Doc ~ Examples deploy #81
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# (C) 2024 GoodData Corporation | |
# Deploy of ui sdk examples | |
name: FOSSA ~ Update attribtion file | |
on: | |
workflow_dispatch: | |
jobs: | |
fossa-scan: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
ref: "IMJ-FOSSA-TEST" | |
token: ${{ secrets.TOKEN_GITHUB_YENKINS_ADMIN }} | |
- name: Setup node | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 18.17.0 | |
- name: Install rush | |
run: | | |
npm install -g @microsoft/rush | |
- name: Rush install | |
run: | | |
rush install | |
- name: Add repository to git safe directories to avoid dubious ownership issue | |
run: git config --global --add safe.directory $GITHUB_WORKSPACE | |
- name: Config user | |
run: | | |
git config --global user.email "[email protected]" | |
git config --global user.name "git-action" | |
- name: Install fossa | |
run: | | |
curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | sudo bash | |
- name: dummy package.json | |
run: | | |
echo '{}' > common/config/rush/package.json | |
- name: Fossa scan | |
run: fossa analyze --project "gooddata-ui-sdk" --branch "IMJ-FOSSA-TEST" | |
env: | |
FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} | |
- name: list of target | |
run: fossa list-targets | |
env: | |
FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} | |
- name: Generate FOSSA Attribution Report | |
uses: nick-fields/retry@v3 | |
env: | |
FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} | |
MINIMUM_LINES: 50000 | |
with: | |
timeout_minutes: 5 | |
max_attempts: 3 | |
retry_on: error | |
retry_wait_seconds: 30 | |
command: | | |
# wait for the scan to finish in fossa app and then download the attribution file | |
sleep 30 | |
REVISION=$(git rev-parse HEAD) | |
LINK="https://app.fossa.com/api/revisions/custom%2B13637%2Fgooddata-ui-sdk%24$REVISION/attribution/download?includeProjectLicense=&includeLicenseScan=&includeDependencySummary=true&includeDirectDependencies=true&includeDeepDependencies=true&includeLicenseList=true&includeVulnerabilities=&format=TXT&includeLicenseHeaders=&download=true" | |
echo $LINK | |
curl -o NOTICE --header "Authorization: Bearer $FOSSA_API_KEY" $LINK | |
# check if the NOTICE file has at least 50000 lines | |
# empty notice has cca 50 lines so 50000 is a good threshold | |
# current notice has cca 100000 lines so NOTICE has less than 50000 lines its suspicious | |
lines=$(wc -l < NOTICE) | |
if (( lines < $MINIMUM_LINES )); then | |
echo "The NOTICE file has less than 50000 lines." | |
exit 1 | |
fi | |
- name: Git commit and push | |
run: | | |
# add changelogs | |
git add NOTICE | |
git commit -a -m "chore: update attribution file" -m "" -m "TRIVIAL" | |
git push origin HEAD |