From 941764294a29af8624afef66116f0fad849c9adf Mon Sep 17 00:00:00 2001
From: Shunsuke Suzuki <suzuki.shunsuke.1989@gmail.com>
Date: Sat, 28 Dec 2024 20:17:31 +0900
Subject: [PATCH] ci: add a workflow to check if commits in pull requests are
 verified

---
 .github/workflows/check-commit-signing.yaml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 .github/workflows/check-commit-signing.yaml

diff --git a/.github/workflows/check-commit-signing.yaml b/.github/workflows/check-commit-signing.yaml
new file mode 100644
index 0000000..a1a27be
--- /dev/null
+++ b/.github/workflows/check-commit-signing.yaml
@@ -0,0 +1,14 @@
+---
+name: Check if all commits are signed
+on:
+  pull_request_target:
+    branches: [main]
+concurrency:
+  group: ${{ github.workflow }}--${{ github.head_ref }} # github.ref is unavailable in case of pull_request_target
+  cancel-in-progress: true
+jobs:
+  check-commit-signing:
+    uses: suzuki-shunsuke/check-commit-signing-workflow/.github/workflows/check.yaml@547eee345f56310a656f271ec5eaa900af46b0fb # v0.1.0
+    permissions:
+      contents: read
+      pull-requests: write