Skip to content

DSL Update

DSL Update #20

name: License Scanning for Maven
on:
workflow_dispatch:
push:
branches:
- main
paths:
- 'pom.xml'
- '.github/workflows/license-scanning.yml'
pull_request:
paths:
- 'pom.xml'
- '.github/workflows/license-scanning.yml'
# Cancel previous jobs
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
env:
ALLOW_LICENSES: "
licenses/license/name!='Apache License, Version 2.0' and
not(contains(licenses/license/url, '://www.apache.org/licenses/LICENSE-2.0.txt')) and
licenses/license/name!='BSD License' and
not(contains(licenses/license/url, 'antlr.org/license.html')) and
licenses/license/name!='New BSD License' and
not(contains(licenses/license/url, '://www.opensource.org/licenses/bsd-license.php')) and
licenses/license/name!='BSD-3-Clause' and
not(contains(licenses/license/url, '://asm.ow2.io/license.html')) and
licenses/license/name!='BSD License 3' and
not(contains(licenses/license/url, '://opensource.org/license/BSD-3-Clause')) and
licenses/license/name!='Eclipse Public License - v 1.0' and
not(contains(licenses/license/url, '://www.eclipse.org/legal/epl-v10.html')) and
licenses/license/name!='Eclipse Public License - v 2.0' and
not(contains(licenses/license/url, '://www.eclipse.org/legal/epl-v20.html')) and
not(contains(licenses/license/url, '://www.eclipse.org/legal/epl-2.0')) and
licenses/license/name!='GNU Lesser General Public License' and
not(contains(licenses/license/url, '://www.gnu.org/licenses/old-licenses/lgpl-2.1.html')) and
licenses/license/name!='GNU General Public License (GPL), version 2, with the Classpath exception' and
not(contains(licenses/license/url, '://openjdk.java.net/legal/gplv2+ce.html')) and
licenses/license/name!='The MIT License' and
not(contains(licenses/license/url, '://opensource.org/licenses/MIT')) and
not(contains(licenses/license/url, '://www.opensource.org/licenses/mit-license.php')) and
licenses/license/name!='CDDL + GPLv2 with classpath exception' and
not(contains(licenses/license/url, '://github.com/javaee/javax.annotation/blob/master/LICENSE')) and
licenses/license/name!='CDDL/GPLv2+CE' and
not(contains(licenses/license/url, '://github.com/javaee/activation/blob/master/LICENSE')) and
licenses/license/name!='CDDL 1.1' and
not(contains(licenses/license/url, '://oss.oracle.com/licenses/CDDL+GPL-1.1')) and
licenses/license/name!='Public Domain'
"
REPORT_PATH: "target/generated-resources"
jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install XQ
run: pip install xq
- uses: ./.github/actions/maven-build
with:
build-command: install
run-tests: false
- name: License XML report
run: mvn org.codehaus.mojo:license-maven-plugin:2.4.0:aggregate-download-licenses
- name: Validate XML report
run: |
LICENSE_REPORT=`xq "//dependency[${{ env.ALLOW_LICENSES }}]" ./${{ env.REPORT_PATH }}/licenses.xml`
LINES_FOUND=`echo "$LICENSE_REPORT" | wc -l`
if [ $LINES_FOUND -gt 1 ]; then echo "License issues found ..." ; echo "$LICENSE_REPORT" ; exit -1; fi
- name: Upload license reports
uses: actions/upload-artifact@v4
with:
name: license-reports
path: '**/${{ env.REPORT_PATH }}/'
- name: Upload license XML reports
uses: actions/upload-artifact@v4
with:
name: license-xml-reports
path: '**/${{ env.REPORT_PATH }}/licenses.xml'