-
Notifications
You must be signed in to change notification settings - Fork 42
37 lines (30 loc) · 1.29 KB
/
license-audit.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
name: Audit bugsnag-python dependency licenses
on: [push, pull_request]
jobs:
license-audit:
# TODO: a GH action update broke the 'ubuntu-latest' image
# when it's fixed, we should switch back
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
- name: Set up Python
uses: actions/setup-python@v2
with:
# License Finder's Docker image uses Python 3.5
python-version: 3.5
- name: Fetch decisions.yml
run: curl https://raw.githubusercontent.com/bugsnag/license-audit/master/config/decision_files/global.yml -o decisions.yml
# License Finder doesn't use "install_requires" from setup.py, so won't check
# our dependencies if we don't put them in a requirements.txt file
- name: Set up requirements.txt for License Finder
run: |
pip3 install '.[flask]'
pip3 freeze --local --exclude bugsnag | tee requirements.txt
- name: Run License Finder
# for some reason license finder doesn't run without a login shell (-l)
run: >
docker run -v $PWD:/scan licensefinder/license_finder /bin/bash -lc "
cd /scan &&
pip3 install -r requirements.txt --quiet &&
license_finder --decisions-file decisions.yml --python-version 3 --enabled-package-managers=pip
"