diff --git a/.github/workflows/tpip-check.yml b/.github/workflows/tpip-check.yml index 395de95..33b3213 100644 --- a/.github/workflows/tpip-check.yml +++ b/.github/workflows/tpip-check.yml @@ -1,7 +1,6 @@ name: TPIP Check on: - # Trigger on pull request any Go package is changed. pull_request: paths: - ".github/workflows/tpip-check.yml" @@ -9,7 +8,10 @@ on: - "**/go.sum" - "scripts/template/**" workflow_dispatch: - + +env: + tpip_report: "third_party_licenses.md" + jobs: check-licenses: runs-on: ubuntu-latest @@ -31,20 +33,42 @@ jobs: - name: Generate TPIP Report run: | - go-licenses report . --ignore github.com/Open-CMSIS-Pack/cbuild --template ../../scripts/template/tpip-license.template > ../../scripts/tpip.md - date +"%Y/%m/%d %T" >> ../../scripts/tpip.md + go-licenses report . --ignore github.com/Open-CMSIS-Pack/cbuild --template ../../scripts/template/${{ env.tpip_report }}.template > ../../${{ env.tpip_report }} + date +"%Y/%m/%d %T" >> ../../${{ env.tpip_report }} working-directory: ./cmd/cbuild - - name: Save Changes + - name: Archive TPIP report uses: actions/upload-artifact@v3 with: - name: changes - path: scripts/tpip.md + name: tpip-report + path: ./${{ env.tpip_report }} - name: Print TPIP Report - run: cat tpip.md >> $GITHUB_STEP_SUMMARY - working-directory: scripts + run: cat ${{ env.tpip_report }} >> $GITHUB_STEP_SUMMARY - name: Check Licenses run: go-licenses check . --ignore github.com/Open-CMSIS-Pack/cbuild --disallowed_types=forbidden,restricted working-directory: ./cmd/cbuild + + commit-changes: + needs: [ check-licenses ] + runs-on: ubuntu-latest + timeout-minutes: 5 + steps: + - uses: actions/checkout@v3 + with: + ref: ${{ github.event.pull_request.head.ref }} + + - name: Restore Changes + uses: actions/download-artifact@v3 + with: + name: tpip-report + + - name: Commit Changes + shell: bash + run: | + git config user.name github-actions + git config user.email github-actions@github.com + git add . + git commit -m "Update TPIP report" + git push diff --git a/.goreleaser.yml b/.goreleaser.yml index 1104c9f..5960f30 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -15,6 +15,7 @@ archives: - LICENSE - README.md - CHANGELOG.md + - third_party_licenses.md format_overrides: - goos: windows diff --git a/scripts/template/tpip-license.template b/scripts/template/third_party_licenses.md.template similarity index 100% rename from scripts/template/tpip-license.template rename to scripts/template/third_party_licenses.md.template diff --git a/scripts/tpip.md b/scripts/tpip.md deleted file mode 100644 index e69de29..0000000 diff --git a/third_party_licenses.md b/third_party_licenses.md new file mode 100644 index 0000000..0dec2f4 --- /dev/null +++ b/third_party_licenses.md @@ -0,0 +1,12 @@ +# Third Party Intellectual Property (TPIP) Report for [cbuild](https://github.com/Open-CMSIS-Pack/cbuild) + +| __Name__ | __Version__ | __Licence__ | +|----------|-------------|-------------| +| cbuild | Unknown | [Apache-2.0](Unknown) | +| github.com/sirupsen/logrus | v1.9.0 | [MIT](https://github.com/sirupsen/logrus/blob/v1.9.0/LICENSE) | +| github.com/spf13/cobra | v1.6.1 | [Apache-2.0](https://github.com/spf13/cobra/blob/v1.6.1/LICENSE.txt) | +| github.com/spf13/pflag | v1.0.5 | [BSD-3-Clause](https://github.com/spf13/pflag/blob/v1.0.5/LICENSE) | +| golang.org/x/sys/unix | v0.5.0 | [BSD-3-Clause](https://cs.opensource.google/go/x/sys/+/v0.5.0:LICENSE) | +| gopkg.in/yaml.v3 | v3.0.1 | [MIT](https://github.com/go-yaml/yaml/blob/v3.0.1/LICENSE) | + +Report generated and repository checked for [forbidden](https://github.com/google/licenseclassifier/blob/842c0d70d7027215932deb13801890992c9ba364/license_type.go#L323) and [restricted](https://github.com/google/licenseclassifier/blob/842c0d70d7027215932deb13801890992c9ba364/license_type.go#L176) licenses on: 2023/09/07 10:44:09