diff --git a/.github/workflows/ort.yml b/.github/workflows/ort.yml new file mode 100644 index 0000000000..fb17be6f4d --- /dev/null +++ b/.github/workflows/ort.yml @@ -0,0 +1,204 @@ + +name: The OSS Review Toolkit (ORT) + +on: + schedule: + - cron: "0 0 * * *" + push: + tags: + - "ort-for-v*.*" +jobs: + run-ort: + name: Create attribution files + runs-on: ubuntu-latest + strategy: + fail-fast: false + env: + PYTHON_ATTRIBUIOTNS: "python/THIRD_PARTY_LICENSES_PYTHON" + NODE_ATTRIBUIOTNS: "node/THIRD_PARTY_LICENSES_NODE" + RUST_ATTRIBUIOTNS: "glide-core/THIRD_PARTY_LICENSES_RUST" + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + submodules: "true" + + - name: Set the release version + shell: bash + run: | + echo ${GITHUB_REF} + echo ${GITHUB_REF:10} + echo ${GITHUB_REF:19} + # echo "RELEASE_VERSION=${GITHUB_REF:19}" >> $GITHUB_ENV + export version=`if ${{ github.event_name == 'schedule' }} ]; then echo "255.255.255"; else echo "RELEASE_VERSION=${GITHUB_REF:19}"; fi` + echo "RELEASE_VERSION=${version} >> $GITHUB_ENV + + - name: Set up JDK 11 for the ORT package + uses: actions/setup-java@v3 + with: + distribution: "temurin" + java-version: 11 + + - name: Cache ORT and Gradle packages + uses: actions/cache@v4 + id: cache-ort + with: + path: | + ./ort + ~/.gradle/caches + ~/.gradle/wrapper + key: ${{ runner.os }}-ort + + - name: Checkout ORT Repository + if: steps.cache-ort.outputs.cache-hit != 'true' + uses: actions/checkout@v4 + with: + repository: "oss-review-toolkit/ort" + path: "./ort" + ref: main + submodules: recursive + + - name: Checkout ORT latest release tag + if: steps.cache-ort.outputs.cache-hit != 'true' + working-directory: ./ort/ + run: | + # Get new tags from remote + git fetch --tags + # Get latest tag name + LATEST_TAG=$(git describe --tags "$(git rev-list --tags --max-count=1)") + # Checkout latest tag + git checkout $LATEST_TAG + + - name: Install ORT + if: steps.cache-ort.outputs.cache-hit != 'true' + working-directory: ./ort/ + run: | + export JAVA_OPTS="$JAVA_OPTS -Xmx8g" + ./gradlew installDist + + - name: Create ORT config file + run: | + mkdir -p ~/.ort/config + cat << EOF > ~/.ort/config/config.yml + ort: + analyzer: + allowDynamicVersions: true + enabledPackageManagers: [Cargo, NPM, PIP] + EOF + cat ~/.ort/config/config.yml + + ### NODE ### + + - name: Set up Node.js 16.x + uses: actions/setup-node@v3 + with: + node-version: 16.x + + - name: Build Node wrapper + uses: ./.github/workflows/build-node-wrapper + with: + os: "ubuntu-latest" + target: "x86_64-unknown-linux-gnu" + github-token: ${{ secrets.GITHUB_TOKEN }} + + - name: Fix Node base package.json file for ORT + working-directory: ./node/npm/glide + run: | + # Remove the glide-rs dependency to avoid duplication + sed -i '/ "glide-rs":/d' ../../package.json + export pkg_name=glide-for-redis-base + export package_version="${{ env.RELEASE_VERSION }}" + export scope=`if [ "$NPM_SCOPE" != '' ]; then echo "$NPM_SCOPE/"; fi` + mv package.json package.json.tmpl + envsubst < package.json.tmpl > "package.json" + cat package.json + + - name: Run ORT tools for Node + working-directory: ./ort/ + run: | + echo "full dir is $GITHUB_WORKSPACE/node/ort_results" + mkdir $GITHUB_WORKSPACE/node/ort_results + # Analyzer (analyzer-result.json) + ./gradlew cli:run --args="analyze -i $GITHUB_WORKSPACE/node -o $GITHUB_WORKSPACE/node/ort_results -f JSON" + + # NOTICE DEFAULT + ./gradlew cli:run --args="report -i $GITHUB_WORKSPACE/node/ort_results/analyzer-result.json -o $GITHUB_WORKSPACE/node/ort_results/ -f PlainTextTemplate" + + + ### Python ### + + - name: Set up Python 3.10 + uses: actions/setup-python@v4 + with: + python-version: "3.10" + + - name: Install Python dependencies + working-directory: ./python + run: | + python -m pip install --upgrade pip + pip install mypy-protobuf + pip install git+https://github.com/nexB/python-inspector + + - name: Build Python wrapper + uses: ./.github/workflows/build-python-wrapper + with: + os: "ubuntu-latest" + target: "x86_64-unknown-linux-gnu" + github-token: ${{ secrets.GITHUB_TOKEN }} + + - name: Run ORT tools for Python + working-directory: ./ort/ + run: | + mkdir $GITHUB_WORKSPACE/python/ort_results + # Analyzer (analyzer-result.json) + ./gradlew cli:run --args="analyze -i $GITHUB_WORKSPACE/python -o $GITHUB_WORKSPACE/python/ort_results -f JSON" + + # NOTICE DEFAULT + ./gradlew cli:run --args="report -i $GITHUB_WORKSPACE/python/ort_results/analyzer-result.json -o $GITHUB_WORKSPACE/python/ort_results/ -f PlainTextTemplate" + + ### Rust ### + + - uses: dtolnay/rust-toolchain@stable + - name: Build Rust core + working-directory: ./glide-core + run: cargo build --all-features + + - name: Run ORT tools for Rust + working-directory: ./ort/ + run: | + mkdir $GITHUB_WORKSPACE/glide-core/ort_results + # Analyzer (analyzer-result.json) + ./gradlew cli:run --args="analyze -i $GITHUB_WORKSPACE/glide-core -o $GITHUB_WORKSPACE/glide-core/ort_results -f JSON" + + # NOTICE DEFAULT + ./gradlew cli:run --args="report -i $GITHUB_WORKSPACE/glide-core/ort_results/analyzer-result.json -o $GITHUB_WORKSPACE/glide-core/ort_results/ -f PlainTextTemplate" + - name: Check for diff + run: | + mv python/ort_results/NOTICE_DEFAULT $PYTHON_ATTRIBUIOTENS + mv node/ort_results/NOTICE_DEFAULT $NODE_ATTRIBUIOTENS + mv glide-core/ort_results/NOTICE_DEFAULT $RUST_ATTRIBUIOTENS + GIT_DIFF=`git diff $PYTHON_ATTRIBUIOTENS $NODE_ATTRIBUIOTENS $RUST_ATTRIBUIOTENS` + if [ -n "$GIT_DIFF" ]; then + echo "FOUND_DIFF=true" >> $GITHUB_ENV + else + echo "FOUND_DIFF=false" >> $GITHUB_ENV + fi + echo "FOUND_DIFF is $FOUND_DIFF" + + ### Create PR ### + - name: create pull request + if: env.FOUND_DIFF == true + run: | + export BRANCH_NAME=`if ${{ github.event_name == 'schedule' }} ]; then echo "scheduled-ort"; else echo "ort-${{ env.RELEASE_VERSION }}"; fi` + export BASE_BRANCH=`if ${{ github.event_name == 'schedule' }} ]; then echo "main"; else echo "${{ env.RELEASE_VERSION }}"; fi` + echo "Creating pull request from branch ${BRANCH_NAME} to branch ${BASE_BRANCH}" + git config --global user.email "barshaul@amazon.com" + git config --global user.name "barshaul" + git checkout -b ${BRANCH_NAME} + + git add $PYTHON_ATTRIBUIOTENS $NODE_ATTRIBUIOTENS $RUST_ATTRIBUIOTENS + git commit -m "Updated attribution files" + git push --set-upstream origin ${BRANCH_NAME} + gh pr create -B main -H ${BRANCH_NAME} --title 'Updated attribution files for ${BRANCH_NAME}' --body 'Created by Github action' + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}