mirror of
https://github.com/Stirling-Tools/Stirling-PDF.git
synced 2025-07-28 08:05:21 +00:00
218 lines
7.9 KiB
YAML
218 lines
7.9 KiB
YAML
name: Frontend License Report Workflow
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- V2
|
|
paths:
|
|
- "frontend/package.json"
|
|
- "frontend/package-lock.json"
|
|
- "frontend/scripts/generate-licenses.js"
|
|
pull_request:
|
|
branches:
|
|
- V2
|
|
paths:
|
|
- "frontend/package.json"
|
|
- "frontend/package-lock.json"
|
|
- "frontend/scripts/generate-licenses.js"
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
generate-frontend-license-report:
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: write
|
|
pull-requests: write
|
|
repository-projects: write # Required for enabling automerge
|
|
steps:
|
|
- name: Harden Runner
|
|
uses: step-security/harden-runner@6c439dc8bdf85cadbbce9ed30d1c7b959517bc49 # v2.12.2
|
|
with:
|
|
egress-policy: audit
|
|
|
|
- name: Check out code
|
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Setup GitHub App Bot
|
|
id: setup-bot
|
|
uses: ./.github/actions/setup-bot
|
|
with:
|
|
app-id: ${{ secrets.GH_APP_ID }}
|
|
private-key: ${{ secrets.GH_APP_PRIVATE_KEY }}
|
|
|
|
- name: Set up Node.js
|
|
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
|
|
with:
|
|
node-version: '18'
|
|
cache: 'npm'
|
|
cache-dependency-path: frontend/package-lock.json
|
|
|
|
- name: Install frontend dependencies
|
|
working-directory: frontend
|
|
run: npm ci
|
|
|
|
- name: Generate frontend license report
|
|
working-directory: frontend
|
|
run: npm run generate-licenses
|
|
|
|
- name: Check for license warnings
|
|
run: |
|
|
if [ -f "frontend/src/assets/license-warnings.json" ]; then
|
|
echo "LICENSE_WARNINGS_EXIST=true" >> $GITHUB_ENV
|
|
else
|
|
echo "LICENSE_WARNINGS_EXIST=false" >> $GITHUB_ENV
|
|
fi
|
|
|
|
# PR Event: Check licenses and comment on PR
|
|
- name: Delete previous license check comments
|
|
if: github.event_name == 'pull_request'
|
|
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
|
|
with:
|
|
github-token: ${{ steps.setup-bot.outputs.token }}
|
|
script: |
|
|
const { owner, repo } = context.repo;
|
|
const prNumber = context.issue.number;
|
|
|
|
// Get all comments on the PR
|
|
const { data: comments } = await github.rest.issues.listComments({
|
|
owner,
|
|
repo,
|
|
issue_number: prNumber,
|
|
per_page: 100
|
|
});
|
|
|
|
// Filter for license check comments
|
|
const licenseComments = comments.filter(comment =>
|
|
comment.body.includes('## ✅ Frontend License Check Passed') ||
|
|
comment.body.includes('## ❌ Frontend License Check Failed')
|
|
);
|
|
|
|
// Delete old license check comments
|
|
for (const comment of licenseComments) {
|
|
console.log(`Deleting old license check comment: ${comment.id}`);
|
|
await github.rest.issues.deleteComment({
|
|
owner,
|
|
repo,
|
|
comment_id: comment.id
|
|
});
|
|
}
|
|
|
|
- name: Comment on PR - License Check Results
|
|
if: github.event_name == 'pull_request'
|
|
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
|
|
with:
|
|
github-token: ${{ steps.setup-bot.outputs.token }}
|
|
script: |
|
|
const { owner, repo } = context.repo;
|
|
const prNumber = context.issue.number;
|
|
const hasWarnings = process.env.LICENSE_WARNINGS_EXIST === 'true';
|
|
|
|
let commentBody;
|
|
|
|
if (hasWarnings) {
|
|
// Read warnings file to get specific issues
|
|
const fs = require('fs');
|
|
let warningDetails = '';
|
|
try {
|
|
const warnings = JSON.parse(fs.readFileSync('frontend/src/assets/license-warnings.json', 'utf8'));
|
|
warningDetails = warnings.warnings.map(w => `- ${w.message}`).join('\n');
|
|
} catch (e) {
|
|
warningDetails = 'Unable to read warning details';
|
|
}
|
|
|
|
commentBody = `## ❌ Frontend License Check Failed
|
|
|
|
The frontend license check has detected compatibility warnings that require review:
|
|
|
|
${warningDetails}
|
|
|
|
**Action Required:** Please review these licenses to ensure they are acceptable for your use case before merging.
|
|
|
|
_This check will fail the PR until license issues are resolved._`;
|
|
} else {
|
|
commentBody = `## ✅ Frontend License Check Passed
|
|
|
|
All frontend licenses have been validated and no compatibility warnings were detected.
