mirror of
https://github.com/aquasecurity/trivy.git
synced 2025-12-12 07:40:48 -08:00
41 lines
1.4 KiB
YAML
41 lines
1.4 KiB
YAML
name: SPDX licenses cron
|
|
on:
|
|
schedule:
|
|
- cron: '0 0 * * 0' # every Sunday at 00:00
|
|
workflow_dispatch:
|
|
|
|
jobs:
|
|
build:
|
|
name: Check if SPDX exceptions
|
|
runs-on: ubuntu-24.04
|
|
steps:
|
|
- name: Check out code
|
|
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
|
|
- name: Set up Go
|
|
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
|
|
with:
|
|
go-version-file: go.mod
|
|
cache: false
|
|
check-latest: true # Ensure we use the latest Go patch version
|
|
|
|
- name: Install Go tools
|
|
run: go install tool # GOBIN is added to the PATH by the setup-go action
|
|
|
|
- name: Check if SPDX license IDs and exceptions are up-to-date
|
|
id: exceptions_check
|
|
run: |
|
|
mage spdx:updateLicenseEntries
|
|
if [ -n "$(git status --porcelain)" ]; then
|
|
echo "Run 'mage spdx:updateLicenseEntries' and push it"
|
|
echo "send_notify=true" >> $GITHUB_OUTPUT
|
|
fi
|
|
|
|
- name: Microsoft Teams Notification
|
|
uses: Skitionek/notify-microsoft-teams@e7a2493ac87dad8aa7a62f079f295e54ff511d88 # main
|
|
if: steps.exceptions_check.outputs.send_notify == 'true'
|
|
with:
|
|
webhook_url: ${{ secrets.TRIVY_MSTEAMS_WEBHOOK }}
|
|
needs: ${{ toJson(needs) }}
|
|
job: ${{ toJson(job) }}
|
|
steps: ${{ toJson(steps) }} |