Signing Commits

All commits merged into Kargo's main branch MUST bear a DCO (Developer Certificate of Origin) sign-off. This is a line placed at the end of a commit message containing a contributor’s “signature.” In adding this, the contributor certifies that they have the right to contribute the material in question.

Here are the steps to sign your work:

Verify the contribution in your commit complies with the terms of the DCO.
Add a line like the following to your commit message:
```
Signed-off-by: Joe Smith <joe.smith@example.com>
```
You MUST use your legal name -- handles or other pseudonyms are not permitted.

While you could manually add DCO sign-off to every commit, there is an easier way:
1. Configure your git client appropriately. This is one-time setup.
```
git config user.name <legal name>
git config user.email <email address you use for GitHub>
```
  If you work on multiple projects that require a DCO sign-off, you can configure your git client to use these settings globally instead of only for Kargo:
```
git config --global user.name <legal name>
git config --global user.email <email address you use for GitHub>
```
2. Use the --signoff or -s (lowercase) flag when making each commit. For example:
```
git commit --message "<commit message>" --signoff
```
  If you ever make a commit and forget to use the --signoff flag, you can amend your commit with this information before pushing:
```
git commit --amend --signoff
```
3. You can verify the above worked as expected using git log. Your latest commit should look similar to this one:
```
Author: Joe Smith <joe.smith@example.com>
Date:   Thu Feb 2 11:41:15 2018 -0800

Update README

Signed-off-by: Joe Smith <joe.smith@example.com>
```
  Notice the Author and Signed-off-by lines match. If they do not, the PR will be rejected by the automated DCO check.