Doc ~ Examples deploy #93
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# (C) 2024 GoodData Corporation | |
# Deploy of ui sdk examples | |
name: FOSSA ~ Update attribtion file | |
on: | |
workflow_dispatch: | |
jobs: | |
fossa-scan: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
ref: "IMJ-FOSSA-TEST" | |
token: ${{ secrets.TOKEN_GITHUB_YENKINS_ADMIN }} | |
- name: Add repository to git safe directories to avoid dubious ownership issue | |
run: git config --global --add safe.directory $GITHUB_WORKSPACE | |
- name: Config user | |
run: | | |
git config --global user.email "[email protected]" | |
git config --global user.name "git-action" | |
- name: Install fossa | |
run: | | |
curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | sudo bash | |
- name: dummy package.json | |
run: | | |
echo '{}' > common/config/rush/package.json | |
- name: Fossa scan | |
run: fossa analyze --project "gooddata-ui-sdk" --branch "IMJ-FOSSA-TEST" | |
env: | |
FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} | |
- name: list of target | |
run: fossa list-targets | |
env: | |
FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} | |
- name: Generate FOSSA Attribution Report | |
uses: nick-fields/retry@v3 | |
env: | |
FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} | |
MINIMUM_LINES: 20000 | |
with: | |
timeout_minutes: 5 | |
max_attempts: 3 | |
retry_on: error | |
retry_wait_seconds: 30 | |
command: | | |
# wait for the scan to finish in fossa app and then download the attribution file | |
sleep 30 | |
REVISION=$(git rev-parse HEAD) | |
LINK="https://app.fossa.com/api/revisions/custom%2B13637%2Fgooddata-ui-sdk%24$REVISION/attribution/download?includeProjectLicense=&includeLicenseScan=&includeDependencySummary=true&includeDirectDependencies=true&includeDeepDependencies=true&includeLicenseList=true&includeVulnerabilities=&format=TXT&includeLicenseHeaders=&download=true" | |
echo $LINK | |
curl -o NOTICE --header "Authorization: Bearer $FOSSA_API_KEY" $LINK | |
# check if the NOTICE file has at least 20000 lines | |
# empty notice has cca 50 lines so 20000 is a good threshold | |
# current notice has cca 100000 lines so NOTICE has less than 20000 lines its suspicious | |
lines=$(wc -l < NOTICE) | |
if (( lines < $MINIMUM_LINES )); then | |
echo "The NOTICE file has less than 20000 lines." | |
exit 1 | |
fi | |
- name: fix NOTICE file declared license | |
run: | | |
# fix NOTICE file declared license | |
cp NOTICE NOTICE_backup | |
# we need delete license definition of declared licenses are empty it looks like: | |
# | |
# * Declared Licenses * | |
# No licenses found | |
#awk '/\* Declared Licenses \*/{getline nextLine;if(nextLine=="No licenses found")next}1' NOTICE > NOTICE.tmp && mv NOTICE.tmp NOTICE | |
- name: Git commit and push | |
run: | | |
# add changelogs | |
git add NOTICE | |
git add NOTICE_backup | |
git commit -a -m "chore: update attribution file" -m "" -m "TRIVIAL" | |
git push origin HEAD |