-
Notifications
You must be signed in to change notification settings - Fork 54
77 lines (66 loc) · 2.43 KB
/
pull_request.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
name: SPDX validation
on:
- pull_request
- push
jobs:
SPDX_Validation:
runs-on: ubuntu-latest
steps:
- name: Checkout spdx-examples
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
- name: Look for files with the wrong location
run: |
find . \( -name '*.spdx' -o -name '*.json' \) \
-not -path './presentations/*' \
-not -path './tools-java/*' \
-not -path '*/spdx2.2/*' \
-not -path '*/spdx2.3/*' \
-not -path '*/spdx3.0/*' > flist.txt
if [ "$(cat flist.txt | wc -l)" != "0" ]; then
echo "SPDX JSON files are only expected in these locations:"
echo "./presentations/"
echo "./tools-java/"
echo "*/spdx2.2/"
echo "*/spdx2.3/"
echo "*/spdx3.0/"
echo ""
echo "The following files are in the wrong location and will not be checked:"
cat flist.txt
exit 1
fi
- name: Look for files with the wrong extension
run: |
find . -name '*.jsonld' > flist.txt
if [ "$(cat flist.txt | wc -l)" != "0" ]; then
echo "SPDX JSON can only has these extensions:"
echo "*.spdx"
echo "*.json"
echo ""
echo "The following files have the wrong extension and will not be checked:"
cat flist.txt
exit 1
fi
- name: Update apt
run: |
sudo apt update -y
- name: Setup Java tools
run: |
sudo apt install -y default-jdk maven
git clone https://github.com/spdx/tools-java.git && cd tools-java
export JAVA_HOME=$(readlink -f /usr/bin/javac | sed "s:/bin/javac::")
mvn clean install && cd ..
- name: Setup Python tools
run: |
python3 -m pip install -U pip
python3 -m pip install spdx3-validate
- name: Validate SPDX 2.2 & SPDX 2.3 Documents
run: |
find . \( -path '*/spdx2.2/*' -o -path '*/spdx2.3/*' \) \( -name *.spdx -o -name *.json \) \
-exec echo {} \; \
-exec java -jar tools-java/target/tools-java-*-jar-with-dependencies.jar Verify {} \;
- name: Validate SPDX 3.0 Documents
run: |
for f in $(find . -type f -path '*/spdx3.0/*.json'); do
echo "Checking $f..."
spdx3-validate -j $f
done