{"id":13561476,"url":"https://github.com/salesforce/dr-cla","last_synced_at":"2025-04-16T01:19:48.520Z","repository":{"id":66001672,"uuid":"44138060","full_name":"salesforce/dr-cla","owner":"salesforce","description":"Contributor License Agreement Bot for Validating GitHub Pull Requests","archived":false,"fork":false,"pushed_at":"2024-10-31T12:02:36.000Z","size":2443,"stargazers_count":20,"open_issues_count":1,"forks_count":10,"subscribers_count":5,"default_branch":"main","last_synced_at":"2025-04-09T23:04:44.952Z","etag":null,"topics":["cla"],"latest_commit_sha":null,"homepage":"","language":"Scala","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/salesforce.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2015-10-12T22:38:44.000Z","updated_at":"2025-04-04T04:39:18.000Z","dependencies_parsed_at":"2024-11-08T13:32:41.369Z","dependency_job_id":null,"html_url":"https://github.com/salesforce/dr-cla","commit_stats":{"total_commits":198,"total_committers":12,"mean_commits":16.5,"dds":0.4191919191919192,"last_synced_commit":"290a3a1d7db627843a8159b3d41a09f6926257dc"},"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/salesforce%2Fdr-cla","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/salesforce%2Fdr-cla/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/salesforce%2Fdr-cla/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/salesforce%2Fdr-cla/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/salesforce","download_url":"https://codeload.github.com/salesforce/dr-cla/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249178927,"owners_count":21225459,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cla"],"created_at":"2024-08-01T13:00:57.139Z","updated_at":"2025-04-16T01:19:48.482Z","avatar_url":"https://github.com/salesforce.png","language":"Scala","funding_links":[],"categories":["Contributor License Agreements / Developer Certificate of Origins","Contributor License Agreements"],"sub_categories":[],"readme":"# DoctoR-CLAw\n### Contributor License Agreement Tooling\n\n[![FOSSA Status](https://app.fossa.io/api/projects/custom%2B23%2Fgithub.com%2Fsalesforce%2Fdr-cla.svg?type=shield)](https://app.fossa.io/projects/custom%2B23%2Fgithub.com%2Fsalesforce%2Fdr-cla?ref=badge_shield)\n\nThis is a set of tools for dealing with Contributor License Agreements for Open Source Salesforce projects. This repository is affectionately referred to as \"Dr. Claw\" after the Inspector Gadget villain.\n\nThe tools provided are:\n- Pull Request CLA Verifier\n- GitHub Org Audit\n\nThis application is built with:\n- Play Framework 2.5\n- Scala\n- Postgres\n- Heroku Connect\n- Reactive I/O (Non-Blocking)\n\n\nHow it Works\n------------\n\nWhen someone sends a Pull Request to a project on GitHub, a Webhook sends details to this app.  The authors of the commits in the PR are checked to see if they are collaborators on the repo.  If not, the app checks if they have signed CLAs.  If there are missing CLAs then the status of the PR is set to failed.  Otherwise it is set to success.  Also if there are missing CLAs then a comment is posted on the PR asking the contributors to sign the CLA.  Once a contributor signs a CLA, all of the open PRs are revalidated.\n\n[![Deploy on Heroku](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy)\n\n\nOptional Customization Env Vars\n----------------------\n\n    ORG_NAME = Your organization's name\n    ORG_URL = A homepage to redirect to when someone visits /\n    ORG_EMAIL = An email users can reach out to you at\n    ORG_LOGO = URL to a logo you want to display\n    ORG_CLA = URL to the CLA text\n    ORG_DOMAIN = Domain name that internal users will have in their git commit emails\n    ORG_INTERNAL_INSTRUCTIONS_URL = URL with instructions for internal users who are not on the org\n\n\nLocal Dev Setup\n---------------\n\n1. Install Java 8\n1. Install Postgres\n1. Install ngrok\n1. Start ngrok: `ngrok http 9000`\n1. Create local Postgres databases:\n\n        $ psql\n        # CREATE ROLE salesforcecla LOGIN password 'password';\n        # CREATE DATABASE salesforcecla