diff --git a/.github/workflows/dev-docker-publish.yml b/.github/workflows/dev-docker-publish.yml index 32a4535..7495805 100644 --- a/.github/workflows/dev-docker-publish.yml +++ b/.github/workflows/dev-docker-publish.yml @@ -9,6 +9,10 @@ on: paths-ignore: - README.md +env: + APP_NAME: ${{ github.repository }} + BRANCH: ${{ github.ref }} + jobs: build-job: uses: th2-net/.github/.github/workflows/compound-java-dev.yml@main @@ -16,4 +20,4 @@ jobs: build-target: 'Docker' docker-username: ${{ github.actor }} secrets: - docker-password: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file + docker-password: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/license_check.yml b/.github/workflows/license_check.yml new file mode 100644 index 0000000..89b721b --- /dev/null +++ b/.github/workflows/license_check.yml @@ -0,0 +1,64 @@ +name: Check licenses + +on: + push: + branches-ignore: + - master + - version-* + - dependabot** + paths-ignore: + - README.md + +env: + APP_NAME: ${{ github.repository }} + BRANCH: ${{ github.ref }} + +jobs: + check_licenses: + runs-on: ubuntu-latest + steps: + - name: checkout actions + uses: actions/checkout@v2 + + - name: Install jq env + run: | + sudo apt-get update + sudo apt-get install -y jq + + - name: Download script + run: | + wget -q -O check_licenses.sh https://raw.githubusercontent.com/th2-net/.github/th2-1836-json-files-update/license-compliance/check_licenses.sh + chmod +x ./check_licenses.sh + + - name: Run check_licenses script + run: ./check_licenses.sh java + id: run_script + + - name: Get version + run: + VERSION=$(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,') + + - name: Uploading results + if: always() + uses: actions/upload-artifact@v3 + with: + name: licenses_check-$APP_NAME-$VERSION + path: ./licenses_check/ + + - name: Results checking + id: result-check + run: | + line_count=$(wc -l < ./licenses_check/failed_licenses.csv) + if [[ $line_count -gt 1 ]]; then + echo "FAILED due to unknown/failed licenses found" + exit 1 + else + echo "PASSED: licenses check successfull" + exit 0 + fi + continue-on-error: false + +# - name: Set workflow status +# run: echo "::set-output name=status::Failure" +# if: steps.set_status.outputs.result == 'FAILED due to unknown licenses found' +# continue-on-error: false diff --git a/build.gradle b/build.gradle index 7ba0c4a..16d84f8 100644 --- a/build.gradle +++ b/build.gradle @@ -1,9 +1,14 @@ +import com.github.jk1.license.filter.LicenseBundleNormalizer +import com.github.jk1.license.render.JsonReportRenderer + plugins { id 'java' id 'java-library' id 'application' id 'com.palantir.docker' version '0.25.0' id "org.owasp.dependencycheck" version "8.2.1" + id 'com.github.jk1.dependency-license-report' version '2.5' + id "de.undercouch.download" version "5.4.0" } ext { @@ -109,4 +114,25 @@ dependencyCheck { dependencyLocking { lockAllConfigurations() +} + +licenseReport { + def licenseNormalizerBundlePath = "$buildDir/license-normalizer-bundle.json" + + if (!file(licenseNormalizerBundlePath).exists()) { + download.run { + src 'https://raw.githubusercontent.com/th2-net/.github/main/license-compliance/gradle-license-report/license-normalizer-bundle.json' + dest "$buildDir/license-normalizer-bundle.json" + overwrite false + } + } + + filters = [ + new LicenseBundleNormalizer(licenseNormalizerBundlePath, false) + ] + renderers = [ + new JsonReportRenderer('licenses.json', false), + ] + excludeOwnGroup = false + allowedLicensesFile = new URL("https://raw.githubusercontent.com/th2-net/.github/main/license-compliance/gradle-license-report/allowed-licenses.json") } \ No newline at end of file