action.yml

name: 'License Finder Scan'
description: 'Runs license_finder on the repository'
branding:
  icon: 'file-text'
  color: 'white'
inputs:
  permitted-licenses:
    description: 'A comma separated list of licenses that are permitted'
    required: false
  approved-dependencies:
    description: 'A comma separated list of dependencies that are approved'
    required: false
  report-name:
    description: 'The name of the report to be generated'
    required: true
    default: license_finder_report.xml
  base-path:
    description: 'The base path with the code to review'
    required: true
    default: ${{ github.workspace }} 
runs:
  using: "composite"
  steps:
    - name: 'Install license-finder'
      run: |
        echo "Installing license_finder"
        sudo gem install license_finder
      shell: bash
    - run: |
        cd ${{ inputs.base-path }}
        echo "Configuring permitted licenses"
        licenses="${{ inputs.permitted-licenses }}"
        for i in ${licenses//,/ }
        do
            license_finder permitted_licenses add $i
        done        
      shell: bash
      if: ${{ inputs.permitted-licenses }}
    - run: |
        cd ${{ inputs.base-path }}
        echo "Configuring approved dependencies"
        dependencies="${{ inputs.approved-dependencies }}"
        for i in ${dependencies//,/ }
        do
            license_finder approvals add $i
        done        
      shell: bash
      if: ${{ inputs.approved-dependencies }}
    - run: |
        cd ${{ inputs.base-path }}
        license_finder report --use-spdx-id
      shell: bash
    - run: |
        cd ${{ inputs.base-path }}
        license_finder report --use-spdx-id --format=junit --quiet > ${{ inputs.report-name }}
      shell: bash