add workflow to fetch spdx licenses #62
Conversation
elrayle
force-pushed
the
elr/update-licenses
branch
2 times, most recently
from
ea3b48b
to
5033dc8
Compare
elrayle
force-pushed
the
elr/update-licenses
branch
2 times, most recently
from
266165b
to
d8182d5
Compare
elrayle
force-pushed
the
elr/update-licenses
branch
2 times, most recently
from
6b41210
to
bd1f613
Compare
cmd/license.go
Outdated
| @@ -43,61 +42,54 @@ func extractLicenseIDs() error { | |||
| return err | |||
| } | |||
|
|
|||
| // create two slices of license IDs, one for deprecated and one for not deprecated | |||
| // create two slices of license IDs, one for deprecated and one for active | |||
| var activeLicenseIDs []string | |||
There was a problem hiding this comment.
Prefer activeLicenseIDs instead of nonDeprecatedLicenseIDs as it is more descriptive.
elrayle
force-pushed
the
elr/update-licenses
branch
12 times, most recently
from
ceda506
to
4258c8f
Compare
Includes trivial debug statement in cmd/main.go.
elrayle
force-pushed
the
elr/update-licenses
branch
from
4258c8f
to
b14be09
Compare
| with: | ||
| token: ${{ secrets.GITHUB_TOKEN }} | ||
| commit-message: Add updated license files | ||
| branch: auto-update-licenses |
There was a problem hiding this comment.
Would it possible to append a unique hash to the name of the branch to avoid collisions and problems with the branch? Something like this
| branch: auto-update-licenses | |
| branch: auto-update-licenses-${{ github.run_id }}-${{ github.run_attempt }} |
There was a problem hiding this comment.
peter-evans/create-pull-request will either create the branch or update it and associated PR if it already exists. As this is designed to run once a day on a schedule, the chances that there will be a race condition seem unlikely. I like that the PR will be updated as it prevents proliferation of PRs if one is not immediately merged.
I'd like to keep it as is for now. If in reality there are collisions or other problems, we can add a unique branch identifier at that time.
| required: false | ||
| default: 'false' | ||
| schedule: | ||
| - cron: '0 0 * * *' # Runs at midnight ET |
There was a problem hiding this comment.
| - cron: '0 0 * * *' # Runs at midnight ET | |
| - cron: '0 0 * * *' # Runs at midnight UTC |
Cron is UTC 😄
| run: | | ||
| cd cmd | ||
| echo "Current branch: $(git branch)" | ||
| go run . extract -l -e |
There was a problem hiding this comment.
Do we need to setup go for this?
There was a problem hiding this comment.
Actions have go available without setup. The version of go isn't terribly important to be able to run this simple script.
NOTE: This is marked draft only because the trigger on push to the PR branch needs to be removed. Please do review. I will remove the trigger tomorrow after approved and before merging.
Description
Prior to this, the process for updating licenses and exceptions had to be run manually. This sets up a GitHub Action that will run on a schedule and create a PR in the
auto-update-licensesbranch. The PR can be merged into main, but should not be deleted.New Process
fetch-licensesworkflowspdxexppackageauto-update-licensesbranch and creates a PR from that branch to mainAdditional Steps and Challenges
auto-update-licensesbranch should NOT be deletedauto-update-licenseson mainTODO
auto-update-licensesbranch