This tool enables a workflow for developers to digitally sign a contributor license agreement (CLA) for your projects on GitHub. When a developer opens a pull request, they will get prompted to sign the agreement if they have not already. An administrator interface is provided for CLA authoring, CLA-to-project mapping, and agreement reviews.
The portal also supports developer certificate of origin (DCO). When enabled on a repository, all commits within a pull request will be checked for a signature in the following format: Signed-off-by: John Doe <[email protected]>
that matches the commit author.
For more general information on CLAs, refer to our FAQ
- Java 8
- Lightbend Activator
- Docker
- ngrok
-
Start ngrok to tunnel webhook requests from GitHub
ngrok http 9000
-
Register an OAuth application on GitHub
-
Create an OAuth access token on GitHub with the following scope
repo admin:repo_hook read:org
-
Update settings in conf/application.conf
smtp.host="smtp.test.com" app.host="https://<subdomain>.ngrok.io" app.internal.host="http://localhost:9000" app.github.clientid="<GitHub OAuth client ID>" app.github.clientsecret="<GitHub OAuth client secret>" app.github.oauthtoken="<GitHub OAuth access token>" app.notification.email="[email protected]" app.noreply.email="[email protected]" app.admin.email="[email protected]" app.ccla.expiration=7
-
Update organization in conf/evolutions/default/1.sql
INSERT INTO Organizations (name) VALUES ('testorg');
-
Generate a new application secret
activator playUpdateSecret
-
Build it
activator docker:publishLocal
-
Run it
docker run -p 9000:9000 claportal:1.0-SNAPSHOT
-
Log in to localhost:9000/admin/login using credentials claadmin:claadmin (Note: These credentials are hard-coded in Authenticator.java. If you decide to use this in production, you should update the authenticate method for your identity provider.)
-
Select "Manage Projects" to load all repositories from your organization
-
Select a repository, click Edit, and set the CLA to Sample (Note: When you save, this will install the web hook to the repository on GitHub for pull request events.)
-
Submit a pull request to your repository (Note: Organization members do not sign the CLA, so submit a pull request using an account that is not a member of the organization.)
-
Log in to localhost:9000/admin/login using credentials claadmin:claadmin (Note: These credentials are hard-coded in Authenticator.java. If you decide to use this in production, you should update the authenticate method for your identity provider.)
-
Select "Edit DCO" to create the initial DCO agreement revision
-
Select "Manage Projects" to load all repositories from your organization
-
Select a repository, click Edit, and check "Use DCO" (Note: When you save, this will install the web hook to the repository on GitHub for pull request events.)
When enabled on a repository, all commits within a pull request will be checked for a signature in the following format: Signed-off-by: John Doe <[email protected]>
that matches the commit author.
The CLA Portal project team welcomes contributions from the community. If you wish to contribute code and you have not signed our contributor license agreement (CLA), our bot will update the issue when you open a Pull Request. For any questions about the CLA process, please refer to our FAQ.
The CLA Portal is available under the Apache 2 license.