Skip to content

License Scanning for Maven #468

License Scanning for Maven

License Scanning for Maven #468

name: License Scanning for Maven
on:
schedule:
- cron: '0 8,18 * * 1-5'
push:
paths:
- '**/pom.xml'
- '.github/workflows/license-scanning-maven.yml'
env:
ALLOW_LICENSES: "'The Apache Software License, Version 2.0' and licenses/license/name!='BSD' and licenses/license/name!='BSD-style license' and licenses/license/name!='Apache License, Version 2.0'"
REPORT_PATH: "target/generated-resources/licenses.xml"
jobs:
scan:
runs-on: ubuntu-latest
strategy:
matrix:
java-version: ['21']
module-folder: [
'translator'
]
steps:
- uses: actions/checkout@v4
- name: Set up JDK
uses: actions/setup-java@v4
with:
java-version: ${{ matrix.java-version }}
cache: maven
distribution: 'adopt'
- name: Install XQ
run: pip install xq
- name: Build with Maven
run: mvn clean install -Dmaven.test.skip=true
working-directory: ${{ matrix.module-folder }}
- name: License XML report
run: mvn org.codehaus.mojo:license-maven-plugin:2.0.0:download-licenses
working-directory: ${{ matrix.module-folder }}
- name: Validate XML report
run: |
LICENSE_REPORT=`xq "//dependency[licenses/license/name!=${{ env.ALLOW_LICENSES }}]" ./${{ env.REPORT_PATH }}`
LINES_FOUND=`echo $LICENSE_REPORT | wc -l`
echo "License issues found ..."
if [ $LINES_FOUND -gt 1 ]; then echo $LICENSE_REPORT ; exit -1; fi
working-directory: ${{ matrix.module-folder }}
- name: Upload license XML reports
uses: actions/upload-artifact@v4
with:
name: license-xml-report
path: '${{ matrix.module-folder }}/**/${{ env.REPORT_PATH }}'