MTM-60554 change to clompliancev3 (#87)

.github/workflows/compliance.yaml

@@ -47,18 +47,27 @@ jobs:
  HASH=$(git rev-parse --short "$GITHUB_SHA")
  echo "Setting VERSION to '$VERSION-build$(date +'%Y%m%d')-$HASH' (github.ref=${{ github.ref }})"
  echo "BUILD_ID=$VERSION-build$(date +'%Y%m%d')-$HASH" >> $GITHUB_ENV
+ 
+ - uses: IOTA/c8y-component-base/.github/actions/compliance/third-party-compliance-setup@compliance-v3
+ with:
+ component-name: ${{ env.COMPONENT_NAME }}
+ build-id: ${{ env.BUILD_ID }} # Use the build id generated during the build process (with a unique suffix for PRs)
+ # Pass organization-level vars/secrets throught to the action; don't touch these
+ tpsafe-config: ${{ vars.C8Y_TPSAFE_CONFIG }}
+ tpsafe-api-key: ${{ secrets.C8Y_TPSAFE_API_KEY }}
+ tpsafe-rules-app-private-key: ${{ secrets.C8Y_TPSAFE_RULES_APP_PRIVATE_KEY }}
 
  - name: Uploading Gateway BOM file
- uses: IOTA/c8y-component-base/.github/actions/compliance/third-party-upload@v2.0
+ uses: IOTA/c8y-component-base/.github/actions/compliance/third-party-upload@compliance-v3
  with:
  cyclonedx-bom-files: ./target/java-sdk-bom.json # space-separated list of BOM files in CycloneDX format
 
  - name: Check approval
- uses: IOTA/c8y-component-base/.github/actions/compliance/third-party-licensing-check@v2.0
+ uses: IOTA/c8y-component-base/.github/actions/compliance/third-party-licensing-check@compliance-v3
  with:
  dry-run: ${{ contains(github.event.pull_request.labels.*.name, 'tp-request-skip') }} # during workflow dev/testing set this label on the PR; prevents submitting third party approval requests to TCA
 
- - uses: IOTA/c8y-component-base/.github/actions/compliance/export@v2.0
+ - uses: IOTA/c8y-component-base/.github/actions/compliance/export@compliance-v3
  name: Review Compliance Export 
  id: compliance-export
  if: always()