Enable Microsoft CLA bot for external PRs#1
Conversation
|
Please rebase and retarget to aclmain. |
mayankfz
force-pushed
the
mayansingh/enable-cla-bot
branch
from
5e6cdd0 to
e9833e3
Compare
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
Adds a GitHub Actions workflow to automate Microsoft CLA checks for PRs and enable manual recheck via comment.
Changes:
- Introduces a new
cla.ymlworkflow triggered onpull_request_targetand specificissue_commentcommands - Configures the Microsoft CLA Assistant action to record signatures and lock PRs after merge
- Grants workflow permissions required for status updates and signature file changes
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Add .github/workflows/cla.yml to run Microsoft CLA check on PRs - Update CONTRIBUTING.md with CLA requirement documentation - Allowlist bot accounts and Microsoft org members - CLA signatures stored in signatures/version1/cla.json
mayankfz
force-pushed
the
mayansingh/enable-cla-bot
branch
from
e9833e3 to
335eac2
Compare
| github.event_name == 'pull_request_target' | ||
| uses: contributor-assistant/github-action@v2.6.1 | ||
| env: | ||
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
There was a problem hiding this comment.
Do we need to limit when does this action gets executed?
There was a problem hiding this comment.
The action is already gated:
For issue_comment: only triggers on PR comments with exact "recheck" or CLA sign text
For pull_request_target: runs on all PRs, but the allowlist auto-passes bots and the CLA portal auto-passes linked Microsoft accounts. Are we looking for something more specific ?
Task - https://dev.azure.com/mariner-org/ACL/_workitems/edit/20352
Inspiration - https://github.com/contributor-assistant/github-action#configure-contributor-license-agreement-within-two-minutes
Azl3 uses the Microsoft CLA bot GitHub App directly. The bot runs the license/cla status check automatically on PRs without needing any workflow file in the repo. If we want to match Azl3 exactly, we would need to remove the cla.yml and just have the Microsoft CLA GitHub App installed on the repo (admin set up). The workflow approach is a fallback that works without the app.