Fossa License Scan #2722
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow scans the licenses with Fossa and waits until the license test finished | |
| name: Fossa License Scan | |
| on: | |
| workflow_run: | |
| workflows: | |
| - Push Workflow Trigger | |
| types: | |
| - completed | |
| jobs: | |
| fossa-license-analyze: | |
| name: "Fossa ${{ github.event.workflow_run.head_branch != 'main' && format('PR {0}', github.event.workflow_run.pull_requests[0].number) || 'main' }}" | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 60 | |
| steps: | |
| - name: Initiate check | |
| env: | |
| SHA: "${{ github.event.workflow_run.head_sha }}" | |
| GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | |
| run: >- | |
| gh api | |
| --method POST | |
| -H "Accept: application/vnd.github+json" | |
| /repos/${GITHUB_REPOSITORY}/statuses/${SHA} | |
| -f state='pending' | |
| -f target_url=https://github.com/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID} | |
| -f description='Checking Licenses' | |
| -f context='fossa-license-analyze' | |
| continue-on-error: true | |
| - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # tag=v3 | |
| with: | |
| ref: ${{ github.event.workflow_run.head_sha }} # checkout commit that triggered this workflow | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 | |
| with: | |
| distribution: 'temurin' | |
| java-version: 17 | |
| cache: 'gradle' | |
| - name: Install Fossa | |
| run: "curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/v3.2.8/install-latest.sh | sudo bash" | |
| - name: Fossa Analyze | |
| env: | |
| FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} | |
| BRANCH: ${{ github.event.workflow_run.head_branch }} | |
| run: fossa analyze --project "sda-spring-boot-commons" --branch "$BRANCH" | |
| - name: Fossa Test | |
| env: | |
| FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} | |
| run: fossa test --project "sda-spring-boot-commons" --debug | |
| - name: Successful check | |
| if: success() | |
| env: | |
| SHA: "${{ github.event.workflow_run.head_sha }}" | |
| GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | |
| run: >- | |
| gh api | |
| --method POST | |
| -H "Accept: application/vnd.github+json" | |
| /repos/${GITHUB_REPOSITORY}/statuses/${SHA} | |
| -f state='success' | |
| -f target_url=https://github.com/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID} | |
| -f description='License approved' | |
| -f context='fossa-license-analyze' | |
| continue-on-error: true | |
| - name: Failed check | |
| if: failure() | |
| env: | |
| SHA: "${{ github.event.workflow_run.head_sha }}" | |
| GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | |
| run: >- | |
| gh api | |
| --method POST | |
| -H "Accept: application/vnd.github+json" | |
| /repos/${GITHUB_REPOSITORY}/statuses/${SHA} | |
| -f state='failure' | |
| -f target_url=https://github.com/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID} | |
| -f description='License check failed' | |
| -f context='fossa-license-analyze' | |
| continue-on-error: true |