feat: Add a CLA workflow

.github/pull_request_template.md

@@ -7,6 +7,7 @@ Describe the use case and detail of the change. If this PR addresses an issue on
 Before creating a PR, run through this checklist and mark each as complete:
 
 - [ ] I have read the [contributing guidelines](/CONTRIBUTING.md).
+- [ ] I have signed the [F5 Contributor License Agreement (CLA)](https://github.com/f5/.github/blob/main/CLA/cla-markdown.md).
 - [ ] If applicable, I have added tests that prove my fix is effective or that my feature works.
 - [ ] If applicable, I have checked that any relevant tests pass after adding my changes.
 - [ ] I have updated any relevant documentation ([`README.md`](/README.md) and [`CHANGELOG.md`](/CHANGELOG.md)).

.github/workflows/f5-cla.yml

@@ -0,0 +1,42 @@
+---
+name: F5 CLA
+on:
+  issue_comment:
+    types: [created]
+  pull_request_target:
+    types: [opened, closed, synchronize]
+permissions: read-all
+jobs:
+  f5-cla:
+    name: F5 CLA
+    runs-on: ubuntu-24.04
+    permissions:
+      actions: write
+      pull-requests: write
+      statuses: write
+    steps:
+      - name: Run F5 Contributor License Agreement (CLA) assistant
+        if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have hereby read the F5 CLA and agree to its terms') || github.event_name == 'pull_request_target'
+        uses: contributor-assistant/github-action@9340315624c6e16cef1f2c63bdeb0f0c49c6f474 # v2.4.0
+        with:
+          # Any pull request targeting the following branch will trigger a CLA check.
+          # NOTE: You might need to edit this value to 'main'.
+          branch: master
+          # Path to the CLA document.
+          path-to-document: https://github.com/f5/.github/blob/main/CLA/cla-markdown.md
+          # Custom CLA messages.
+          custom-notsigned-prcomment: '🎉 Thank you for your contribution! It appears you have not yet signed the F5 Contributor License Agreement (CLA), which is required for your changes to be incorporated into an F5 Open Source Software (OSS) project. Please kindly read the [F5 CLA](https://github.com/f5/.github/blob/main/CLA/cla-markdown.md) and reply on a new comment with the following text to agree:'
+          custom-pr-sign-comment: 'I have hereby read the F5 CLA and agree to its terms'
+          custom-allsigned-prcomment: '✅ All required contributors have signed the F5 CLA for this PR. Thank you!'
+          # Remote repository storing CLA signatures.
+          remote-organization-name: f5
+          remote-repository-name: f5-cla-data
+          path-to-signatures: signatures/signatures.json
+          # Comma separated list of usernames for maintainers or any other individuals who should not be prompted for a CLA.
+          # NOTE: You will want to edit the usernames to suit your project needs.
+          # allowlist: maintainer1, bot*
+          # Do not lock PRs after a merge.
+          lock-pullrequest-aftermerge: false
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          PERSONAL_ACCESS_TOKEN: ${{ secrets.F5_CLA_TOKEN }}

CONTRIBUTING.md

@@ -35,6 +35,12 @@ To suggest a feature or enhancement, please create an issue on GitHub with the l
 
 **Note:** If you'd like to implement a new feature, please consider creating a [feature request issue](/.github/feature_request_template.md) first to start a discussion about the feature.
 
+#### F5 Contributor License Agreement (CLA)
+
+F5 requires all external contributors to agree to the terms of the F5 CLA (available [here](https://github.com/f5/.github/blob/main/CLA/cla-markdown.md)) before any of their changes can be incorporated into an F5 Open Source repository.
+
+If you have not yet agreed to the F5 CLA terms and submit a PR to this repository, a bot will prompt you to view and agree to the F5 CLA. You will have to agree to the F5 CLA terms through a comment in the PR before any of your changes can be merged. Your agreement signature will be safely stored by F5 and no longer be required in future PRs.
+
 ## Code Guidelines
 
 <!-- ### Go/Python/Bash/etc... Guidelines (OPTIONAL) -->

README.md

@@ -9,21 +9,22 @@
 
 This template includes all the scaffolding you need to get started on an OSS repository that meets the required NGINX criteria:
 
-- [Apache License 2.0](/LICENSE) (required for all NGINX OSS projects)
-- [`.gitignore`](/.gitignore) with some minimal sensible defaults
-- [Issue](/.github/ISSUE_TEMPLATE) and [PR](/.github//pull_request_template.md) templates
-- [Contributing](/CONTRIBUTING.md) guidelines
-- [Support](/SUPPORT.md) guidelines for either community and/or commercial support (uncomment either )
-- [Security](/SECURITY.md) guidelines for reporting major vulnerabilities
-- [Code of Conduct](/CODE_OF_CONDUCT.md)
+- [Apache License 2.0](/LICENSE) (required for all NGINX OSS projects).
+- [`.gitignore`](/.gitignore) with some minimal sensible defaults.
+- [Issue](/.github/ISSUE_TEMPLATE) and [PR](/.github//pull_request_template.md) templates.
+- [Contributing](/CONTRIBUTING.md) guidelines.
+- [Support](/SUPPORT.md) guidelines for either community and/or commercial support (uncomment the commercial block if necessary).
+- [Security](/SECURITY.md) guidelines for reporting major vulnerabilities.
+- [Code of Conduct](/CODE_OF_CONDUCT.md).
+- [F5 CLA workflow](/.github/workflows/f5-cla.yml). For more details on the action please check the [F5 CLA signature datastore repository](https://github.com/f5/f5-cla-data).
 - Open Source Security Foundation (OSSF) Scorecard [(implemented via a GitHub Action)](/.github/workflows/ossf_scorecard.yml)
 - [README](/README.md) placeholder. How you structure the README is up to you (although the template provides placeholder sections), but you will need to include:
-  - A [repostatus](https://www.repostatus.org/) badge
-  - An OSSF Scorecard badge. (Optional -- Some projects will by their nature have low scores. In such a case you might want to remove this badge!)
+  - A [repostatus](https://www.repostatus.org/) badge.
+  - An OSSF Scorecard badge. (Optional -- Some projects will by their nature have low scores. In such a case you might want to remove this badge!).
   - A community and/or commercial support badge. Include the latter -- and replace the commented out badge/URL placeholder with the relevant support URL -- if this repository contains a commercially supported project. You can find a commented out example below the community badge in this README.
   - A contributor covenant/code of conduct badge. (Optional -- If you already have multiple badges and want to reduce clutter, simply including the actual code of conduct is enough!)
-  - An explicit link back to the [Apache License 2.0](/LICENSE)
-  - An up to date copyright notice
+  - An explicit link back to the [Apache License 2.0](/LICENSE).
+  - An up to date copyright notice.
 - [Changelog](/CHANGELOG.md) placeholder. (Optional -- A changelog is recommended, but it is not required and can diverge in format from the placeholder here included.)
 - [Codeowners](/.github/CODEOWNERS) placeholder. (Optional -- Codeowners is a useful feature, but not all repositories require them.)