Skip to content

feat(critical): add critical severity to KICS CLI #2209

feat(critical): add critical severity to KICS CLI

feat(critical): add critical severity to KICS CLI #2209

name: check-apache-license
on:
pull_request_target:
types: [opened, synchronize, edited, reopened]
branches:
- master
jobs:
check-license:
runs-on: ubuntu-latest
env:
BODY: ${{ github.event.pull_request.body }}
USERNAME: ${{ github.event.pull_request.user.login }}
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
persist-credentials: false
sparse-checkout: |
.github/scripts/pr-issue-info/apache-check.md
- name: Check for Apache License
if: env.USERNAME != 'kicsbot' && env.USERNAME != 'dependabot[bot]'
run: |
echo "$BODY" | grep -iPq "^I submit this contribution under the Apache-2.0 license.$" || echo "CHECK_FAILED=true" >> $GITHUB_ENV
- name: Check for comment tag
if: env.CHECK_FAILED != 'true'
run: |
comments=$(curl -s -H "Authorization: token ${{ secrets.KICS_BOT_PAT }}" \
-X GET "https://api.github.com/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/comments")
if echo "$comments" | grep -q "apache_license"; then
echo "TAG_EXISTS=true" >> $GITHUB_ENV
else
echo "TAG_EXISTS=false" >> $GITHUB_ENV
fi
- name: Delete comment if license is fixed
if: env.TAG_EXISTS == 'true'
uses: thollander/actions-comment-pull-request@b07c7f86be67002023e6cb13f57df3f21cdd3411
with:
message: |
Deleting comment...
comment_tag: apache_license
mode: delete
GITHUB_TOKEN: ${{ secrets.KICS_BOT_PAT }}
- name: Add comment if no license
if: env.CHECK_FAILED == 'true'
uses: thollander/actions-comment-pull-request@b07c7f86be67002023e6cb13f57df3f21cdd3411
with:
filePath: .github/scripts/pr-issue-info/apache-check.md
comment_tag: apache_license
mode: recreate
create_if_not_exists: true
GITHUB_TOKEN: ${{ secrets.KICS_BOT_PAT }}
- name: Workflow failed
if: env.CHECK_FAILED == 'true'
run: exit 1