Merge pull request #49 from route06inc/thunk-to-composition #104
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: License Compliance | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
jobs: | |
license_finder: | |
runs-on: ubuntu-latest | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
timeout-minutes: 10 | |
env: | |
LICENSE_REPORT: docs/packages-license.md | |
steps: | |
- uses: actions/create-github-app-token@v1 | |
id: app-token | |
with: | |
app-id: ${{ vars.CI_TRIGGER_APP_ID }} | |
private-key: ${{ secrets.CI_TRIGGER_APP_PRIVATE_KEY }} | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.event.pull_request.head.ref }} | |
token: ${{ steps.app-token.outputs.token }} | |
# To make the success of this job a prerequisite for merging into the main branch, | |
# set a filter here instead of on: to determine whether or not to proceed to the next step. | |
- name: Cache dependency files | |
uses: actions/cache@v4 | |
id: cache | |
with: | |
path: | | |
.github/workflows/license.yml | |
bun.lockb | |
config/dependency_decisions.yml | |
config/license_finder.yml | |
package.json | |
key: license-${{ runner.os }}-${{ hashFiles('.github/workflows/license.yml', 'bun.lockb', 'config/dependency_decisions.yml', 'config/license_finder.yml', 'package.json') }} | |
- name: Determine if files changed | |
id: determine | |
run: | | |
if [ "${{ steps.cache.outputs.cache-hit }}" = 'true' ]; then | |
echo "files_changed=false" >> "$GITHUB_OUTPUT" | |
else | |
echo "files_changed=true" >> "$GITHUB_OUTPUT" | |
fi | |
- uses: oven-sh/setup-bun@v2 | |
if: steps.determine.outputs.files_changed == 'true' | |
with: | |
bun-version-file: "package.json" | |
- run: bun install | |
if: steps.determine.outputs.files_changed == 'true' | |
- uses: ruby/setup-ruby@v1 | |
if: steps.determine.outputs.files_changed == 'true' | |
with: | |
ruby-version: '3.3' | |
- name: Install License Finder | |
if: steps.determine.outputs.files_changed == 'true' | |
run: gem install -N license_finder | |
- name: Run License Finder | |
if: steps.determine.outputs.files_changed == 'true' | |
run: license_finder | |
# Commit the License Finder report as docs/packages-license.md | |
- name: Generate license report | |
if: steps.determine.outputs.files_changed == 'true' && github.ref_name != github.event.repository.default_branch | |
run: license_finder report --format=markdown | tail -n +2 > "$LICENSE_REPORT" | |
- name: Commit license report and push | |
if: steps.determine.outputs.files_changed == 'true' && github.ref_name != github.event.repository.default_branch | |
run: | | |
git config user.name 'github-actions[bot]' | |
git config user.email 'github-actions[bot]@users.noreply.github.com' | |
git add "$LICENSE_REPORT" | |
git commit -m "Update $LICENSE_REPORT" | |
git push origin "$BRANCH_NAME" | |
env: | |
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }} | |
BRANCH_NAME: ${{ github.event.pull_request.head.ref }} |