Organization License Check #21
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Organization License Check | |
| on: | |
| schedule: | |
| - cron: '0 */24 * * *' # Runs every 12 hours | |
| workflow_dispatch: | |
| permissions: | |
| contents: write | |
| issues: write | |
| actions: read | |
| jobs: | |
| check-licenses: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Org .github Repo | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: ${{ github.repository_owner }}/.github | |
| token: ${{ secrets.GITHUB_TOKEN }} # Use token to access private repo | |
| path: .github # Check out the repository into the .github directory | |
| - name: Setup Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: '3.x' | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install PyGithub | |
| - name: Run License Check Script | |
| env: | |
| ORG_TOKEN: ${{ secrets.CLA_BOT_TOKEN }} | |
| EXCLUDED_REPOS: ${{ vars.EXCLUDED_REPOS }} | |
| INCLUDED_REPOS: ${{ vars.INCLUDED_REPOS }} # From variables | |
| run: | | |
| python .github/scripts/check_licenses.py | |
| - name: Create Summary Issue | |
| if: failure() | |
| uses: actions/github-script@v6 | |
| with: | |
| script: | | |
| const fs = require('fs'); | |
| const results = JSON.parse(fs.readFileSync('scan_results.json', 'utf8')); | |
| const body = ` | |
| # License Compliance Scan Results | |
| ## Non-Permissive License Repositories: | |
| ${results.non_permissive.map(item => `- ${item.repo}: ${item.reason}`).join('\n')} | |
| ## CLA Trigger Installation Status: | |
| CLA trigger installed in: | |
| ${results.trigger_installed.map(repo => `- ${repo}`).join('\n')} | |
| ## Excluded Repositories: | |
| ${results.excluded.map(repo => `- ${repo}`).join('\n')} | |
| ${results.errors.length ? `## Errors: | |
| ${results.errors.map(error => `- ${error}`).join('\n')}` : ''} | |
| `; | |
| await github.rest.issues.create({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| title: 'License Compliance Scan Results', | |
| body: body, | |
| labels: ['license-compliance'] | |
| }); | |