-
Notifications
You must be signed in to change notification settings - Fork 0
76 lines (65 loc) · 2.42 KB
/
license-compliance.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
name: License Compliance
on:
push:
branches:
- main
pull_request:
branches:
- main
jobs:
license-compliance:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: 3.9
- name: Install dependencies
run: |
python -m venv venv
. venv/bin/activate
pip install -r requirements.txt
- name: Check licenses
run: |
. venv/bin/activate
pip install pip-licenses
pip-licenses --from=mixed --output-file=dependency_licenses.json --format=json
- name: 'Parse Dependency licenses'
id: parse-dependency-licenses
run: |
dependency_licenses=$(cat dependency_licenses.json)
echo "::set-output name=dependency-licenses::${dependency_licenses}"
- name: 'Compare Dependency licenses'
id: compare-dependency-licenses
run: |
dependency_licenses=${{ steps.parse-dependency-licenses.outputs.dependency-licenses }}
permitted_licenses="MIT,Apache-2.0,BSD,EPL1"
non_compliant_packages=""
for package in $(echo "${dependency_licenses}" | jq -r '.[] | .Package')
do
license=$(echo "${dependency_licenses}" | jq -r --arg package "$package" '.[] | select(.Package == $package) | .License')
if [[ ! ",${permitted_licenses}," =~ ",${license}," ]]; then
echo "Error: Package $package has an unrecognized license: $license"
non_compliant_packages+="Package $package has an unrecognized license: $license\n"
fi
done
echo "::set-output name=non-compliant-packages::${non_compliant_packages}"
if [ -n "${non_compliant_packages}" ]; then
exit 1
fi
- name: 'Upload Dependency License Report'
if: always()
uses: actions/upload-artifact@v2
with:
name: dependency-license-report
path: dependency_licenses.json
- name: 'Upload License Compliance Results'
if: always()
uses: actions/upload-artifact@v2
with:
name: license-compliance-results
path: license_compliance_results.txt
- name: License compliance summary
run: echo "License compliance check completed. See artifacts for details."