From 6e2ba70dbe487e035a480a11e6b1f4a89d51917d Mon Sep 17 00:00:00 2001
From: Avgustin Marinov <Avgustin.Marinov@bosch.com>
Date: Fri, 27 Jun 2025 11:35:03 +0300
Subject: [PATCH] Fix license scan workflow (#2506) (#2507)

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
---
 .github/workflows/license-scan.yaml           |  2 +-
 .../reusable_workflow_license-scan.yaml       |  4 +---
 .github/workflows/reusable_workflow_tag.yaml  |  2 +-
 .../reusable_workflow_trivy-scan.yaml         | 20 +++++++------------
 4 files changed, 10 insertions(+), 18 deletions(-)

diff --git a/.github/workflows/license-scan.yaml b/.github/workflows/license-scan.yaml
index a828bcbcc..085aad096 100644
--- a/.github/workflows/license-scan.yaml
+++ b/.github/workflows/license-scan.yaml
@@ -21,4 +21,4 @@ jobs:
         ref: ${{ github.ref }}
         open_tickets: true
     secrets:
-      inherit: true
+      GITLAB_API_TOKEN: ${{ secrets.GITLAB_API_TOKEN }}
diff --git a/.github/workflows/reusable_workflow_license-scan.yaml b/.github/workflows/reusable_workflow_license-scan.yaml
index c82fd5aca..8947eb394 100644
--- a/.github/workflows/reusable_workflow_license-scan.yaml
+++ b/.github/workflows/reusable_workflow_license-scan.yaml
@@ -73,9 +73,7 @@ jobs:
             fi
           fi
           # do dash.fail=true so if there are restricted dependencies the build will fail
-          mvn license-tool:license-check -Ddash.fail=true -PcheckLicense -Ddash.iplab.token=${GITLAB_API_TOKEN} --projects '!org.eclipse.hawkbit:hawkbit-repository-test,!org.eclipse.hawkbit:hawkbit-dmf-rabbitmq-test'
-        env:
-          GITLAB_API_TOKEN: ${{ secrets.GITLAB_API_TOKEN }}
+          mvn license-tool:license-check -Ddash.fail=true -PcheckLicense -Ddash.iplab.token=${{ secrets.GITLAB_API_TOKEN }} --projects '!org.eclipse.hawkbit:hawkbit-repository-test,!org.eclipse.hawkbit:hawkbit-dmf-rabbitmq-test'
 
       - name: Check dependency licenses with dash tool (and return the result)
         run: mvn license-tool:license-check -Ddash.fail=true -PcheckLicense --projects '!org.eclipse.hawkbit:hawkbit-repository-test,!org.eclipse.hawkbit:hawkbit-dmf-rabbitmq-test'
\ No newline at end of file
diff --git a/.github/workflows/reusable_workflow_tag.yaml b/.github/workflows/reusable_workflow_tag.yaml
index d6ac9d81a..620f7e7eb 100644
--- a/.github/workflows/reusable_workflow_tag.yaml
+++ b/.github/workflows/reusable_workflow_tag.yaml
@@ -1,4 +1,4 @@
-name: Tag
+name: Tag (Reusable Workflow)
 
 on:
   workflow_call:
diff --git a/.github/workflows/reusable_workflow_trivy-scan.yaml b/.github/workflows/reusable_workflow_trivy-scan.yaml
index 28bc0e478..745dc3560 100644
--- a/.github/workflows/reusable_workflow_trivy-scan.yaml
+++ b/.github/workflows/reusable_workflow_trivy-scan.yaml
@@ -68,41 +68,35 @@ jobs:
             exit 0
           fi
 
-      - name: Upload Docker image scan results to GitHub Security tab hawkbit-ddi-server (hawkbit-ddi-server)
+      - name: Upload Docker image scan results to GitHub Security tab hawkbit-ddi-server
         uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: 'scans/eclipse-hawkbit/hawkbit/hawkbit-ddi-server:latest.sarif'
           category: "Container Images (hawkbit-ddi-server)"
-      - name: Upload Docker image scan results to GitHub Security tab hawkbit-dmf-server (hawkbit-dmf-server)
+      - name: Upload Docker image scan results to GitHub Security tab hawkbit-dmf-server
         uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: 'scans/eclipse-hawkbit/hawkbit/hawkbit-dmf-server:latest.sarif'
           category: "Container Images (hawkbit-dmf-server)"
-      - name: Upload Docker image scan results to GitHub Security tab hawkbit-mgmt-server (hawkbit-mgmt-server)
+      - name: Upload Docker image scan results to GitHub Security tab hawkbit-mgmt-server
         uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: 'scans/eclipse-hawkbit/hawkbit/hawkbit-mgmt-server:latest.sarif'
           category: "Container Images (hawkbit-mgmt-server)"
-      - name: Upload Docker image scan results to GitHub Security tab hawkbit-simple-ui (hawkbit-simple-ui)
+      - name: Upload Docker image scan results to GitHub Security tab hawkbit-simple-ui
         uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: 'scans/eclipse-hawkbit/hawkbit/hawkbit-simple-ui:latest.sarif'
           category: "Container Images (hawkbit-simple-ui)"
 
-      - name: Upload Docker image scan results to GitHub Security tab (hawkbit-update-server)
+      - name: Upload Docker image scan results to GitHub Security tab hawkbit-update-server
         uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: 'scans/eclipse-hawkbit/hawkbit/hawkbit-update-server:latest.sarif'
           category: "Container Images (hawkbit-update-server)"
 
-      - name: Upload Docker image scan results to GitHub Security tab (hawkbit-repository-jpa-init)
+      - name: Upload Docker image scan results to GitHub Security tab hawkbit-repository-jpa-init
         uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: 'scans/eclipse-hawkbit/hawkbit/hawkbit-repository-jpa-init:latest.sarif'
-          category: "Container Images (hawkbit-update-server)"
-
-      - name: Upload Docker image scan results to GitHub Security tab (hawkbit-repository-jpa-init)
-        uses: github/codeql-action/upload-sarif@v3
-        with:
-          sarif_file: 'scans/eclipse-hawkbit/hawkbit/hawkbit-repository-jpa-init:latest.sarif'
-          category: "Container Images (hawkbit-repository-jpa-init)"
\ No newline at end of file
+          category: "Container Images (hawkbit-update-server)"
\ No newline at end of file