Disable DCO for Copilot-authored PRs

[maelvls]

Hey,

It is now possible to let Copilot create PRs. It is especially useful for the website: it takes a few seconds to change things.

Only problem is that Copilot will not sign off its commits... and there is no point doing it because we can assume that any code written by an LLM is not a "person" in the legal sense and therefore cannot sign the Developer Certificate of Origin, or take legal responsibility for the contribution.

I'm not sure what that means... But my thinking is: let's not require DCO for AI-generated code.

The reason I'm using "copilot-swe-agent[bot]" as the author to be allowed is because that's the git user used by Copilot's agents to commit, e.g.

commit a78f72652ef987f41c7e898efebd241cc27883c7 (origin/copilot/promote-cainjector-merging-to-stable)
Author: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Date:   Fri Mar 6 22:22:53 2026 +0000

    cainjector: promote CAInjectorMerging feature gate to GA (v1.21)

    Signed-off-by: cert-manager-bot <bot@cert-manager.io>

    Co-authored-by: ThatsMrTalbot <15379715+ThatsMrTalbot@users.noreply.github.com>

commit 06b8355a9fcfd9fd6c2ec83db7bd23dc889b2e68
Author: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Date:   Fri Mar 6 22:17:38 2026 +0000

    Initial plan

[cert-manager-prow]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign munnerz for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[cert-manager-prow]

PR needs rebase.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[maelvls]

From CNCFSD-3294:

The DCO requirement is in the CNCF charter, and we need a human being to sign off on the DCO for every commit, even if co-pilot was used as a tool in generating code

It looks like it wouldn't be possible to forgo the human sign-off. One has to git commit --amend --signof Copilot's commits in Copilot's PRs to be able to merge code...