Added reusable cla check

[bluvulture]

https://pimcore.atlassian.net/browse/SOLI-97

Added reusable CLA check workflow
Bumped CLA action version to latest one from action release repo

example usage of new CLA within dependent workflow

name: "CLA Assistant"
on:
issue_comment:
types: [created]
pull_request_target:
types: [opened,closed,synchronize]
jobs:
cla-check:
uses: pimcore/workflows-collection-public/.github/workflows/reusable-cla-check.yml@cla_check

After this PR has been merged, new release will be created and dependent workflows will reference versioned one

[bluvulture]

@herbertroth tested it here
https://github.com/pimcore/saas-cypress/pull/79

this is what needs to be added in source repo, not that cla_check branch in git url will be changed with tag version as soon this is merged and released

name: CLA Workflow

on:
  issue_comment:
    types: [created]
  pull_request_target:
    types: [opened, closed, synchronize]

jobs:
  call-cla-workflow:
    uses: pimcore/workflows-collection-public/.github/workflows/reusable-cla-check.yaml@cla_check
    if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target'

    secrets:
      PERSONAL_ACCESS_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }}

[herbertroth]

Shouldn't we use the CLA_ACTION_ACCESS_TOKEN instead of PRIVATE_ACCESS_TOKEN?
And update doku here: https://pimcore.atlassian.net/wiki/spaces/PD/pages/2548006917/CLA+Checker

[bluvulture]

Shouldn't we use the CLA_ACTION_ACCESS_TOKEN instead of PRIVATE_ACCESS_TOKEN? And update doku here: https://pimcore.atlassian.net/wiki/spaces/PD/pages/2548006917/CLA+Checker

@herbertroth I thought so, but we need to stick to naming from cla checker
https://github.com/contributor-assistant/github-action?tab=readme-ov-file#environmental-variables

will update docs afterwards - will create one migration doc

[herbertroth]

Shouldn't we use the CLA_ACTION_ACCESS_TOKEN instead of PRIVATE_ACCESS_TOKEN? And update doku here: https://pimcore.atlassian.net/wiki/spaces/PD/pages/2548006917/CLA+Checker

@herbertroth I thought so, but we need to stick to naming from cla checker https://github.com/contributor-assistant/github-action?tab=readme-ov-file#environmental-variables

So PERSONAL_ACCESS_TOKEN: ${{ secrets.CLA_ACTION_ACCESS_TOKEN }} would also work? or do i misunderstood the doku?

[bluvulture]

Shouldn't we use the CLA_ACTION_ACCESS_TOKEN instead of PRIVATE_ACCESS_TOKEN? And update doku here: https://pimcore.atlassian.net/wiki/spaces/PD/pages/2548006917/CLA+Checker

@herbertroth I thought so, but we need to stick to naming from cla checker https://github.com/contributor-assistant/github-action?tab=readme-ov-file#environmental-variables

So PERSONAL_ACCESS_TOKEN: ${{ secrets.CLA_ACTION_ACCESS_TOKEN }} would also work? or do i misunderstood the doku?

Would probably, but I did not want to use different names for env variable and secret.
I can try it out also, just let me know and I will test it out

[bluvulture]

@herbertroth ping for re-check

dependent workflow should look like this

name: CLA Workflow

on:
  issue_comment:
    types: [created]
  pull_request_target:
    types: [opened, closed, synchronize]

jobs:
  call-cla-workflow:
    uses: pimcore/workflows-collection-public/.github/workflows/reusable-cla-check.yaml@cla_check
    if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target'
    secrets:
      CLA_ACTION_ACCESS_TOKEN: ${{ secrets.CLA_ACTION_ACCESS_TOKEN }}