|
| 1 | +# Source: https://github.com/arduino/tooling-project-assets/blob/main/workflow-templates/check-license.md |
| 2 | +name: Check License |
| 3 | + |
| 4 | +env: |
| 5 | + EXPECTED_LICENSE_FILENAME: LICENSE.txt |
| 6 | + # SPDX identifier: https://spdx.org/licenses/ |
| 7 | + EXPECTED_LICENSE_TYPE: AGPL-3.0 |
| 8 | + |
| 9 | +# See: https://docs.github.com/actions/using-workflows/events-that-trigger-workflows |
| 10 | +on: |
| 11 | + create: |
| 12 | + push: |
| 13 | + paths: |
| 14 | + - ".github/workflows/check-license.ya?ml" |
| 15 | + # See: https://github.com/licensee/licensee/blob/master/docs/what-we-look-at.md#detecting-the-license-file |
| 16 | + - "[cC][oO][pP][yY][iI][nN][gG]*" |
| 17 | + - "[cC][oO][pP][yY][rR][iI][gG][hH][tH]*" |
| 18 | + - "[lL][iI][cC][eE][nN][cCsS][eE]*" |
| 19 | + - "[oO][fF][lL]*" |
| 20 | + - "[pP][aA][tT][eE][nN][tT][sS]*" |
| 21 | + pull_request: |
| 22 | + paths: |
| 23 | + - ".github/workflows/check-license.ya?ml" |
| 24 | + - "[cC][oO][pP][yY][iI][nN][gG]*" |
| 25 | + - "[cC][oO][pP][yY][rR][iI][gG][hH][tH]*" |
| 26 | + - "[lL][iI][cC][eE][nN][cCsS][eE]*" |
| 27 | + - "[oO][fF][lL]*" |
| 28 | + - "[pP][aA][tT][eE][nN][tT][sS]*" |
| 29 | + schedule: |
| 30 | + # Run periodically to catch breakage caused by external changes. |
| 31 | + - cron: "0 6 * * WED" |
| 32 | + workflow_dispatch: |
| 33 | + repository_dispatch: |
| 34 | + |
| 35 | +jobs: |
| 36 | + run-determination: |
| 37 | + runs-on: ubuntu-latest |
| 38 | + outputs: |
| 39 | + result: ${{ steps.determination.outputs.result }} |
| 40 | + steps: |
| 41 | + - name: Determine if the rest of the workflow should run |
| 42 | + id: determination |
| 43 | + run: | |
| 44 | + RELEASE_BRANCH_REGEX="refs/heads/[0-9]+.[0-9]+.x" |
| 45 | + # The `create` event trigger doesn't support `branches` filters, so it's necessary to use Bash instead. |
| 46 | + if [[ |
| 47 | + "${{ github.event_name }}" != "create" || |
| 48 | + "${{ github.ref }}" =~ $RELEASE_BRANCH_REGEX |
| 49 | + ]]; then |
| 50 | + # Run the other jobs. |
| 51 | + RESULT="true" |
| 52 | + else |
| 53 | + # There is no need to run the other jobs. |
| 54 | + RESULT="false" |
| 55 | + fi |
| 56 | +
|
| 57 | + echo "::set-output name=result::$RESULT" |
| 58 | +
|
| 59 | + check-license: |
| 60 | + needs: run-determination |
| 61 | + if: needs.run-determination.outputs.result == 'true' |
| 62 | + runs-on: ubuntu-latest |
| 63 | + |
| 64 | + steps: |
| 65 | + - name: Checkout repository |
| 66 | + uses: actions/checkout@v3 |
| 67 | + |
| 68 | + - name: Install Ruby |
| 69 | + uses: ruby/setup-ruby@v1 |
| 70 | + with: |
| 71 | + ruby-version: ruby # Install latest version |
| 72 | + |
| 73 | + - name: Install licensee |
| 74 | + run: gem install licensee |
| 75 | + |
| 76 | + - name: Check license file |
| 77 | + run: | |
| 78 | + EXIT_STATUS=0 |
| 79 | + # See: https://github.com/licensee/licensee |
| 80 | + LICENSEE_OUTPUT="$(licensee detect --json --confidence=100)" |
| 81 | +
|
| 82 | + DETECTED_LICENSE_FILE="$(echo "$LICENSEE_OUTPUT" | jq .matched_files[0].filename | tr --delete '\r')" |
| 83 | + echo "Detected license file: $DETECTED_LICENSE_FILE" |
| 84 | + if [ "$DETECTED_LICENSE_FILE" != "\"${EXPECTED_LICENSE_FILENAME}\"" ]; then |
| 85 | + echo "::error file=${DETECTED_LICENSE_FILE}::detected license file $DETECTED_LICENSE_FILE doesn't match expected: $EXPECTED_LICENSE_FILENAME" |
| 86 | + EXIT_STATUS=1 |
| 87 | + fi |
| 88 | +
|
| 89 | + DETECTED_LICENSE_TYPE="$(echo "$LICENSEE_OUTPUT" | jq .matched_files[0].matched_license | tr --delete '\r')" |
| 90 | + echo "Detected license type: $DETECTED_LICENSE_TYPE" |
| 91 | + if [ "$DETECTED_LICENSE_TYPE" != "\"${EXPECTED_LICENSE_TYPE}\"" ]; then |
| 92 | + echo "::error file=${DETECTED_LICENSE_FILE}::detected license type $DETECTED_LICENSE_TYPE doesn't match expected \"${EXPECTED_LICENSE_TYPE}\"" |
| 93 | + EXIT_STATUS=1 |
| 94 | + fi |
| 95 | +
|
| 96 | + exit $EXIT_STATUS |
0 commit comments