generated from oracle-devrel/repo-template
-
Notifications
You must be signed in to change notification settings - Fork 32
42 lines (41 loc) · 1.67 KB
/
license_audit.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
name: Audit licenses
on:
pull_request_target:
jobs:
run_scancode_toolkit:
name: Get inventory of licenses used in project
runs-on: ubuntu-latest
container:
image: ghcr.io/oracledevrel/scancode-toolkit:v21.3.31
credentials:
username: ${{ github.actor }}
password: ${{ secrets.GHCR_PAT }}
steps:
- name: 'Checkout repo'
uses: actions/checkout@v2
with:
ref: ${{ github.event.pull_request.head.ref }}
repository: ${{ github.event.pull_request.head.repo.full_name }}
- name: Run Scancode-toolkit
run: |
scancode -l --ignore licenses.json --ignore .github/**/* --ignore license_policy.yml --license-policy license_policy.yml --only-findings --summary --json-pp licenses.json *
echo "\n\nHere is the licenses.json:\n"
echo $(cat licenses.json)
- name: Look for non-approved licenses
uses: oracle-devrel/[email protected]
id: analysis
with:
licenses_file: '/github/workspace/licenses.json'
- name: Analysis results
run: echo "${{ steps.analysis.outputs.unapproved_licenses }}"
- name: Comment if analysis finds unapproved licenses
if: steps.analysis.outputs.unapproved_licenses == 'true'
uses: mshick/add-pr-comment@v1
with:
message: |
:no_entry: **License Inspection**
Requires manual inspection. There are some licenses which dictate further analysis and review.
repo-token: ${{ secrets.GITHUB_TOKEN }}
- name: Halt pipeline on unapproved licenses
if: steps.analysis.outputs.unapproved_licenses == 'true'
run: exit 1