Skip to content
Compliance Checks

Merge branch 'main' into dependabot/github_actions/ci-updates-51f4226e04 #1338

Sign in to view logs

Merge branch 'main' into dependabot/github_actions/ci-updates-51f4226e04

Merge branch 'main' into dependabot/github_actions/ci-updates-51f4226e04 #1338

Workflow file for this run

.github/workflows/compliance.yml at 0f5467b
name: Compliance Checks
on:
push:
paths:
- 'pyproject.toml'
schedule:
- cron: '0 0 * * *' # every day at midnight
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
SLACK_ALERT_CHANNEL: "#dc-alerts"
jobs:
check-license-compliance:
name: Check license compliance
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- name: Install uv
uses: astral-sh/setup-uv@v7
with:
enable-cache: true
python-version: "3.10"
- name: Install prod dependencies
run: |
uv sync
uv export --no-dev --no-hashes > requirements.txt
- name: Create file with full dependency list
run: |
uv pip freeze > requirements-full.txt
- name: Send license report to Fossa
# This will collect all necessary information (mostly used dependencies) and send it to the Fossa API
uses: fossas/fossa-action@3ebcea1862c6ffbd5cf1b4d0bd6b3fe7bd6f2cac # Use a specific version if locking is preferred
with:
api-key: ${{ secrets.FOSSA_LICENSE_SCAN_TOKEN }}
- name: Check license compliance
# This will poll the Fossa API until they have processed the information which we've sent in the previous step
# and fail if Fossa found an issue with the licences of our dependencies.
uses: fossas/fossa-action@3ebcea1862c6ffbd5cf1b4d0bd6b3fe7bd6f2cac # Use a specific version if locking is preferred
with:
api-key: ${{ secrets.FOSSA_LICENSE_SCAN_TOKEN }}
run-tests: true
- name: Send Slack notification if license check failed
uses: act10ns/slack@44541246747a30eb3102d87f7a4cc5471b0ffb7d
if: failure() && github.ref == 'refs/heads/main'
with:
status: ${{ job.status }}
channel: ${{ env.SLACK_ALERT_CHANNEL }}