-
Notifications
You must be signed in to change notification settings - Fork 42
39 lines (32 loc) · 1.32 KB
/
license-audit.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
name: Audit bugsnag-python dependency licenses
on: [push, pull_request]
jobs:
license-audit:
runs-on: 'ubuntu-latest'
steps:
- uses: actions/checkout@v2
- name: Set up Python
uses: actions/setup-python@v2
with:
# License Finder's Docker image uses Python 3.10
python-version: '3.10'
- name: Fetch decisions.yml
run: curl https://raw.githubusercontent.com/bugsnag/license-audit/master/config/decision_files/global.yml -o decisions.yml
# License Finder doesn't use "install_requires" from setup.py, so won't check
# our dependencies if we don't put them in a requirements.txt file
- name: Set up requirements.txt for License Finder
run: |
pip3 install '.[flask]'
pip3 freeze --local --exclude bugsnag | tee requirements.txt
- name: Run License Finder
# for some reason license finder doesn't run without a login shell (-l)
run: >
docker run -v $PWD:/scan licensefinder/license_finder /bin/bash -lc "
cd /scan &&
apt-get update &&
apt-get install -y python3-venv &&
python3 -m venv .venv &&
source .venv/bin/activate &&
pip3 install -r requirements.txt &&
license_finder --decisions-file decisions.yml --python-version 3 --enabled-package-managers=pip
"