From f1177ab8aa553a4cc051696c27942d2c9652d073 Mon Sep 17 00:00:00 2001 From: Binbin Li Date: Thu, 16 Nov 2023 06:57:56 +0000 Subject: [PATCH] build: add license-checker --- .github/licenserc.yml | 49 ++++++++++++++++++++++++++++++++++ .github/workflows/build-pr.yml | 24 +++++++++++++++++ Makefile | 13 +++++++++ 3 files changed, 86 insertions(+) create mode 100644 .github/licenserc.yml diff --git a/.github/licenserc.yml b/.github/licenserc.yml new file mode 100644 index 0000000000..932ae3b65b --- /dev/null +++ b/.github/licenserc.yml @@ -0,0 +1,49 @@ +# Copyright The Ratify Authors. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +header: + license: + spdx-id: Apache-2.0 + content: | + Copyright The Ratify Authors. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + + paths-ignore: + - "**/*.{md,svg,yaml,crt,json,pub,yml,pb.go,proto}" + - "CODEOWNERS" + - "PROJECT" + - "NOTICE" + - "LICENSE" + - "MAINTAINERS" + - "go.mod" + - "go.sum" + - "**/testdata/**" + - "charts/**/*" + - ".gitignore" + - ".devcontainer/gatekeeper.http" + + comment: on-failure + +dependency: + files: + - go.mod diff --git a/.github/workflows/build-pr.yml b/.github/workflows/build-pr.yml index 0d33054fec..76ec33dbe4 100644 --- a/.github/workflows/build-pr.yml +++ b/.github/workflows/build-pr.yml @@ -16,6 +16,30 @@ on: permissions: read-all jobs: + check-license: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 + - name: Check license header + uses: apache/skywalking-eyes/header@a790ab8dd23a7f861c18bd6aaa9b012e3a234bce + with: + mode: fix + config: .github/licenserc.yml + - name: Apply Changes + uses: EndBug/add-and-commit@1b561d405c831fe92ec472a6e81647f958824c88 + env: + GITHUB_TOKEN: $${{ secrets.GITHUB_TOKEN }} + with: + author_name: License Bot + author_email: licese_bot@github.com + message: 'Automatic application of license header' + - name: Check dependencies license + uses: apache/skywalking-eyes/dependency@a790ab8dd23a7f861c18bd6aaa9b012e3a234bce + with: + config: .github/licenserc.yml + flags: + --weak-compatible=true build: runs-on: ubuntu-latest steps: diff --git a/Makefile b/Makefile index 95f61c6d6a..53cbf89e60 100644 --- a/Makefile +++ b/Makefile @@ -1,3 +1,16 @@ +# Copyright The Ratify Authors. +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at + +# http://www.apache.org/licenses/LICENSE-2.0 + +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + BINARY_NAME = ratify INSTALL_DIR = ~/.ratify CERT_DIR = ${GITHUB_WORKSPACE}/tls/certs