Skip to content

Add support for skipping CLA requirement for bots #4729

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Jul 31, 2025
Merged

Add support for skipping CLA requirement for bots #4729

merged 4 commits into from
Jul 31, 2025

Conversation

@lukaszgryglicki
Copy link
Member

@lukaszgryglicki lukaszgryglicki commented Jul 31, 2025

@lukaszgryglicki lukaszgryglicki self-assigned this Jul 31, 2025
Copilot AI review requested due to automatic review settings July 31, 2025 08:42
@lukaszgryglicki lukaszgryglicki changed the base branch from dev to main July 31, 2025 08:43
Copilot AI reviewed Jul 31, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR implements support for skipping CLA requirements for bots through a configurable whitelist system. The feature allows GitHub organizations to define patterns for bot users that should automatically pass CLA checks without needing to sign CLAs.

  • Adds configurable bot whitelisting via skip_cla field in GitHub organization records
  • Implements pattern matching for repository names, GitHub usernames, emails, and names with support for exact matches, wildcards, and regex patterns
  • Integrates the whitelisting logic into both Python and Go backend CLA validation workflows

Reviewed Changes

Copilot reviewed 16 out of 16 changed files in this pull request and generated 5 comments.

Show a summary per file
File Description
utils/skip_cla_entry.sh Utility script for managing skip_cla entries in DynamoDB
utils/list_tables.sh New utility to list DynamoDB tables with filtering
utils/describe_table.sh Enhanced table description utility with region support
utils/describe_all.sh New utility to describe all tables and export data
cla-backend/cla/models/github_models.py Core Python implementation of bot whitelisting logic
cla-backend/cla/models/event_types.py Added BypassCLA event type
cla-backend/cla/models/dynamo_models.py Added skip_cla field to GitHubOrg model
cla-backend-go/v2/sign/helpers.go Integration of whitelisting in Go v2 sign service
cla-backend-go/swagger/common/github-organization.yaml API documentation for skip_cla field
cla-backend-go/signatures/service.go Integration of whitelisting in Go v1 signatures service
cla-backend-go/github_organizations/models.go Added skip_cla field to Go models
cla-backend-go/github/bots.go Core Go implementation of bot whitelisting logic
cla-backend-go/events/event_types.go Added BypassCLA event type constant
cla-backend-go/events/event_data.go Added BypassCLA event data structure
WHITELISTING_BOTS.md Comprehensive documentation for the feature
README.md Added reference to bot whitelisting documentation

@lukaszgryglicki lukaszgryglicki mentioned this pull request Jul 31, 2025
Closed
4 tasks
@lukaszgryglicki
Add prod setup example
d0f3880 
Signed-off-by: Lukasz Gryglicki <[email protected]>
@lukaszgryglicki
One more docs update
02bdd45 
Signed-off-by: Lukasz Gryglicki <[email protected]>
This was referenced Jul 31, 2025
Draft
Closed
ahmedomosanya
ahmedomosanya approved these changes Jul 31, 2025
View reviewed changes
Copy link

@ahmedomosanya ahmedomosanya left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@lukaszgryglicki lukaszgryglicki merged commit 0d4d7a4 into main Jul 31, 2025
2 checks passed
@trask
Copy link

trask commented Jul 31, 2025

thanks! can you let us know when this has been deployed so we can try it out?

@mlehotskylf
Copy link
Collaborator

mlehotskylf commented Jul 31, 2025

@trask we will do some internal testing and we are planning to release this sometime in August.

@mlehotskylf
Copy link
Collaborator

mlehotskylf commented Jul 31, 2025

@trask please check this ticket for any updates: #4701

@lukaszgryglicki
Copy link
Member Author

lukaszgryglicki commented Jul 31, 2025

@trask its deployed but I can see from logs that this bot's login reported by GitHub is different that expected:

"message": "2025-07-31T14:22:11 DEBUG cla: Checking actor: id='None',login='None',username='(null)',email='[email protected]' for skip_cla config: ['copilot-swe-agent[bot];re:^\\\\d+\\\\+Copilot@users\\\\.noreply\\\\.github\\\\.com$;*']\n"

Like the bot data from GitHub only has email - there is no login/username and name.

I will update config and retest after our internal call.

This should be ready to go in about an hour from now.

@lukaszgryglicki
Copy link
Member Author

lukaszgryglicki commented Jul 31, 2025

@trask @mlehotskylf @jarias-lfx the feature is deployed and confirmed that it works in requested repos, see: open-telemetry/otel-arrow#612 (comment) and openfga/vscode-ext#382 (comment)

@trask
Copy link

trask commented Jul 31, 2025

awesome, thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@ahmedomosanya ahmedomosanya ahmedomosanya approved these changes

@dealako dealako Awaiting requested review from dealako

@mlehotskylf mlehotskylf Awaiting requested review from mlehotskylf

@amolsontakke3576 amolsontakke3576 Awaiting requested review from amolsontakke3576

@thakurveerendras thakurveerendras Awaiting requested review from thakurveerendras

@jarias-lfx jarias-lfx Awaiting requested review from jarias-lfx

Assignees

@lukaszgryglicki lukaszgryglicki

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@lukaszgryglicki @trask @mlehotskylf @ahmedomosanya