chore(actions): generate FOSSA report on master, and ALWAYS check for… (#26857)

2026-04-20 16:44:46 +00:00 · 2024-01-29 16:18:50 -07:00
parent 29bc68bd3e
commit 785e832e8d
37 changed files with 654 additions and 62 deletions
--- a/.github/workflows/generate-FOSSA-report.yml
+++ b/.github/workflows/generate-FOSSA-report.yml
@@ -0,0 +1,63 @@
+name: Generate FOSSA report
+
+on:
+  push:
+    branches:
+      - "master"
+
+jobs:
+  config:
+    runs-on: "ubuntu-latest"
+    outputs:
+      has-secrets: ${{ steps.check.outputs.has-secrets }}
+    steps:
+      - name: "Check for secrets"
+        id: check
+        shell: bash
+        run: |
+          if [ -n "${{ (secrets.FOSSA_API_KEY != '' ) || '' }}" ]; then
+            echo "has-secrets=1" >> "$GITHUB_OUTPUT"
+          fi
+
+  license_check:
+    needs: config
+    if: needs.config.outputs.has-secrets
+    name: Generate Report
+    runs-on: ubuntu-20.04
+    steps:
+      - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
+        uses: actions/checkout@v3
+        with:
+          persist-credentials: false
+          submodules: recursive
+      - name: Setup Java
+        uses: actions/setup-java@v1
+        with:
+          java-version: 8
+      - name: Generate fossa report
+        env:
+          FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
+        run: |
+          set -eo pipefail
+          if [[ "${{github.event_name}}" != "pull_request" ]]; then
+            ./scripts/fossa.sh
+            exit 0
+          fi
+
+          URL="https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/files"
+          FILES=$(curl -s -X GET -G $URL | jq -r '.[] | .filename')
+
+          cat<<EOF
+          CHANGED FILES:
+          $FILES
+
+          EOF
+
+          if [[ "${FILES}" =~ (.*package*\.json|requirements\/[a-z_-]+\.txt|setup\.py) ]]; then
+            echo "Detected dependency changes... running fossa check"
+
+            ./scripts/fossa.sh
+          else
+            echo "No dependency changes... skiping fossa check"
+          fi
+        shell: bash
--- a/.github/workflows/license-check.yml
+++ b/.github/workflows/license-check.yml
@@ -1,29 +1,11 @@
-name: License Check
+name: License Template Check

 on:
-  push:
-    branches:
-      - 'master'
  pull_request:
    types: [synchronize, opened, reopened, ready_for_review]

 jobs:
-  config:
-    runs-on: "ubuntu-latest"
-    outputs:
-      has-secrets: ${{ steps.check.outputs.has-secrets }}
-    steps:
-      - name: "Check for secrets"
-        id: check
-        shell: bash
-        run: |
-          if [ -n "${{ (secrets.FOSSA_API_KEY != '' ) || '' }}" ]; then
-            echo "has-secrets=1" >> "$GITHUB_OUTPUT"
-          fi
-
  license_check:
-    needs: config
-    if: needs.config.outputs.has-secrets
    name: License Check
    runs-on: ubuntu-20.04
    steps:
@@ -36,32 +18,5 @@ jobs:
        uses: actions/setup-java@v1
        with:
          java-version: 8
-      - name: Generate fossa report
-        env:
-          FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
-        run: |
-          set -eo pipefail
-          if [[ "${{github.event_name}}" != "pull_request" ]]; then
-            ./scripts/fossa.sh
-            exit 0
-          fi
-
-          URL="https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/files"
-          FILES=$(curl -s -X GET -G $URL | jq -r '.[] | .filename')
-
-          cat<<EOF
-          CHANGED FILES:
-          $FILES
-
-          EOF
-
-          if [[ "${FILES}" =~ (.*package*\.json|requirements\/[a-z_-]+\.txt|setup\.py) ]]; then
-            echo "Detected dependency changes... running fossa check"
-
-            ./scripts/fossa.sh
-          else
-            echo "No dependency changes... skiping fossa check"
-          fi
-        shell: bash
      - name: Run license check
        run: ./scripts/check_license.sh