From bff03c1b0be58c4605e80750fb805af2ffa7415e Mon Sep 17 00:00:00 2001 From: Taras Drozdovskyi Date: Wed, 6 Dec 2023 10:55:36 +0200 Subject: [PATCH] Updated github->actions Signed-off-by: Taras Drozdovskyi --- .github/workflows/build.yml | 2 +- .github/workflows/fossology.yml | 20 ++++++++---- .github/workflows/fossology_test.yml | 37 +++++++++++++++++++++++ .github/workflows/license-finder.yml | 2 +- .github/workflows/scancode.yml | 2 +- .github/workflows/scorecards-analysis.yml | 2 +- whitelist.json => whitelistjson | 0 7 files changed, 55 insertions(+), 10 deletions(-) create mode 100644 .github/workflows/fossology_test.yml rename whitelist.json => whitelistjson (100%) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index face3741..86c01f29 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -12,7 +12,7 @@ jobs: platform: [numaker_pfm_m2351, m2351_badge, mps2_an505_qemu] runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Install extra tools run: | diff --git a/.github/workflows/fossology.yml b/.github/workflows/fossology.yml index 6a08e4d3..a6e879d1 100644 --- a/.github/workflows/fossology.yml +++ b/.github/workflows/fossology.yml @@ -9,17 +9,25 @@ jobs: runs-on: ubuntu-latest container: - image: fossology/fossology:scanner + image: fossology/fossology:scanner@sha256:fdc87d4ec8a57a79bd09fef0cc7e6289cb6a03d079a170ea3b19c0e1449a933f steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Fossology run run: | - export GITHUB_TOKEN=${{secrets.GITHUB_TOKEN}} - export GITHUB_PULL_REQUEST="None" - /bin/fossologyscanner repo nomos ojo copyright keyword - continue-on-error: true + export GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} + export GITHUB_REPO_OWNER=${{ github.actor }} + export GITHUB_REPO_URL=https://github.com/${{ github.repository}} + export GITHUB_PULL_REQUEST=${{ github.event.number }} + # echo "GITHUB_TOKEN=$GITHUB_TOKEN" >> $GITHUB_ENV + /bin/fossologyscanner repo nomos ojo + # copyright keyword + # env: + # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # GITHUB_PULL_REQUEST: "None" + # GITHUB_REPO_OWNER: ${{ github.actor }} + continue-on-error: false - name: Upload artifact uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce diff --git a/.github/workflows/fossology_test.yml b/.github/workflows/fossology_test.yml new file mode 100644 index 00000000..80cd33d7 --- /dev/null +++ b/.github/workflows/fossology_test.yml @@ -0,0 +1,37 @@ +name: Check diff for license with Fossology + +on: [push, pull_request] + + +jobs: + check-license: + name: Check license + runs-on: ubuntu-22.04 + steps: + - uses: actions/checkout@v3 + - run: | + docker run --rm --name "fossologyscanner" -w "/opt/repo" -v ${PWD}:/opt/repo \ + -e GITHUB_TOKEN=${{ github.token }} \ + -e GITHUB_PULL_REQUEST=${{ github.event.number }} \ + -e GITHUB_REPOSITORY=${{ github.repository }} \ + -e GITHUB_REPO_URL=${{ github.repositoryUrl }} \ + -e GITHUB_REPO_OWNER=${{ github.repository_owner }} \ + -e GITHUB_API=${{ github.api_url }} \ + -e GITHUB_ACTIONS \ + fossology/fossology:scanner "/bin/fossologyscanner" nomos ojo + + check-copyright: + name: Check copyright + runs-on: ubuntu-22.04 + steps: + - uses: actions/checkout@v3 + - run: | + docker run --rm --name "fossologyscanner" -w "/opt/repo" -v ${PWD}:/opt/repo \ + -e GITHUB_TOKEN=${{ github.token }} \ + -e GITHUB_PULL_REQUEST=${{ github.event.number }} \ + -e GITHUB_REPOSITORY=${{ github.repository }} \ + -e GITHUB_API=${{ github.api_url }} \ + -e GITHUB_REPO_URL=${{ github.repositoryUrl }} \ + -e GITHUB_REPO_OWNER=${{ github.repository_owner }} \ + -e GITHUB_ACTIONS \ + fossology/fossology:scanner "/bin/fossologyscanner" copyright keyword \ No newline at end of file diff --git a/.github/workflows/license-finder.yml b/.github/workflows/license-finder.yml index 09dc48c2..65b989c9 100644 --- a/.github/workflows/license-finder.yml +++ b/.github/workflows/license-finder.yml @@ -12,7 +12,7 @@ jobs: image: gianlucadb0/license_finder steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: License finder run run: | diff --git a/.github/workflows/scancode.yml b/.github/workflows/scancode.yml index 1eacbd05..d28e4a4d 100644 --- a/.github/workflows/scancode.yml +++ b/.github/workflows/scancode.yml @@ -12,7 +12,7 @@ jobs: image: gianlucadb0/scancode-toolkit steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: Create results directory run: mkdir results diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml index 3b18adce..530d31a9 100644 --- a/.github/workflows/scorecards-analysis.yml +++ b/.github/workflows/scorecards-analysis.yml @@ -22,7 +22,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 with: persist-credentials: false diff --git a/whitelist.json b/whitelistjson similarity index 100% rename from whitelist.json rename to whitelistjson