|
|
|
|
The frontend license report has been updated successfully.`;
|
|
}
|
|
|
|
await github.rest.issues.createComment({
|
|
owner,
|
|
repo,
|
|
issue_number: prNumber,
|
|
body: commentBody
|
|
});
|
|
|
|
- name: Fail workflow if license warnings exist (PR only)
|
|
if: github.event_name == 'pull_request' && env.LICENSE_WARNINGS_EXIST == 'true'
|
|
run: |
|
|
echo "❌ License warnings detected. Failing the workflow."
|
|
exit 1
|
|
|
|
# Push Event: Commit license files and create PR
|
|
- name: Commit changes (Push only)
|
|
if: github.event_name == 'push'
|
|
run: |
|
|
git add frontend/src/assets/3rdPartyLicenses.json
|
|
# Note: Do NOT commit license-warnings.json - it's only for PR review
|
|
git diff --staged --quiet || echo "CHANGES_DETECTED=true" >> $GITHUB_ENV
|
|
|
|
- name: Prepare PR body (Push only)
|
|
if: github.event_name == 'push'
|
|
run: |
|
|
PR_BODY="Auto-generated by ${{ steps.setup-bot.outputs.app-slug }}[bot]
|
|
|
|
This PR updates the frontend license report based on changes to package.json dependencies."
|
|
|
|
if [ "${{ env.LICENSE_WARNINGS_EXIST }}" = "true" ]; then
|
|
PR_BODY="$PR_BODY
|
|
|
|
## ⚠️ License Compatibility Warnings
|
|
|
|
The following licenses may require review for corporate compatibility:
|
|
|
|
$(cat frontend/src/assets/license-warnings.json | jq -r '.warnings[].message')
|
|
|
|
Please review these licenses to ensure they are acceptable for your use case."
|
|
fi
|
|
|
|
echo "PR_BODY<<EOF" >> $GITHUB_ENV
|
|
echo "$PR_BODY" >> $GITHUB_ENV
|
|
echo "EOF" >> $GITHUB_ENV
|
|
|
|
- name: Create Pull Request (Push only)
|
|
id: cpr
|
|
if: github.event_name == 'push' && env.CHANGES_DETECTED == 'true'
|
|
uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
|
|
with:
|
|
token: ${{ steps.setup-bot.outputs.token }}
|
|
commit-message: "Update Frontend 3rd Party Licenses"
|
|
committer: ${{ steps.setup-bot.outputs.committer }}
|
|
author: ${{ steps.setup-bot.outputs.committer }}
|
|
signoff: true
|
|
branch: update-frontend-3rd-party-licenses
|
|
base: V2
|
|
title: "Update Frontend 3rd Party Licenses"
|
|
body: ${{ env.PR_BODY }}
|
|
labels: Licenses,github-actions,frontend
|
|
draft: false
|
|
delete-branch: true
|
|
sign-commits: true
|
|
|
|
- name: Enable Pull Request Automerge (Push only)
|
|
if: github.event_name == 'push' && steps.cpr.outputs.pull-request-operation == 'created' && env.LICENSE_WARNINGS_EXIST == 'false'
|
|
run: gh pr merge --squash --auto "${{ steps.cpr.outputs.pull-request-number }}"
|
|
env:
|
|
GH_TOKEN: ${{ steps.setup-bot.outputs.token }}
|
|
|
|
- name: Add review required label (Push only)
|
|
if: github.event_name == 'push' && steps.cpr.outputs.pull-request-operation == 'created' && env.LICENSE_WARNINGS_EXIST == 'true'
|
|
run: gh pr edit "${{ steps.cpr.outputs.pull-request-number }}" --add-label "license-review-required"
|
|
env:
|
|
GH_TOKEN: ${{ steps.setup-bot.outputs.token }}
|