Add github->action: Checking licenses using the Fossology tool (#712)

Signed-off-by: Taras Drozdovskyi <[email protected]>
lf-edge · Aug 16, 2023 · c73b559 · c73b559
1 parent e7fbd7c
commit c73b559
Show file tree

Hide file tree

Showing 2 changed files with 45 additions and 0 deletions.
diff --git a/.github/workflows/fossology-check.yml b/.github/workflows/fossology-check.yml
@@ -0,0 +1,33 @@
+name: Fossology check
+on: [push, pull_request]
+
+permissions:
+  contents: read
+
+jobs:
+  fossology:
+    runs-on: ubuntu-latest
+
+    container:
+      image: fossology/fossology:scanner
+
+    steps:
+      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9
+
+      - name: Fossology run
+        run: |
+          export GITHUB_TOKEN=${{secrets.GITHUB_TOKEN}}
+          export GITHUB_PULL_REQUEST="None"
+          /bin/fossologyscanner repo nomos ojo copyright keyword
+        continue-on-error: true
+
+      - name: Upload artifact
+        uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce
+        with:
+          name: scan-fossology-report
+          path: ./results
+
+      - name: Artifact download
+        uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a
+        with:
+          name: scan-fossology-report
diff --git a/whitelist.json b/whitelist.json
@@ -0,0 +1,12 @@
+{
+    "licenses": [
+    "BSD-2-Clause",
+    "BSD-3-Clause",
+    "Public-domain",
+    "MIT",
+    "Apache-2.0"
+    ],
+    "exclude": [
+    "tools/*"
+    ]
+}