Skip to content
License Compliance

Update license-compliance.yml #6

Sign in to view logs

Update license-compliance.yml

Update license-compliance.yml #6

Workflow file for this run

.github/workflows/license-compliance.yml at c78c2f5
name: License Compliance
on:
push:
branches:
- main
pull_request:
branches:
- main
jobs:
license-compliance:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: 3.9
- name: Install dependencies
run: |
python -m venv venv
. venv/bin/activate
pip install -r requirements.txt
- name: Check licenses
run: |
. venv/bin/activate
pip install pip-licenses
pip-licenses --from=mixed --output-file=dependency_licenses.json --format=json
- name: 'Parse Dependency licenses'
id: parse-dependency-licenses
run: |
dependency_licenses=$(cat dependency_licenses.json)
echo "::set-output name=dependency-licenses::${dependency_licenses}"
- name: 'Compare Dependency licenses'
run: |
dependency_licenses=${{ steps.parse-dependency-licenses.outputs.dependency-licenses }}
permitted_licenses="MIT,Apache-2.0,BSD,EPL1"
for package in $(echo "${dependency_licenses}" | jq -r '.[] | .Package')
do
license=$(echo "${dependency_licenses}" | jq -r --arg package "$package" '.[] | select(.Package == $package) | .License')
if [[ ! ",${permitted_licenses}," =~ ",${license}," ]]; then
echo "Error: Package $package has an unrecognized license: $license"
exit 1
fi
done
- name: Publish Test Results
uses: EnricoMi/[email protected]
if: always()
with:
junit_files: "dependency_licenses.json"
check_name: "Dependency License Compliance Check"
- name: 'Upload Dependency License Report'
if: always()
uses: actions/upload-artifact@v2
with:
name: dependency-license-report
path: dependency_licenses.json
- name: License compliance summary
run: echo "License compliance check completed. See artifacts for details."