Add verify-license-check workflow
Signed-off-by: Eric Ball <eball@linuxfoundation.org>
Change-Id: Ief4178aa10adc6bd234009650cf5ef527972d09d
diff --git a/workflows/verify-license-check.yaml b/workflows/verify-license-check.yaml
new file mode 100644
index 0000000..98f1264
--- /dev/null
+++ b/workflows/verify-license-check.yaml
@@ -0,0 +1,176 @@
+---
+# SPDX-License-Identifier: Apache-2.0
+# SPDX-FileCopyrightText: 2026 The Linux Foundation
+name: Gerrit Verify - License Check
+
+# yamllint disable-line rule:truthy
+on:
+ workflow_dispatch:
+ inputs:
+ # Gerrit-to-Github defaults
+ GERRIT_BRANCH:
+ description: "Branch that change is against"
+ required: true
+ type: string
+ GERRIT_CHANGE_ID:
+ description: "The ID for the change"
+ required: true
+ type: string
+ GERRIT_CHANGE_NUMBER:
+ description: "The Gerrit number"
+ required: true
+ type: string
+ GERRIT_CHANGE_URL:
+ description: "URL to the change"
+ required: true
+ type: string
+ GERRIT_EVENT_TYPE:
+ description: "Type of Gerrit event"
+ required: true
+ type: string
+ GERRIT_PATCHSET_NUMBER:
+ description: "The patch number for the change"
+ required: true
+ type: string
+ GERRIT_PATCHSET_REVISION:
+ description: "The revision sha"
+ required: true
+ type: string
+ GERRIT_PROJECT:
+ description: "Project in Gerrit"
+ required: true
+ type: string
+ GERRIT_REFSPEC:
+ description: "Gerrit refspec of change"
+ required: true
+ type: string
+
+concurrency:
+ # yamllint disable-line rule:line-length
+ group: verify-license-check-${{ github.workflow }}-${{ github.event.inputs.GERRIT_CHANGE_ID || github.run_id }}
+ cancel-in-progress: true
+
+jobs:
+ maven-verify:
+ runs-on: ubuntu-latest
+ steps:
+ # yamllint disable-line rule:line-length
+ - uses: lfreleng-actions/checkout-gerrit-change-action@54d751e8bd167bc91f7d665dabe33fae87aaaa63 # v0.9
+ with:
+ gerrit-refspec: ${{ inputs.GERRIT_REFSPEC }}
+ gerrit-project: ${{ inputs.GERRIT_PROJECT }}
+ gerrit-url: ${{ vars.GERRIT_URL }}
+ delay: "0s"
+ - name: Run licensecheck.sh
+ shell: bash
+ run: |
+ set +e -u -o pipefail
+ fail_licensecheck=0
+
+ while IFS= read -r -d '' f
+ do
+ grep -q "Copyright\|Apache License" "${f}"
+ rc=$?
+ if [[ $rc != 0 ]]; then
+ echo "ERROR: $f does not contain License Header"
+ fail_licensecheck=1
+ fi
+ done < <(find . -name ".git" -prune -o -type f \
+ -name "*.*" \
+ ! -name "*.PNG" \
+ ! -name "*.asc" \
+ ! -name "*.bat" \
+ ! -name "*.bin" \
+ ! -name "*.cert" \
+ ! -name "*.cfg" \
+ ! -name "*.cnf" \
+ ! -name "*.conf" \
+ ! -name "*.cql" \
+ ! -name "*.crt" \
+ ! -name "*.csar" \
+ ! -name "*.csr" \
+ ! -name "*.csv" \
+ ! -name "*.ctmpl" \
+ ! -name "*.curl" \
+ ! -name "*.db" \
+ ! -name "*.der" \
+ ! -name "*.desc" \
+ ! -name "*.diff" \
+ ! -name "*.dnsmasq" \
+ ! -name "*.do" \
+ ! -name "*.docx" \
+ ! -name "*.eot" \
+ ! -name "*.gif" \
+ ! -name "*.gpg" \
+ ! -name "*.graffle" \
+ ! -name "*.ico" \
+ ! -name "*.iml" \
+ ! -name "*.in" \
+ ! -name "*.inc" \
+ ! -name "*.install" \
+ ! -name "*.j2" \
+ ! -name "*.jar" \
+ ! -name "*.jks" \
+ ! -name "*.jpg" \
+ ! -name "*.json" \
+ ! -name "*.jsonld" \
+ ! -name "*.JSON" \
+ ! -name "*.key" \
+ ! -name "*.list" \
+ ! -name "*.local" \
+ ! -path "*.lock" \
+ ! -name "*.log" \
+ ! -name "*.mak" \
+ ! -name "*.md" \
+ ! -name "*.MF" \
+ ! -name "*.mk" \
+ ! -name "*.oar" \
+ ! -name "*.p12" \
+ ! -name "*.patch" \
+ ! -name "*.pb.go" \
+ ! -name "*.pb.gw.go" \
+ ! -name "*.pdf" \
+ ! -name "*.pcap" \
+ ! -name "*.pem" \
+ ! -name "*.png" \
+ ! -name "*.properties" \
+ ! -name "*.proto" \
+ ! -name "*.protoset" \
+ ! -name "*.pyc" \
+ ! -name "*.repo" \
+ ! -name "*.robot" \
+ ! -name "*.rst" \
+ ! -name "*.rules" \
+ ! -name "*.service" \
+ ! -name "*.svg" \
+ ! -name "*.swp" \
+ ! -name "*.tar" \
+ ! -name "*.tar.gz" \
+ ! -name "*.toml" \
+ ! -name "*.ttf" \
+ ! -name "*.txt" \
+ ! -name "*.woff" \
+ ! -name "*.xproto" \
+ ! -name "*.xtarget" \
+ ! -name "*ignore" \
+ ! -name "*rc" \
+ ! -name "*_pb2.py" \
+ ! -name "*_pb2_grpc.py" \
+ ! -name "Dockerfile" \
+ ! -name "Dockerfile.*" \
+ ! -name "go.mod" \
+ ! -name "go.sum" \
+ ! -name "Makefile" \
+ ! -name "Makefile.*" \
+ ! -name "README" \
+ ! -path "*/vendor/*" \
+ ! -path "*conf*" \
+ ! -path "*git*" \
+ ! -path "*swagger*" \
+ ! -path "*.drawio" \
+ ! -name "*.pb.h" \
+ ! -name "*.pb.cc" \
+ ! -name "*/docs/*" \
+ -print0 )
+
+ exit ${fail_licensecheck}