diff --git a/.github/workflows/license-compliance.yml b/.github/workflows/license-compliance.yml index d67618e..0b720c8 100644 --- a/.github/workflows/license-compliance.yml +++ b/.github/workflows/license-compliance.yml @@ -31,13 +31,46 @@ jobs: run: | . venv/bin/activate pip install pip-licenses - pip-licenses --from=mixed --output-file=dependencies_licenses.txt + pip-licenses --from=mixed --output-file=dependency_licenses.json --format=json - - name: Upload license reports - uses: actions/upload-artifact@v3 + - name: 'Parse Dependency licenses' + id: parse-dependency-licenses + run: | + dependency_licenses=$(cat dependency_licenses.json) + echo "::set-output name=dependency-licenses::${dependency_licenses}" + + - name: 'Compare Dependency licenses' + id: compare-dependency-licenses + run: | + dependency_licenses=$(cat dependency_licenses.json) + echo "Dependency licenses content:" + echo "${dependency_licenses}" + + permitted_licenses="MIT License,Apache-2.0,BSD,EPL1" # Updated permitted licenses list + + for package_info in $(echo "${dependency_licenses}" | jq -c '.[]'); do + package_name=$(echo "${package_info}" | jq -r '.Name') + license=$(echo "${package_info}" | jq -r '.License') + + if [[ ! ",${permitted_licenses}," =~ ",${license}," ]]; then + echo "Error: Package ${package_name} has an unrecognized license: ${license}" + exit 1 + fi + done + + - name: 'Upload Dependency License Report' + if: always() + uses: actions/upload-artifact@v2 + with: + name: dependency-license-report + path: dependency_licenses.json + + - name: 'Upload License Compliance Results' + if: always() + uses: actions/upload-artifact@v2 with: - name: dependencies-license-reports - path: dependencies_licenses.txt + name: license-compliance-results + path: license_compliance_results.txt - name: License compliance summary run: echo "License compliance check completed. See artifacts for details."