Move 3rd party license check into separate bash scripts

The functionality for creating the list of 3rd party dependencies and checking their licenses using the Eclipse Dash tool has been moved into a distinct bash script so that it can be used more easily in a local workspace.
eclipse-uprotocol · Jan 16, 2025 · 6437fc6 · 6437fc6
1 parent 9c10d55
commit 6437fc6
Show file tree

Hide file tree

Showing 2 changed files with 48 additions and 18 deletions.
diff --git a/.github/scripts/check-3rd-party-licenses.sh b/.github/scripts/check-3rd-party-licenses.sh
@@ -0,0 +1,34 @@
+#!/bin/bash
+deps_file=${DEPS_FILE:-"DEPS.txt"}
+dash_jar=${DASH_JAR:-"/tmp/dash.jar"}
+dash_summary=${DASH_SUMMARY:-"DASH_SUMMARY.txt"}
+project=${PROJECT:-"automotive.uprotocol"}
+token=$1
+
+echo "creating 3rd party dependency list..."
+cargo tree -e no-build,no-dev --prefix none --no-dedupe \
+  | sed -n '2~1p' \
+  | sort -u \
+  | grep -v '^[[:space:]]*$' \
+  | sed -E 's|([^ ]+) v([^ ]+).*|crate/cratesio/-/\1/\2|' \
+  > "$deps_file"
+
+if [[ ! -r "$dash_jar" ]]; then
+  echo "Eclipse Dash JAR file [${dash_jar}] not found, downloading latest version from GitHub..."
+  wget_bin=$(which wget)
+  if [[ -z "$wget_bin" ]]; then
+    echo "wget command not available on path"
+    exit 127
+  else
+    wget --quiet -O "$dash_jar" "https://repo.eclipse.org/service/local/artifact/maven/redirect?r=dash-licenses&g=org.eclipse.dash&a=org.eclipse.dash.licenses&v=LATEST"
+  echo "successfully downloaded Eclipse Dash JAR to ${dash_jar}"
+  fi
+fi
+
+if [[ -n "$token" ]]; then
+  additional_args="-review -token $token -project $project"
+else
+  additional_args=""
+fi
+echo "checking 3rd party licenses..."
+java -jar "$dash_jar" -timeout 60 -batch 90 -summary "$dash_summary" $additional_args "$deps_file"
diff --git a/.github/workflows/check-dependencies.yaml b/.github/workflows/check-dependencies.yaml
@@ -26,32 +26,28 @@ concurrency:
   group: ${{ github.ref }}-${{ github.workflow }}
   cancel-in-progress: true
 
+env:
+  RUST_TOOLCHAIN: ${{ vars.RUST_TOOLCHAIN || 'stable' }}
+  RUSTFLAGS: -Dwarnings
+  CARGO_TERM_COLOR: always
+
 jobs:
   deps:
     name: "Check 3rd party licenses"
     runs-on: ubuntu-latest
+    env:
+      DASH_SUMMARY: "DEPENDENCIES.txt"
     steps:
     - uses: actions/checkout@v4
-    - name: cargo tree
-      working-directory: ${{github.workspace}}
-      run: |
-        cargo tree -e no-build,no-dev --prefix none --no-dedupe \
-          | sort -u \
-          | grep -v '^[[:space:]]*$' \
-          | grep -v up-transport-mqtt5 \
-          | sed -E 's|([^ ]+) v([^ ]+).*|crate/cratesio/-/\1/\2|' \
-          > DEPS.txt
-    - name: Set up JDK
-      uses: actions/setup-java@v4
       with:
-        distribution: "temurin"
-        java-version: "17"
-    - name: "Run latest Eclipse Dash jar file"
+        submodules: "recursive"
+    - uses: dtolnay/rust-toolchain@master
+      with: 
+        toolchain: ${{ env.RUST_TOOLCHAIN }}
+    - name: "Check 3rd party license compatibility"
       id: "run-checks"
-      working-directory: ${{github.workspace}}
       run: |
-        wget --quiet -O dash.jar "https://repo.eclipse.org/service/local/artifact/maven/redirect?r=dash-licenses&g=org.eclipse.dash&a=org.eclipse.dash.licenses&v=LATEST"
-        if java -Dorg.eclipse.dash.timeout=60 -jar dash.jar -batch 90 -summary DEPENDENCIES.txt DEPS.txt
+        if .github/scripts/check-3rd-party-licenses.sh
         then
           echo "checks-failed=0" >> $GITHUB_OUTPUT
           echo "License information of 3rd party dependencies has been vetted successfully." >> $GITHUB_STEP_SUMMARY
@@ -65,7 +61,7 @@ jobs:
       uses: actions/upload-artifact@v4
       with:
         name: 3rd-party-dependencies
-        path: DEPENDENCIES.txt
+        path: $DASH_SUMMARY
     - name: "Determine exit code"
       env:
         EXIT_CODE: ${{ steps.run-checks.outputs.checks-failed }}