diff --git a/.github/workflows/license-compliance.yml b/.github/workflows/license-compliance.yml index d67618e..12141c8 100644 --- a/.github/workflows/license-compliance.yml +++ b/.github/workflows/license-compliance.yml @@ -9,35 +9,29 @@ on: - main jobs: - license-compliance: + license-check: runs-on: ubuntu-latest - steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v2 - name: Set up Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v2 with: - python-version: 3.9 + python-version: '3.8' - name: Install dependencies run: | - python -m venv venv - . venv/bin/activate + python -m pip install --upgrade pip pip install -r requirements.txt - - - name: Check licenses - run: | - . venv/bin/activate pip install pip-licenses - pip-licenses --from=mixed --output-file=dependencies_licenses.txt - - name: Upload license reports - uses: actions/upload-artifact@v3 - with: - name: dependencies-license-reports - path: dependencies_licenses.txt + - name: Run license compliance tests + run: python -m unittest discover -s test -p 'test_license_compliance.py' - - name: License compliance summary - run: echo "License compliance check completed. See artifacts for details." + - name: Upload License Compliance Report + if: always() + uses: actions/upload-artifact@v2 + with: + name: license-compliance-report + path: license_compliance_report.txt diff --git a/src/test/test_license_compliance b/src/test/test_license_compliance new file mode 100644 index 0000000..d35aa1d --- /dev/null +++ b/src/test/test_license_compliance @@ -0,0 +1,54 @@ +import unittest +import subprocess +import json +import os + +class TestLicenseCompliance(unittest.TestCase): + ALLOWED_LICENSES = { + 'MIT', + 'BSD', + 'Apache 2.0', + 'BSD-2-Clause', + 'BSD-3-Clause', + 'ISC', + } + + def test_license_compliance(self): + result = subprocess.run(['pip-licenses', '--format=json'], capture_output=True, text=True) + packages = json.loads(result.stdout) + + non_compliant_packages = [] + + for pkg in packages: + if pkg['License'] not in self.ALLOWED_LICENSES: + non_compliant_packages.append(pkg) + with self.subTest(pkg=pkg['Name']): + self.assertIn(pkg['License'], self.ALLOWED_LICENSES, f"{pkg['Name']} has a disallowed license: {pkg['License']}") + + # Fail the test if there are any non-compliant packages + if non_compliant_packages: + self.fail(f"Found non-compliant licenses in packages: {[pkg['Name'] for pkg in non_compliant_packages]}") + + @classmethod + def tearDownClass(cls): + # Generate report content + report = "\nLicense Compliance Report:\n" + report += "="*40 + "\n" + result = subprocess.run(['pip-licenses', '--format=json'], capture_output=True, text=True) + packages = json.loads(result.stdout) + for pkg in packages: + status = "Compliant" if pkg['License'] in cls.ALLOWED_LICENSES else "Non-compliant" + report += f"{pkg['Name']} (Version: {pkg['Version']}) - {pkg['License']} - {status}\n" + report += "="*40 + "\n" + + # Write report to a file + report_file_path = os.path.join(os.getcwd(), 'license_compliance_report.txt') + with open(report_file_path, 'w') as report_file: + report_file.write(report) + + # Print path to the report file (for verification) + print(f"License Compliance Report saved to: {report_file_path}") + +if __name__ == '__main__': + unittest.main() +