Compliance Checks #925
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Compliance Checks | |
on: | |
push: | |
paths: | |
- 'pyproject.toml' | |
schedule: | |
- cron: '0 0 * * *' # every day at midnight | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
SLACK_ALERT_CHANNEL: "#dc-alerts" | |
jobs: | |
check-license-compliance: | |
name: Check license compliance | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c | |
with: | |
python-version: "3.10" | |
- name: Install prod dependencies | |
run: | | |
pip install hatch==v1.7.0 | |
hatch run tools:requirements | |
pip install -r requirements.txt | |
- name: Create file with full dependency list | |
run: | | |
pip freeze > requirements-full.txt | |
- name: Send license report to Fossa | |
# This will collect all necessary information (mostly used dependencies) and send it to the Fossa API | |
uses: fossas/fossa-action@09bcf127dc0ccb4b5a023f6f906728878e8610ba # Use a specific version if locking is preferred | |
with: | |
api-key: ${{ secrets.FOSSA_LICENSE_SCAN_TOKEN }} | |
- name: Check license compliance | |
# This will poll the Fossa API until they have processed the information which we've sent in the previous step | |
# and fail if Fossa found an issue with the licences of our dependencies. | |
uses: fossas/fossa-action@09bcf127dc0ccb4b5a023f6f906728878e8610ba # Use a specific version if locking is preferred | |
with: | |
api-key: ${{ secrets.FOSSA_LICENSE_SCAN_TOKEN }} | |
run-tests: true | |
- name: Send Slack notification if license check failed | |
uses: act10ns/slack@44541246747a30eb3102d87f7a4cc5471b0ffb7d | |
if: failure() && github.ref == 'refs/heads/main' | |
with: | |
status: ${{ job.status }} | |
channel: ${{ env.SLACK_ALERT_CHANNEL }} |