Conform
Policy enforcement for your pipelines.
Conform is a tool for enforcing policies on your build pipelines.
Some of the policies included are:
- Commits: Enforce commit policies including:
- Commit message header length
- Developer Certificate of Origin
- GPG signature
- GPG signature identity check
- Conventional Commits
- Imperative mood
- Spell check
- Maximum of one commit ahead of
master
- Require a commit body
- Jira issue check
- License Headers: Enforce license headers on source code files.
Getting Started
To install conform you can download a release, or build it locally (go must be installed):
go install github.com/siderolabs/conform/cmd/conform@latest
Third option is to run it as a container:
docker run --rm -it -v $PWD:/src -w /src ghcr.io/siderolabs/conform:v0.1.0-alpha.22 enforce
Now, create a file named .conform.yaml
with the following contents:
policies:
- type: commit
spec:
header:
length: 89
imperative: true
case: lower
invalidLastCharacters: .
jira:
keys:
- PROJ
- JIRA
body:
required: true
dco: true
gpg:
required: false
identity:
gitHubOrganization: some-organization
spellcheck:
locale: US
maximumOfOneCommit: true
conventional:
types:
- "type"
scopes:
- "scope"
descriptionLength: 72
- type: license
spec:
skipPaths:
- .git/
- .build*/
includeSuffixes:
- .ext
excludeSuffixes:
- .exclude-ext-prefix.ext
allowPrecedingComments: false
header: |
This is the contents of a license header.
In the same directory, run:
$ conform enforce
POLICY CHECK STATUS MESSAGE
commit Header Length PASS Header is 43 characters
commit Imperative Mood PASS Commit begins with imperative verb
commit Header Case PASS Header case is valid
commit Header Last Character PASS Header last character is valid
commit DCO PASS Developer Certificate of Origin was found
commit GPG PASS GPG signature found
commit GPG Identity PASS Signed by "Someone <[email protected]>"
commit Conventional Commit PASS Commit message is a valid conventional commit
commit Spellcheck PASS Commit contains 0 misspellings
commit Number of Commits PASS HEAD is 0 commit(s) ahead of refs/heads/master
commit Commit Body PASS Commit body is valid
license File Header PASS All files have a valid license header
To setup a commit-msg
hook:
cat <<EOF | tee .git/hooks/commit-msg
#!/bin/sh
conform enforce --commit-msg-file \$1
EOF
chmod +x .git/hooks/commit-msg
We also provide a Pre-Commit hook that you can use as follows:
# .pre-commit-config.yaml
repos:
- repo: https://github.com/siderolabs/conform
rev: master
hooks:
- id: conform
stages:
- commit-msg