Skip to content

Bump github/codeql-action from 2.22.5 to 3.23.2 #63

Bump github/codeql-action from 2.22.5 to 3.23.2

Bump github/codeql-action from 2.22.5 to 3.23.2 #63

Workflow file for this run

name: Fossology check
on: [pull_request]
# permissions:
# contents: read
jobs:
check-license:
name: Check license
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- run: |
docker run --rm --name "fossologyscanner" -w "/opt/repo" -v ${PWD}:/opt/repo \
-e GITHUB_TOKEN=${{ github.token }} \
-e GITHUB_PULL_REQUEST=${{ github.event.number }} \
-e GITHUB_REPOSITORY=${{ github.repository }} \
-e GITHUB_REPO_URL=${{ github.repositoryUrl }} \
-e GITHUB_REPO_OWNER=${{ github.repository_owner }} \
-e GITHUB_API=${{ github.api_url }} \
-e GITHUB_ACTIONS=true \
fossology/fossology:scanner "/bin/fossologyscanner" --report TEXT repo nomos ojo
# Upload artifact
- uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
with:
name: scan-fossology-report
path: ./results
# Artifact download
- uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a
with:
name: scan-fossology-report
check-copyright:
name: Check copyright
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- run: |
docker run --rm --name "fossologyscanner" -w "/opt/repo" -v ${PWD}:/opt/repo \
-e GITHUB_TOKEN=${{ github.token }} \
-e GITHUB_PULL_REQUEST=${{ github.event.number }} \
-e GITHUB_REPOSITORY=${{ github.repository }} \
-e GITHUB_API=${{ github.api_url }} \
-e GITHUB_REPO_URL=${{ github.repositoryUrl }} \
-e GITHUB_REPO_OWNER=${{ github.repository_owner }} \
-e GITHUB_ACTIONS=true \
fossology/fossology:scanner "/bin/fossologyscanner" --report TEXT repo copyright keyword
# Upload artifact
- uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
with:
name: scan-fossology-report
path: ./results
# Artifact download
- uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a
with:
name: scan-fossology-report