Skip to content
Downstream Unmanaged Dependency Check

ci: validate unmanaged dependency check in a few downstream repositories #1

Sign in to view logs

ci: validate unmanaged dependency check in a few downstream repositories

ci: validate unmanaged dependency check in a few downstream repositories #1

Workflow file for this run

.github/workflows/downstream_unmanaged_dependency_check.yaml at e56f705
on:
push:
branches:
- main
pull_request:
paths:
- .github/workflows/downstream_unmanaged_dependency_check.yaml
- java-shared-dependencies/**
name: Downstream Unmanaged Dependency Check
jobs:
validate-unmanaged-dependency-check:
runs-on: ubuntu-22.04
strategy:
fail-fast: false
matrix:
repo:
- java-bigtable
- java-logging
steps:
- name: Checkout sdk-platform-java
uses: actions/checkout@v3
with:
path: sdk-platform-java
- name: Checkout the downstream repo
uses: actions/checkout@v4
with:
repository: googleapis/${{ matrix.repo }}
path: ${{ matrix.repo }}
- name: Check the environment
shell: bash
run: |
set -euxo pipefail
pwd
ls -alt
- uses: actions/setup-java@v3
with:
java-version: 11
distribution: temurin
cache: maven
- name: Install unmanaged dependency check
shell: bash
working-directory: sdk-platform-java/java-shared-dependencies/unmanaged-dependency-check
run: |
set -euo pipefail
echo "Install Unmanaged Dependency Check in $(pwd)"
mvn clean install -V --batch-mode --no-transfer-progress -DskipTests
- name: Install the modules of downstream repository
shell: bash
working-directory: ${{ matrix.repo }}
run: |
# No argument to build.sh installs the modules in local Maven repository
.kokoro/build.sh
- name: Run unmanaged dependency check
shell: bash
run: |
set -euo pipefail
set -x
bom_dir=$(find ${{ matrix.repo }} -type d -name 'google-*-bom')
bom_absolute_path=$(realpath "${bom_dir}/pom.xml")
cd sdk-platform-java/java-shared-dependencies/unmanaged-dependency-check
echo "Running Unmanaged Dependency Check against ${bom_absolute_path}"
unmanaged_dependencies=$(mvn exec:java -Dexec.args="../pom.xml ${bom_absolute_path}" -q)
if [[ "${unmanaged_dependencies}" != "[]" ]]; then
echo "This pull request seems to add new third-party dependency, ${unmanaged_dependencies}, among the artifacts listed in ${{ inputs.bom-path }}."
echo "Please see go/cloud-sdk-java-dependencies."
exit 1
fi
echo "Unmanaged dependency check passed"