From 74ecda7620a6b5cb1d5b69c957d3df2396cd52e3 Mon Sep 17 00:00:00 2001
From: Philipp Caspers <117186241+philipp-caspers@users.noreply.github.com>
Date: Mon, 2 Dec 2024 11:21:19 +0000
Subject: [PATCH] ci: Add `cargo deny` license check

Co-authored-by: Julian Oeltjen <julian.oeltjen@vorausrobotik.com>
---
 .devcontainer/Dockerfile      |  2 +-
 .github/workflows/ci_lint.yml |  6 ++++
 deny.toml                     | 55 +++++++++++++++++++++++++++++++++++
 3 files changed, 62 insertions(+), 1 deletion(-)
 create mode 100644 deny.toml

diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile
index 08b74c3..64cad9e 100644
--- a/.devcontainer/Dockerfile
+++ b/.devcontainer/Dockerfile
@@ -31,7 +31,7 @@ USER $USERNAME
 # Install Rust and the cargo-ament-build plugin
 RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- --default-toolchain 1.82.0 -y
 ENV PATH=/home/$USERNAME/.cargo/bin:$PATH
-RUN cargo install cargo-ament-build
+RUN cargo install cargo-ament-build cargo-deny
 # Install autocompletion for rustup and cargo
 RUN mkdir -p ~/.local/share/bash-completion/completions
 RUN rustup completions bash >> ~/.local/share/bash-completion/completions/rustup
diff --git a/.github/workflows/ci_lint.yml b/.github/workflows/ci_lint.yml
index e8f5756..19da363 100644
--- a/.github/workflows/ci_lint.yml
+++ b/.github/workflows/ci_lint.yml
@@ -19,3 +19,9 @@ jobs:
           cacheFrom: ghcr.io/vorausrobotik/voraus-ros-bridge-dev
           runCmd: cargo clippy --all-targets --all-features -- -Dwarnings
           push: never
+      - name: Cargo deny license check
+        uses: devcontainers/ci@v0.3
+        with:
+          chacheFrom: ghcr.io/vorausrobotik/voraus-ros-bride-dev
+          runCmd: cargo deny check licenses
+          push: never
diff --git a/deny.toml b/deny.toml
new file mode 100644
index 0000000..08ecdcc
--- /dev/null
+++ b/deny.toml
@@ -0,0 +1,55 @@
+[graph]
+all-features = false
+no-default-features = false
+
+[output]
+feature-depth = 1
+
+# More documentation for the licenses section can be found here:
+# https://embarkstudios.github.io/cargo-deny/checks/licenses/cfg.html
+[licenses]
+allow = [
+    "MIT",
+    "Apache-2.0",
+    "Apache-2.0 WITH LLVM-exception",
+    "MPL-2.0",
+    "ISC",
+    "BSD-3-Clause",
+    "Unicode-3.0",
+]
+confidence-threshold = 0.8
+
+[[licenses.clarify]]
+name = "voraus_interfaces"
+expression = "MIT"
+license-files = []
+
+[[licenses.clarify]]
+name = "builtin_interfaces"
+# License can not be inferred but is Apache License 2.0, see https://index.ros.org/p/builtin_interfaces/
+expression = "Apache-2.0"
+license-files = []
+
+[[licenses.clarify]]
+name = "geometry_msgs"
+# License can not be inferred but is Apache License 2.0, see https://index.ros.org/p/geometry_msgs/
+expression = "Apache-2.0"
+license-files = []
+
+[[licenses.clarify]]
+name = "sensor_msgs"
+# License can not be inferred but is Apache License 2.0, see https://index.ros.org/p/sensor_msgs/"
+expression = "Apache-2.0"
+license-files = []
+
+[[licenses.clarify]]
+name = "std_msgs"
+# License can not be inferred but is Apache License 2.0, see https://index.ros.org/p/std_msgs/
+expression = "Apache-2.0"
+license-files = []
+
+[[licenses.clarify]]
+name = "std_srvs"
+# License can not be inferred but is Apache License 2.0, see https://index.ros.org/p/std_srvs/
+expression = "Apache-2.0"
+license-files = []