Commit02b4394

committed

feat: auto-fix license files on PRs and improve CI reliability

- license-check.yml: Auto-regenerate licenses, push fix to PR, and comment- script/licenses: Pin go-licenses version in CI for reproducibility- script/licenses-check: Pin go-licenses version in CI- code-scanning.yml: Exclude third-party folder from CodeQLInspired by cli/cli improvements:-cli/cli#11161 (pinned version)-cli/cli#11127 (GHAS exclusion)-cli/cli#11370 (auto-regenerate)

1 parentbdc44fa commit02b4394Copy full SHA for 02b4394

File tree

3 files changed

+81

-6

lines changed

.github/workflows
- code-scanning.yml
- license-check.yml
script
- licenses

3 files changed

+81

-6

lines changed

`‎.github/workflows/code-scanning.yml‎`

Lines changed: 3 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -46,6 +46,9 @@ jobs:`
`46`	`46`	`queries:""# Default query suite`
`47`	`47`	`packs:github/ccr-${{ matrix.language }}-queries`
`48`	`48`	`config:\|`
	`49`	`+ paths-ignore:`
	`50`	`+ - third-party`
	`51`	`+ - third-party-licenses.*.md`
`49`	`52`	`default-setup:`
`50`	`53`	`org:`
`51`	`54`	`model-packs: [ ${{ github.event.inputs.code_scanning_codeql_packs }} ]`

`‎.github/workflows/license-check.yml‎`

Lines changed: 71 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,21 +1,87 @@`
`1`		`-# Create a github action that runs the license check script and fails if it exits with a non-zero status`
	`1`	`+# Automatically fix license files on PRs that need updates`
	`2`	`+# Instead of just failing, this workflow pushes the fix and comments on the PR`
`2`	`3`
`3`	`4`	`name:License Check`
`4`		`-on:[push, pull_request]`
	`5`	`+on:`
	`6`	`+pull_request:`
	`7`	`+paths:`
	`8`	`+ -"**.go"`
	`9`	`+ -go.mod`
	`10`	`+ -go.sum`
	`11`	`+ -".github/licenses.tmpl"`
	`12`	`+ -"script/licenses*"`
	`13`	`+ -"third-party-licenses.*.md"`
	`14`	`+ -"third-party/**"`
`5`	`15`	`permissions:`
`6`		`-contents:read`
	`16`	`+contents:write`
	`17`	`+pull-requests:write`
`7`	`18`
`8`	`19`	`jobs:`
`9`	`20`	`license-check:`
`10`	`21`	`runs-on:ubuntu-latest`
	`22`	`+# Don't run on forks (they can't push back) or dependabot (has its own token)`
	`23`	`+if:github.event.pull_request.head.repo.full_name == github.repository`
`11`	`24`
`12`	`25`	`steps:`
`13`	`26`	`-name:Check out code`
`14`	`27`	`uses:actions/checkout@v6`
	`28`	`+with:`
	`29`	`+ref:${{ github.head_ref }}`
	`30`	`+# Need full history for push`
	`31`	`+fetch-depth:0`
`15`	`32`
`16`	`33`	`-name:Set up Go`
`17`	`34`	`uses:actions/setup-go@v6`
`18`	`35`	`with:`
`19`	`36`	`go-version-file:"go.mod"`
`20`		`- -name:check licenses`
`21`		`-run:./script/licenses-check`
	`37`	`+`
	`38`	`+# actions/setup-go does not setup the installed toolchain to be preferred over the system install,`
	`39`	`+# which causes go-licenses to raise "Package ... does not have module info" errors.`
	`40`	`+# For more information, https://github.com/google/go-licenses/issues/244#issuecomment-1885098633`
	`41`	`+ -name:Regenerate licenses`
	`42`	`+run:\|`
	`43`	`+ export GOROOT=$(go env GOROOT)`
	`44`	`+ export PATH=${GOROOT}/bin:$PATH`
	`45`	`+ ./script/licenses`
	`46`	`+`
	`47`	`+ -name:Check for changes`
	`48`	`+id:changes`
	`49`	`+run:\|`
	`50`	`+ if git diff --exit-code; then`
	`51`	`+ echo "changed=false" >> $GITHUB_OUTPUT`
	`52`	`+ echo "✅ License files are up to date"`
	`53`	`+ else`
	`54`	`+ echo "changed=true" >> $GITHUB_OUTPUT`
	`55`	`+ echo "📝 License files need updating"`
	`56`	`+ git diff --stat`
	`57`	`+ fi`
	`58`	`+`
	`59`	`+ -name:Commit and push fixes`
	`60`	`+if:steps.changes.outputs.changed == 'true'`
	`61`	`+run:\|`
	`62`	`+ git config --local user.name "github-actions[bot]"`
	`63`	`+ git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"`
	`64`	`+ git add third-party third-party-licenses.*.md`
	`65`	`+ git commit -m "chore: regenerate third-party licenses"`
	`66`	`+ git push`
	`67`	`+`
	`68`	`+ -name:Comment on PR`
	`69`	`+if:steps.changes.outputs.changed == 'true'`
	`70`	`+uses:actions/github-script@v7`
	`71`	`+with:`
	`72`	`+script:\|`
	`73`	`+ github.rest.issues.createComment({`
	`74`	`+ owner: context.repo.owner,`
	`75`	`+ repo: context.repo.repo,`
	`76`	`+ issue_number: context.issue.number,`
	`77`	+ body: `## 📜 License files updated
	`78`	`+`
	`79`	`+ I noticed the third-party license files were out of date and pushed a fix to this PR.`
	`80`	`+`
	`81`	`+ What changed: Dependencies were added, removed, or updated, which requires regenerating the license documentation.`
	`82`	`+`
	`83`	+ What I did: Ran \`./script/licenses\` and committed the result.
	`84`	`+`
	`85`	+ Please pull the latest changes before pushing again.`
	`86`	`+ })`
	`87`	`+`

`‎script/licenses‎`

Lines changed: 7 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -19,7 +19,13 @@`
`19`	`19`
`20`	`20`	`set -e`
`21`	`21`
`22`		`-go install github.com/google/go-licenses@latest`
	`22`	`+# Pinned version for CI reproducibility, latest for local development`
	`23`	`+# See: https://github.com/cli/cli/pull/11161`
	`24`	`+if ["$CI"="true" ];then`
	`25`	`+ go install github.com/google/go-licenses@5348b744d0983d85713295ea08a20cca1654a45e# v2.0.1`
	`26`	`+else`
	`27`	`+ go install github.com/google/go-licenses@latest`
	`28`	`+fi`
`23`	`29`
`24`	`30`	`rm -rf third-party`
`25`	`31`	`mkdir -p third-party`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit02b4394

File tree

3 files changed

3 files changed

`‎.github/workflows/code-scanning.yml‎`

`‎.github/workflows/license-check.yml‎`

`‎script/licenses‎`

0 commit comments