ENCODING 'UTF8' OWNER salesforcecla;\n        # CREATE DATABASE \"salesforcecla-test\" ENCODING 'UTF8' OWNER salesforcecla;\n\n\n1. Setup a new OAuth App for CLA signing:\n    - This will be at: `https://github.com/organizations/{your-organization}/settings/applications/new`\n    - *Application name* = `Something descriptive`\n    - *Authorization callback URL* = `https://YOUR_NGROK_ID.ngrok.io/_github_oauth_callback`\n    - *Homepage URL* = `https://YOUR_NGROK_ID.ngrok.io/`\n    - Once finished, set the `GITHUB_CLIENT_ID` and `GITHUB_CLIENT_SECRET` env vars accordingly\n1. [Setup a new GitHub App](https://github.com/settings/apps) with the following settings:\n    - *Webhook URL* = `https://YOUR_NGROK_ID.ngrok.io/webhook-integration`\n    - *User authorization callback URL* = `https://YOUR_NGROK_ID.ngrok.io/_github_app_oauth_callback`\n    - *Repository administration* = `Read-only`\n    - *Commit statuses* = `Read \u0026 Write`\n    - *Issues* = `Read \u0026 Write`\n    - *Pull requests* = `Read \u0026 Write`\n    - *Repository contents* = `Read-only`\n    - *Organization members* = `Read-only`\n    - Under *Subscribe to events* select *Pull request*\n\n    It is not required, but if you set the GitHub Integration Secret Token, then set the `GITHUB_INTEGRATION_SECRET_TOKEN` env var accordingly.\n\n1. Set the `GITHUB_INTEGRATION_CLIENT_ID` and `GITHUB_INTEGRATION_CLIENT_SECRET` env vars with the OAuth app associated with the GitHub App.\n\n1. Generate and save a new Private key for the new Integration, then set the `GITHUB_INTEGRATION_PRIVATE_KEY` env var accordingly, like:\n\n        export GITHUB_INTEGRATION_PRIVATE_KEY=$(cat ~/somewhere/your-integration.2017-02-07.private-key.pem)\n\n1. Your new GitHub App will have a numeric id, set the `GITHUB_INTEGRATION_ID` env var accordingly.\n1. Your new GitHub App will have a slug / URL friendly name, set the `GITHUB_INTEGRATION_SLUG` env var accordingly.\n1. Set the `GITHUB_BOT_NAME` env var to the value of what you'd like your public facing bot to appear as\n\n```\nexport GITHUB_BOT_NAME=salesforce-cla\n```\n\nRun the Web App\n---------------\n\n1. Start the web app:\n\n        $ ./sbt ~run\n\n1. Authenticate to GitHub with your test user\n1. Open the audit page: `https://SOMETHING.ngrok.com/audit`\n1. You should see a list of organizations which have the GitHub App installed and which you are an admin of\n1. In GitHub edit the `README` file the testing repo and submit a pull request\n1. This will make a webhook request to your local application and validate the CLA status of the submitter\n1. You can see event deliveries in the Developer Settings for your GitHub App\n1. If you make a PR with a testing user that is not part of the org, you should see the PR validation failure and be able to sign the CLA\n\n\nRun the Tests\n-------------\n\n1. You will need two GitHub testing users.  For each, [create a personal access token](https://github.com/settings/tokens) with the following permissions: `admin:org, admin:org_hook, admin:public_key, admin:repo_hook, delete_repo, repo, user`\n\n1. For user one, create a new testing organization (because this can't be done via the API).  Add the second user as a member of this org.\n\n1. For user one, install the GitHub App into the user's account and into the testing org.\n\n1. Set the `GITHUB_TEST_TOKEN1`, `GITHUB_TEST_ORG`, and `GITHUB_TEST_TOKEN2` env vars.\n\n1. Run all of the tests continuously:\n\n        $ ./sbt ~test\n\n1 Run just the `GitHubSpec` tests continuously:\n\n        $ ./sbt ~testOnly utils.GitHubSpec\n        \nLicense\n-------------\n\nThis repo is licensed under the BSD-3-Clause.\n\n[![FOSSA Status](https://app.fossa.io/api/projects/custom%2B23%2Fgithub.com%2Fsalesforce%2Fdr-cla.svg?type=large)](https://app.fossa.io/projects/custom%2B23%2Fgithub.com%2Fsalesforce%2Fdr-cla?ref=badge_large)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsalesforce%2Fdr-cla","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsalesforce%2Fdr-cla","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsalesforce%2Fdr-cla/lists"}