diff --git a/.github/workflows/tpip-check.yml b/.github/workflows/tpip-check.yml new file mode 100644 index 0000000..d6b5d08 --- /dev/null +++ b/.github/workflows/tpip-check.yml @@ -0,0 +1,78 @@ +name: TPIP Check + +on: + pull_request: + paths: + - ".github/workflows/tpip-check.yml" + - "**/go.mod" + - "**/go.sum" + - "tools/eventlist/template/**" + workflow_dispatch: + +env: + tpip_report: "third_party_licenses.md" + +jobs: + check-licenses: + runs-on: ubuntu-latest + timeout-minutes: 5 + steps: + - uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v4 + with: + cache-dependency-path: tools/eventlist/go.sum + go-version-file: tools/eventlist/go.mod + check-latest: true + + - name: Go tidy + run: go mod tidy + working-directory: ./tools/eventlist + + - name: Install go-licenses + run: go install github.com/google/go-licenses@latest + + - name: Generate TPIP Report + run: | + go-licenses report . --ignore github.com/ARM-software/CMSIS-View/tree/main/tools/eventlist --save_path ../../../.. --template ../../template/${{ env.tpip_report }}.template > ../../${{ env.tpip_report }} + date +"%Y/%m/%d %T" >> ../../${{ env.tpip_report }} + working-directory: ./tools/eventlist/cmd/eventlist + + - name: Archive TPIP report + uses: actions/upload-artifact@v3 + with: + name: tpip-report + path: ./tools/eventlist/${{ env.tpip_report }} + + - name: Print TPIP Report + run: cat ${{ env.tpip_report }} >> $GITHUB_STEP_SUMMARY + working-directory: ./tools/eventlist + + - name: Check Licenses + run: go-licenses check . --ignore github.com/ARM-software/CMSIS-View/tree/main/tools/eventlist --disallowed_types=forbidden,restricted + working-directory: ./tools/eventlist/cmd/eventlist + + commit-changes: + needs: [ check-licenses ] + runs-on: ubuntu-latest + timeout-minutes: 5 + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.ref }} + + - name: Restore Changes + uses: actions/download-artifact@v3 + with: + name: tpip-report + path: ./tools/eventlist + + - name: Commit Changes + shell: bash + run: | + git config user.name github-actions + git config user.email github-actions@github.com + git add . + git commit -m "Update TPIP report" + git push diff --git a/tools/eventlist/template/third_party_licenses.md.template b/tools/eventlist/template/third_party_licenses.md.template new file mode 100644 index 0000000..13fd835 --- /dev/null +++ b/tools/eventlist/template/third_party_licenses.md.template @@ -0,0 +1,9 @@ +# Third Party Intellectual Property (TPIP) Report for [cbuild](https://github.com/Open-CMSIS-Pack/cbuild) + +| __Name__ | __Version__ | __Licence__ | +|----------|-------------|-------------| +{{- range . }} +| {{ .Name }} | {{ .Version }} | [{{ .LicenseName }}]({{ .LicenseURL }}) | +{{- end }} + +Report generated and repository checked for [forbidden](https://github.com/google/licenseclassifier/blob/842c0d70d7027215932deb13801890992c9ba364/license_type.go#L323) and [restricted](https://github.com/google/licenseclassifier/blob/842c0d70d7027215932deb13801890992c9ba364/license_type.go#L176) licenses on: \ No newline at end of file diff --git a/tools/eventlist/third_party_licenses.md b/tools/eventlist/third_party_licenses.md new file mode 100644 index 0000000..e69de29