-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
110 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,110 @@ | ||
| name: License Compliance for frontend | ||
|
|
||
| # ## Summary | ||
| # | ||
| # This workflow runs the license_finder CLI only when it detects an update to files related to the License Finder. | ||
| # It also updates $LICENSE_REPORT and git commit. | ||
| # | ||
| # When triggered by a PR from a forked repository, $LICENSE_REPORT is not updated. | ||
| # When triggered by a push to the default branch, $LICENSE_REPORT is not updated either. | ||
|
|
||
| on: | ||
| push: | ||
| branches: | ||
| - main | ||
| pull_request: | ||
|
|
||
| env: | ||
| working-directory: frontend | ||
|
|
||
| jobs: | ||
| license_finder: | ||
| runs-on: ubuntu-latest | ||
| concurrency: | ||
| group: ${{ github.workflow }}-${{ github.ref }} | ||
| cancel-in-progress: true | ||
| timeout-minutes: 10 | ||
| env: | ||
| LICENSE_REPORT: docs/packages-license.md | ||
| steps: | ||
| - name: Check if running in a fork | ||
| id: fork-check | ||
| run: echo "is_fork=${{ github.event.pull_request.head.repo.fork }}" >> "$GITHUB_OUTPUT" | ||
| - name: Create GitHub App Token for non-fork PRs | ||
| uses: actions/create-github-app-token@v1 | ||
| if: steps.fork-check.outputs.is_fork != 'true' | ||
| id: app-token | ||
| with: | ||
| app-id: ${{ vars.CI_TRIGGER_APP_ID }} | ||
| private-key: ${{ secrets.CI_TRIGGER_APP_PRIVATE_KEY }} | ||
| - name: Checkout code for non-fork PRs | ||
| if: steps.fork-check.outputs.is_fork != 'true' | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| ref: ${{ github.event.pull_request.head.ref }} | ||
| token: ${{ steps.app-token.outputs.token }} | ||
| - name: Checkout code for forked PRs | ||
| if: steps.fork-check.outputs.is_fork == 'true' | ||
| uses: actions/checkout@v4 | ||
| # To make the success of this job a prerequisite for merging into the main branch, | ||
| # set a filter here instead of on: to determine whether or not to proceed to the next step. | ||
| - name: Cache dependency files | ||
| uses: actions/cache@v4 | ||
| id: cache | ||
| with: | ||
| path: | | ||
| .github/workflows/license-frontend.yml | ||
| frontend/config/dependency_decisions.yml | ||
| frontend/config/license_finder.yml | ||
| frontend/package.json | ||
| frontend/pnpm-lock.yaml | ||
| key: license-frontend-${{ runner.os }}-${{ hashFiles('.github/workflows/license-frontend.yml', 'frontend/config/dependency_decisions.yml', 'frontend/config/license_finder.yml', 'frontend/package.json', 'frontend/pnpm-lock.yaml') }} | ||
| - name: Determine if files changed | ||
| id: determine | ||
| run: | | ||
| if [ "${{ steps.cache.outputs.cache-hit }}" = 'true' ]; then | ||
| echo "files_changed=false" >> "$GITHUB_OUTPUT" | ||
| else | ||
| echo "files_changed=true" >> "$GITHUB_OUTPUT" | ||
| fi | ||
| - uses: ./.github/actions/pnpm-setup | ||
| if: steps.determine.outputs.files_changed == 'true' | ||
| with: | ||
| working-directory: ${{ env.working-directory }} | ||
| - uses: ruby/setup-ruby@v1 | ||
| if: steps.determine.outputs.files_changed == 'true' | ||
| with: | ||
| ruby-version: '3.3' | ||
| - name: Install License Finder | ||
| if: steps.determine.outputs.files_changed == 'true' | ||
| run: gem install -N license_finder | ||
| - name: Run License Finder | ||
| if: steps.determine.outputs.files_changed == 'true' | ||
| run: license_finder | ||
| working-directory: ${{ env.working-directory }} | ||
|
|
||
| # Commit the License Finder report as docs/packages-license.md | ||
| - name: Generate license report | ||
| if: | | ||
| steps.fork-check.outputs.is_fork != 'true' | ||
| && steps.determine.outputs.files_changed == 'true' | ||
| && github.ref_name != github.event.repository.default_branch | ||
| run: | | ||
| mkdir -p "$(dirname "$LICENSE_REPORT")" | ||
| license_finder report --format=markdown | tail -n +2 > "$LICENSE_REPORT" | ||
| working-directory: ${{ env.working-directory }} | ||
| - name: Commit license report and push | ||
| if: | | ||
| steps.fork-check.outputs.is_fork != 'true' | ||
| && steps.determine.outputs.files_changed == 'true' | ||
| && github.ref_name != github.event.repository.default_branch | ||
| run: | | ||
| git config user.name 'github-actions[bot]' | ||
| git config user.email 'github-actions[bot]@users.noreply.github.com' | ||
| git add "$LICENSE_REPORT" | ||
| git commit -m "Update $LICENSE_REPORT" | ||
| git push origin "$BRANCH_NAME" | ||
| env: | ||
| GITHUB_TOKEN: ${{ steps.app-token.outputs.token }} | ||
| BRANCH_NAME: ${{ github.event.pull_request.head.ref }} | ||
| working-directory: ${{ env.working-directory }} |