dcoapp · gr2m · Jan 18, 2022 · Nov 16, 2021 · Nov 16, 2021 · Nov 16, 2021
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -0,0 +1,19 @@
+name: Release
+"on":
+  push:
+    branches:
+      - master
+jobs:
+  release:
+    name: release
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v2
+        with:
+          node-version: lts/*
+          cache: npm
+      - run: npm ci
+      - run: npx semantic-release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -0,0 +1,19 @@
+name: Test
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+    types: [opened, synchronize]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v2
+        with:
+          node-version: "lts/*"
+          cache: npm
+      - run: npm ci
+      - run: npm test
diff --git a/README.md b/README.md
@@ -1,7 +1,5 @@
 # Probot: DCO
 
-[![Greenkeeper badge](https://badges.greenkeeper.io/dcoapp/app.svg)](https://greenkeeper.io/)
-
 a GitHub Integration built with [probot](https://github.com/probot/probot) that enforces the [Developer Certificate of Origin](https://developercertificate.org/) (DCO) on Pull Requests. It requires all commit messages to contain the `Signed-off-by` line with an email address that matches the commit author.
 
 ## Usage
@@ -10,6 +8,35 @@ a GitHub Integration built with [probot](https://github.com/probot/probot) that
 
 See [docs/deploy.md](docs/deploy.md) if you would like to run your own instance of this plugin.
 
+## Modes of operations
+
+### Default
+
+By default, Probot DCO enforces the presence of [valid DCO signoffs](#how-it-works) on all commits (excluding bots and merges). If a PRs contains commits that lack a valid Signed-off-by line, they are blocked until a correctly signed-off revision of the commit is pushed. This closely mirrors the upstream Linux kernel process.
+
+### Individual remediation commit support
+
+Optionally, a project can allow individual remediation commit support, where the failing commit's author can push an additional properly signed-off commit with additional text in the commit log that indicates they apply their signoff retroactively.
+
+To enable this, place the following configuration file in `.github/dco.yml` on the default branch:
+
+```yaml
+allowRemediationCommits:
+  individual: true
+```
+
+### Third-party remediation support
+
+Additionally, a project can allow third-parties to sign off on an author's behalf by pushing an additional properly signed-off commit with additional text in the commit log that indicates they sign off on behalf of the author. Third-party remediation requires individual remediation to be enabled.
+
+To enable this, place the following configuration file in `.github/dco.yml` on the default branch:
+
+```yaml
+allowRemediationCommits:
+  individual: true
+  thirdParty: true
+```
+
 ### Skipping sign-off for organization members
 
 It is possible to disable the check for commits authored and [signed](https://help.github.com/articles/signing-commits-using-gpg/) by members of the organization the repository belongs to. To do this, place the following configuration file in `.github/dco.yml` on the default branch:

diff --git a/api/github/webhooks/index.js b/api/github/webhooks/index.js
@@ -0,0 +1,8 @@
+const { createNodeMiddleware, createProbot } = require('probot')
+
+const app = require('../../../')
+
+module.exports = createNodeMiddleware(app, {
+  probot: createProbot(),
+  webhooksPath: '/api/github/webhooks'
+})