Add license-scan workflow (#2453)

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-06-16 15:17:10 +03:00
parent 044963f84c
commit 371c726e06
3 changed files with 42 additions and 29 deletions
--- a/.github/workflows/license-scan.yml
+++ b/.github/workflows/license-scan.yml
@@ -0,0 +1,34 @@
+name: Release
+
+on:
+  # enable running the workflow manually
+  workflow_dispatch:
+
+jobs:
+  verify:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up JDK & Maven Central credentials
+        uses: actions/setup-java@v4
+        with:
+          distribution: 'temurin'
+          java-version: 21
+          cache: 'maven'
+
+      - name: Cache local Maven repository
+        uses: actions/cache@v4
+        with:
+          path: ~/.m2/repository
+          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+          restore-keys: |
+            ${{ runner.os }}-maven-
+
+      - name: Check file license headers
+        run: mvn license:check -Plicense --batch-mode
+      - name: Check dependency licenses with dash tool
+        run: mvn license-tool:license-check -Plicense -Ddash.iplab.token=${GITLAB_API_TOKEN} --projects '!org.eclipse.hawkbit:hawkbit-repository-test,!org.eclipse.hawkbit:hawkbit-dmf-rabbitmq-test' --batch-mode
+        env:
+          GITLAB_API_TOKEN: ${{ secrets.GITLAB_API_TOKEN }}
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -48,13 +48,16 @@ jobs:

      - name: Check file license headers
        run: mvn license:check -Plicense --batch-mode
-#      - name: Check dependency licenses with dash tool
-#        run: mvn license-tool:license-check -Plicense --projects '!org.eclipse.hawkbit:hawkbit-repository-test,!org.eclipse.hawkbit:hawkbit-dmf-rabbitmq-test' --batch-mode
-      - name: Run tests & build javadoc
-        run: mvn clean install javadoc:jar -Dadditionalparam=-Xdoclint:none --batch-mode
+      - name: Check dependency licenses with dash tool
+        run: mvn license-tool:license-check -Plicense -Ddash.iplab.token=${GITLAB_API_TOKEN} --projects '!org.eclipse.hawkbit:hawkbit-repository-test,!org.eclipse.hawkbit:hawkbit-dmf-rabbitmq-test' --batch-mode
+        env:
+          GITLAB_API_TOKEN: ${{ secrets.GITLAB_API_TOKEN }}
+#
+#      - name: Run tests & build javadoc
+#        run: mvn clean verify javadoc:javadoc -Dadditionalparam=-Xdoclint:none --batch-mode

      - name: Deploy
-        run: mvn deploy -Ppublish -DskipTests -Drevision=${REVISION} -B --batch-mode
+        run: mvn clean deploy javadoc:javadoc javadoc:jar -Dadditionalparam=-Xdoclint:none -Ppublish -DskipTests -Drevision=${REVISION} -B --batch-mode
        env:
          REVISION: ${{ github.event.inputs.revision }}
          MAVEN_USERNAME: ${{ secrets.CENTRAL_SONATYPE_TOKEN_USERNAME }}