Skip to content

Compliance Checks

Compliance Checks #921

Workflow file for this run

name: Compliance Checks
on:
push:
paths:
- 'pyproject.toml'
schedule:
- cron: '0 0 * * *' # every day at midnight
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
SLACK_ALERT_CHANNEL: "#dc-alerts"
jobs:
check-license-compliance:
name: Check license compliance
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c
with:
python-version: "3.10"
- name: Install prod dependencies
run: |
pip install hatch==v1.7.0
hatch run tools:requirements
pip install -r requirements.txt
- name: Create file with full dependency list
run: |
pip freeze > requirements-full.txt
- name: Send license report to Fossa
# This will collect all necessary information (mostly used dependencies) and send it to the Fossa API
uses: fossas/fossa-action@09bcf127dc0ccb4b5a023f6f906728878e8610ba # Use a specific version if locking is preferred
with:
api-key: ${{ secrets.FOSSA_LICENSE_SCAN_TOKEN }}
- name: Check license compliance
# This will poll the Fossa API until they have processed the information which we've sent in the previous step
# and fail if Fossa found an issue with the licences of our dependencies.
uses: fossas/fossa-action@09bcf127dc0ccb4b5a023f6f906728878e8610ba # Use a specific version if locking is preferred
with:
api-key: ${{ secrets.FOSSA_LICENSE_SCAN_TOKEN }}
run-tests: true
- name: Send Slack notification if license check failed
uses: act10ns/slack@44541246747a30eb3102d87f7a4cc5471b0ffb7d
if: failure() && github.ref == 'refs/heads/main'
with:
status: ${{ job.status }}
channel: ${{ env.SLACK_ALERT_CHANNEL }}