Skip to content

fix: use ncn-system-ops slack for daily alerts (#2819) #14165

fix: use ncn-system-ops slack for daily alerts (#2819)

fix: use ncn-system-ops slack for daily alerts (#2819) #14165

name: Check licenses.d2iq.yaml
permissions:
contents: write
on:
pull_request:
types: [opened, reopened, synchronize, labeled, unlabeled]
workflow_dispatch: {}
push:
tags:
- v*
branches:
- main
jobs:
check-license-yaml:
runs-on: ubuntu-latest
name: Check licenses.d2iq.yaml
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
ref: ${{ github.head_ref }}
fetch-depth: 0
token: ${{ secrets.GITHUB_TOKEN }}
- name: Install NIX
uses: cachix/install-nix-action@v30
- name: Install devbox
uses: jetify-com/[email protected]
with:
enable-cache: true
skip-nix-installation: true
- name: Generate image list
run: |
export PATH=${PWD}/.local/bin:$PATH
devbox run -- helm plugin install https://github.com/d2iq-labs/helm-list-images
devbox run -- ./hack/list-images.sh > images.txt
echo "printing contents of images.txt"
cat images.txt
- name: Update licenses
id: updateLicenses
continue-on-error: true
if: |
contains(github.event.pull_request.labels.*.name, 'update-licenses')
uses: docker://mesosphere/dkp-licenses-cli:licenses-v0.0.13
with:
args: >-
validate container-images-mapping --input=images.txt --mapping-file=licenses.d2iq.yaml
--check-sources --check-sources-skip-gh-org mesosphere --update-licenses
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
- name: Import GPG key
if: |
contains(github.event.pull_request.labels.*.name, 'update-licenses')
uses: crazy-max/ghaction-import-gpg@v6
with:
gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.GPG_PASSPHRASE }}
git_user_signingkey: true
- name: Commit and push changes
if: |
contains(github.event.pull_request.labels.*.name, 'update-licenses')
run: |
git config user.email [email protected]
git config user.name d2iq-mergebot
git config --global user.signingkey ${{ secrets.MERGEBOT_GPG_KEY_ID }}
git remote set-url origin https://x-access-token:${GITHUB_TOKEN}@github.com/${GITHUB_REPOSITORY}.git
git config --global url."https://oauth2:${GITHUB_TOKEN}@github.com/".insteadOf "https://github.com/"
git add licenses.d2iq.yaml
if output=$(git status --porcelain) && [ ! -z "$output" ]; then
git commit -S -v -m "build: Updated licenses.d2iq.yaml"
git push --force-with-lease
fi
env:
GITHUB_TOKEN: ${{ secrets.MESOSPHERECI_USER_TOKEN }}
- name: Run validation
uses: docker://mesosphere/dkp-licenses-cli:licenses-v0.0.13
with:
args: >-
validate container-images-mapping --input=images.txt --mapping-file=licenses.d2iq.yaml
--check-sources --check-sources-skip-gh-org mesosphere --output-format=github
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"