How to ask for CLA signature in merge requests on GitLab?

Question

I would like to publish a project under GPL license, but would like to request CLA (Contributor License Agreements) signing before accepting merge requests.

GitHub has a few solutions which automate this (ClaHub, cla-assistant), however I can't find anything similar for GitLab. There is a long standing issue to add support for it natively, but it's been opened 2 years ago.

I know Git sign-off can be used for DCO, but I am wondering if it could somehow be (ab)used for signing CLA agreements?

In short, how do I make the process of signing CLAs as painless as possible for both contributors and myself, while still making the agreements (somewhat) legally binding?

EDIT: To the person who cast a vote for closing: I checked the guidelines again and it seems to me that the question falls squarely in software tools commonly used by programmers; and is a practical, answerable problem that is unique to software development. It also doesn't fall into exceptions listed, at least the way I understand them. That said, I would appreciate a comment about the reasons for the vote, so that I can formulate the question better or find a more suitable StackExchange site if needed.

Answer 1

There is no official native support for CLA in GitLab for now.
The issue you are referencing is linked to issue 48118 ("Stakeholder approval for merge requests"), but itself is linked to two GitLab Enterprise issues -issues 1979 "Multiple blocking merge request approval rules" and issue 965 "Upgrading approvals with approval chain")

So for now, relying on a third-party service site remains the "less painful" solution.
That means, using the services highlighted in the original issue: CLAClub or cla-assistant.io.

The last one (cla-assistant) will, for a public registered repo (registered to cla-assistant) will:

• Comments on each opened pull request to ask the contributor to sign the CLA
• Allows contributors to sign a CLA from within a pull request
• Authenticates the signee with his or her GitHub account
• Updates the status of a pull request when the contributor agrees to the CLA
• Automatically asks users to re-sign the CLA for each new pull request in the event the associated Gist & CLA has changed

Note: you can install and run your own instance of cla-assistant in order to store in your own private dedicated database the CLAs for your project.

But: since those services are tied to GitHub accounts, and there is no equivalent for GitLab, DCO should not be dismissed, especially in light of the Nov. 2017 GitLab blog post "GitLab Transitions Contributor Licensing to Developer Certificate of Origin to Better Support Open Source Projects; Empower Contributors "

GitLab’s move away from a CLA is meant to modernize its code hosting and collaborative development infrastructure for all open source projects.

Additionally, requiring a CLA became problematic for developers who didn’t want to enter into legal terms; they weren’t reviewing the CLA contract and they effectively gave up their rights to own and contribute to open source code.

And "We're switching to a DCO for source code contributions". When it comes to GitLab projects, a DCO like this one remains the chosen solution.
See the analysis comparing CLA and DCO.