README
¶
Conform
Policy enforcement for your pipelines.
Conform is a tool for enforcing policies on your build pipelines.
Some of the policies included are:
- Commits: Enforce commit policies including:
- Commit message header length
- Developer Certificate of Origin
- GPG signature
- GPG signature identity check
- Conventional Commits
- Imperative mood
- Spell check
- Maximum of one commit ahead of
master - Require a commit body
- Jira issue check
- License Headers: Enforce license headers on source code files.
Getting Started
To install conform you can download a release, or build it locally (go must be installed):
go install github.com/siderolabs/conform/cmd/conform@latest
Third option is to run it as a container:
docker run --rm -it -v $PWD:/src -w /src ghcr.io/siderolabs/conform:v0.1.0-alpha.22 enforce
You can also install conform with aqua.
aqua g -i siderolabs/conform
Now, create a file named .conform.yaml with the following contents:
policies:
- type: commit
spec:
header:
length: 89
imperative: true
case: lower
invalidLastCharacters: .
jira:
keys:
- PROJ
- JIRA
body:
required: true
dco: true
gpg:
required: false
identity:
gitHubOrganization: some-organization
spellcheck:
locale: US
maximumOfOneCommit: true
conventional:
types:
- "type"
scopes:
- "scope"
descriptionLength: 72
- type: license
spec:
skipPaths:
- .git/
- .build*/
includeSuffixes:
- .ext
excludeSuffixes:
- .exclude-ext-prefix.ext
allowPrecedingComments: false
header: |
This is the contents of a license header.
In the same directory, run:
$ conform enforce
POLICY CHECK STATUS MESSAGE
commit Header Length PASS Header is 43 characters
commit Imperative Mood PASS Commit begins with imperative verb
commit Header Case PASS Header case is valid
commit Header Last Character PASS Header last character is valid
commit DCO PASS Developer Certificate of Origin was found
commit GPG PASS GPG signature found
commit GPG Identity PASS Signed by "Someone <someone@example.com>"
commit Conventional Commit PASS Commit message is a valid conventional commit
commit Spellcheck PASS Commit contains 0 misspellings
commit Number of Commits PASS HEAD is 0 commit(s) ahead of refs/heads/master
commit Commit Body PASS Commit body is valid
license File Header PASS All files have a valid license header
To setup a commit-msg hook:
cat <<EOF | tee .git/hooks/commit-msg
#!/bin/sh
conform enforce --commit-msg-file \$1
EOF
chmod +x .git/hooks/commit-msg
We also provide a Pre-Commit hook that you can use as follows:
# .pre-commit-config.yaml
repos:
- repo: https://github.com/siderolabs/conform
rev: master
hooks:
- id: conform
stages:
- commit-msg
License
Directories
¶
| Path | Synopsis |
|---|---|
|
cmd
|
|
|
conform
Package main provides CLI commands.
|
Package main provides CLI commands. |
|
internal
|
|
|
constants
Package constants defines common values.
|
Package constants defines common values. |
|
enforcer
Package enforcer defines policy enforcement.
|
Package enforcer defines policy enforcement. |
|
git
Package git provides helpers for SCM.
|
Package git provides helpers for SCM. |
|
policy
Package policy provides base policy definitions.
|
Package policy provides base policy definitions. |
|
policy/commit
Package commit provides commit-related policies.
|
Package commit provides commit-related policies. |
|
policy/license
Package license provides license policy.
|
Package license provides license policy. |
|
policy/version
Package version provides version policies.
|
Package version provides version policies. |
|
reporter
Package reporter provides check result reporting.
|
Package reporter provides check result reporting. |
|
version
Package version contains variables such as project name, tag and sha.
|
Package version contains variables such as project name, tag and sha. |
Click to show internal directories.
Click to hide internal directories.