From 3d1c27b5c9d300b292754c1b6d7752cce00bceca Mon Sep 17 00:00:00 2001 From: Taras Drozdovskyi Date: Wed, 6 Dec 2023 10:55:36 +0200 Subject: [PATCH] Updated github->actions Signed-off-by: Taras Drozdovskyi --- .github/workflows/build.yml | 2 +- .github/workflows/fossology.yml | 61 ++++++++++++++++------- .github/workflows/fossology_test.yml | 38 ++++++++++++++ .github/workflows/license-finder.yml | 2 +- .github/workflows/scancode.yml | 2 +- .github/workflows/scorecards-analysis.yml | 2 +- README.md | 2 + 7 files changed, 87 insertions(+), 22 deletions(-) create mode 100644 .github/workflows/fossology_test.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index face3741..86c01f29 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -12,7 +12,7 @@ jobs: platform: [numaker_pfm_m2351, m2351_badge, mps2_an505_qemu] runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Install extra tools run: | diff --git a/.github/workflows/fossology.yml b/.github/workflows/fossology.yml index 6a08e4d3..06359efc 100644 --- a/.github/workflows/fossology.yml +++ b/.github/workflows/fossology.yml @@ -5,29 +5,54 @@ on: [push, pull_request] # contents: read jobs: - fossology: - runs-on: ubuntu-latest - - container: - image: fossology/fossology:scanner - + check-license: + name: Check license + runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 + - run: | + docker run --rm --name "fossologyscanner" -w "/opt/repo" -v ${PWD}:/opt/repo \ + -e GITHUB_TOKEN=${{ github.token }} \ + -e GITHUB_PULL_REQUEST=${{ github.event.number }} \ + -e GITHUB_REPOSITORY=${{ github.repository }} \ + -e GITHUB_REPO_URL=${{ github.repositoryUrl }} \ + -e GITHUB_REPO_OWNER=${{ github.repository_owner }} \ + -e GITHUB_API=${{ github.api_url }} \ + -e GITHUB_ACTIONS=true \ + fossology/fossology:scanner "/bin/fossologyscanner" --report TEXT repo nomos ojo + # - name: Upload artifact + - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce + with: + name: scan-fossology-report + path: ./results - - name: Fossology run - run: | - export GITHUB_TOKEN=${{secrets.GITHUB_TOKEN}} - export GITHUB_PULL_REQUEST="None" - /bin/fossologyscanner repo nomos ojo copyright keyword - continue-on-error: true + # - name: Artifact download + - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a + with: + name: scan-fossology-report - - name: Upload artifact - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce + check-copyright: + name: Check copyright + runs-on: ubuntu-22.04 + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 + - run: | + docker run --rm --name "fossologyscanner" -w "/opt/repo" -v ${PWD}:/opt/repo \ + -e GITHUB_TOKEN=${{ github.token }} \ + -e GITHUB_PULL_REQUEST=${{ github.event.number }} \ + -e GITHUB_REPOSITORY=${{ github.repository }} \ + -e GITHUB_API=${{ github.api_url }} \ + -e GITHUB_REPO_URL=${{ github.repositoryUrl }} \ + -e GITHUB_REPO_OWNER=${{ github.repository_owner }} \ + -e GITHUB_ACTIONS=true \ + fossology/fossology:scanner "/bin/fossologyscanner" --report TEXT repo copyright keyword + # - name: Upload artifact + - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce with: name: scan-fossology-report path: ./results - - name: Artifact download - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a + # - name: Artifact download + - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a with: - name: scan-fossology-report \ No newline at end of file + name: scan-fossology-report diff --git a/.github/workflows/fossology_test.yml b/.github/workflows/fossology_test.yml new file mode 100644 index 00000000..0f83e4da --- /dev/null +++ b/.github/workflows/fossology_test.yml @@ -0,0 +1,38 @@ +name: Check diff for license with Fossology + +on: [push, pull_request] + + +jobs: + check-license: + name: Check license + runs-on: ubuntu-22.04 + steps: + - uses: actions/checkout@v3 + - run: | + docker run --rm --name "fossologyscanner" -w "/opt/repo" -v ${PWD}:/opt/repo \ + -e GITHUB_TOKEN=${{ github.token }} \ + -e GITHUB_PULL_REQUEST=${{ github.event.number }} \ + -e GITHUB_REPOSITORY=${{ github.repository }} \ + -e GITHUB_REPO_URL=${{ github.repositoryUrl }} \ + -e GITHUB_REPO_OWNER=${{ github.repository_owner }} \ + -e GITHUB_API=${{ github.api_url }} \ + -e GITHUB_ACTIONS=true \ + fossology/fossology:scanner "/bin/fossologyscanner" --report TEXT repo nomos ojo + + check-copyright: + name: Check copyright + runs-on: ubuntu-22.04 + steps: + - uses: actions/checkout@v3 + - run: | + docker run --rm --name "fossologyscanner" -w "/opt/repo" -v ${PWD}:/opt/repo \ + -e GITHUB_TOKEN=${{ github.token }} \ + -e GITHUB_PULL_REQUEST=${{ github.event.number }} \ + -e GITHUB_REPOSITORY=${{ github.repository }} \ + -e GITHUB_API=${{ github.api_url }} \ + -e GITHUB_REPO_URL=${{ github.repositoryUrl }} \ + -e GITHUB_REPO_OWNER=${{ github.repository_owner }} \ + -e GITHUB_ACTIONS=true \ + fossology/fossology:scanner "/bin/fossologyscanner" --report TEXT repo copyright keyword + diff --git a/.github/workflows/license-finder.yml b/.github/workflows/license-finder.yml index 09dc48c2..65b989c9 100644 --- a/.github/workflows/license-finder.yml +++ b/.github/workflows/license-finder.yml @@ -12,7 +12,7 @@ jobs: image: gianlucadb0/license_finder steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: License finder run run: | diff --git a/.github/workflows/scancode.yml b/.github/workflows/scancode.yml index 1eacbd05..d28e4a4d 100644 --- a/.github/workflows/scancode.yml +++ b/.github/workflows/scancode.yml @@ -12,7 +12,7 @@ jobs: image: gianlucadb0/scancode-toolkit steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Create results directory run: mkdir results diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml index 3b18adce..530d31a9 100644 --- a/.github/workflows/scorecards-analysis.yml +++ b/.github/workflows/scorecards-analysis.yml @@ -22,7 +22,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 with: persist-credentials: false diff --git a/README.md b/README.md index 85f378ee..7b52c678 100644 --- a/README.md +++ b/README.md @@ -90,3 +90,5 @@ you can find here](.github/CONTRIBUTING.md). [NuMaker-PFM-M2351]: http://www.nuvoton.com.cn/hq/products/iot-solution/iot-platform/numaker-maker-platform/numaker-pfm-m2351?__locale=en [M2351-Badge]: docs/schemes/m2351_badge [V2M-MPS2-Qemu]: https://developer.arm.com/documentation/100964/1114/Microcontroller-Prototyping-System-2?lang=en + +