feat!: ignore bots signoff check

in case that a branch contains bot commits then these commits will not be checked.
this code assume that the email address of all bots contains [bot].

Signed-off-by: dolby360 <[email protected]>

src/handlers/pr-signed-commits.js

@@ -33,9 +33,8 @@ async function handleSignedCommits(context, _config, startedAt) {
 
     // list all unsigned commits
     var unsignedCommits = [];
-    let isBot = context.payload.sender.type === 'Bot'
     await Promise.all(allCommits.map(commit =>
-        verifyCommitTrailer(commit.commit, isBot).catch(() => unsignedCommits.push(commit))))
+        verifyCommitTrailer(commit.commit).catch(() => unsignedCommits.push(commit))))
 
     // default output when all commits are signed
     let finalConclusion = 'success';
@@ -69,16 +68,19 @@ async function handleSignedCommits(context, _config, startedAt) {
 }
 
 // verify a commit message have a 'Signed-off-by' trailer correlating with the commits' author/committer
-async function verifyCommitTrailer(commit, isBot) {
+async function verifyCommitTrailer(commit) {
     // list all 'Signed-off-by' trailers matching the author or committer
     var trailerMatches = []
+    // if it a bot there is no need to verify that commits are signing-off properly
+    if(commit.author.email.includes('[bot]')
+        || commit.committer.email.includes('[bot]')){
+        return;
+    }
     commit.message.split(EOL).forEach(line => {
         let match = line.match(SIGN_OFF_TRAILER_REGEX);
         if (match !== null) {
             let signed = { name: match[1], email: `${match[2]}@${match[3]}` };
-            if (
-                isBot // bots get a pass as they are the signers but not the author or the committer
-                || (signed.name === commit.author.name && signed.email === commit.author.email) // signed by author
+            if ((signed.name === commit.author.name && signed.email === commit.author.email) // signed by author
                 || (signed.name === commit.committer.name && signed.email === commit.committer.email) // signed by committer
             ) {
                 trailerMatches.push(signed);

tests/handlers/pr-signed-commits.test.js

@@ -23,8 +23,12 @@ suite('Testing the pr-signed-commits handler', () => {
     const fakeAuthorEmail = '[email protected]';
     const fakeCommitterName = 'Ezekiel Committer';
     const fakeCommitterEmail = '[email protected]';
+    // fake unknown fixture data
     const fakeUnknownName = 'Some Other';
     const fakeUnknownEmail = '[email protected]';
+    // fake bot fixture data
+    const fakeBotName = 'Elias Author';
+    const fakeBotEmail = '49699333+dependabot[bot]@users.noreply.github.com';
 
     // the expected arg for creating a new check run
     const expectedCreateCheckRunInfo = {
@@ -90,6 +94,13 @@ suite('Testing the pr-signed-commits handler', () => {
     var commitUnsigned = cloneDeep(base_commitObject);
     commitUnsigned.commit.message = 'this commit is not signed';
 
+    var commitUnsignedBot = cloneDeep(base_commitObject);
+    commitUnsignedBot.commit.author.name = fakeBotName;
+    commitUnsignedBot.commit.author.email = fakeBotEmail;
+    commitUnsignedBot.commit.committer.name = fakeBotName;
+    commitUnsignedBot.commit.committer.email = fakeBotEmail;
+    commitUnsignedBot.commit.message = 'this commit is not signed';
+
     /* ###################################################### ##
     ## #### Fixtures and test cases for successful tests #### ##
     ## ####################################################### */
@@ -103,6 +114,7 @@ suite('Testing the pr-signed-commits handler', () => {
     const oneSignedByAuthor_commitsListResponse = {data: [commitSignedByAuthor]};
     const oneSignedByCommitter_commitsListResponse = {data: [commitSignedByCommitter]};
     const twoSignedCommitsByAuthor_commitsListResponse = {data: [commitSignedByAuthor, commitSignedByAuthor]};
+    const twoCommitsBotNotSignedAuthorSigned_commitsListResponse = {data: [commitUnsignedBot, commitSignedByAuthor]};
 
     const successTestCases = [
         {
@@ -345,7 +357,31 @@ suite('Testing the pr-signed-commits handler', () => {
 
         // given the payload has identified the unknown user as a bot
         let fakeBotContext = cloneDeep(fakeContext);
-        fakeBotContext.payload.sender.type = 'Bot';
+
+        // when invoking the handler with the fake context, a fake config, and a iso timestamp
+        await prSignedCommitsHandler(fakeBotContext, sinon.fake(), new Date().toISOString());
+
+        // then expect the following functions invocation flow
+        expect(repoFuncStub).to.have.calledWith(expectedCreateCheckRunInfo);
+        expect(createCheckStub).to.have.been.calledOnceWith(expectedCreateCheckRunInfo);
+
+        expect(pullRequestFuncStub).to.have.been.calledOnceWith();
+        expect(listCommitsStub).to.have.been.calledOnceWith(expectedListCommitsInfo);
+
+        expect(repoFuncStub).to.have.calledWith(success_expectedUpdateCheck);
+        expect(updateCheckStub).to.have.been.calledOnceWith(success_expectedUpdateCheck);
+    })
+
+    test('Test with two commits one is not signed by bot and one signed by author', async () => {
+        verifyEmailStub
+            .withArgs(fakeUnknownEmail, sinon.match.func)
+            .yields(null, { code: emailVerifier.verifyCodes.finishedVerification });
+
+        // given the list commits service will resolve to one commit signed by an unknown user
+        listCommitsStub.resolves(twoCommitsBotNotSignedAuthorSigned_commitsListResponse);
+
+        // given the payload has identified the unknown user as a bot
+        let fakeBotContext = cloneDeep(fakeContext);
 
         // when invoking the handler with the fake context, a fake config, and a iso timestamp
         await prSignedCommitsHandler(fakeBotContext, sinon.fake(), new Date().toISOString());