEBHOOK_SECRET environment variable.
  3. Choose the types of events you want the github webhook to fire on. For the DCO-bot we recommend, Pull Request events.

webhook-steps

Test and convenient logging

Manually trigger/test the webhook from settings or do something in your github repo to trigger a webhook.

You can tail the logs of the lambda function with the below command to see it running.

serverless logs -f dcobot -t

You should see the event from github in the lambda functions logs.

About

Bot for a GitHub webhook to check commits for DCO sign-off via AWS Lambda

Topics

github bot lambda dco code-mil

Resources

Readme

License

ISC license
Activity
Custom properties

Stars

5 stars

Watchers

18 watching

Forks

9 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages