From d0f8c8c49c5f3c8d3f07a51a7fe9b52a9adaac8b Mon Sep 17 00:00:00 2001 From: Marc Dumais Date: Mon, 6 Feb 2023 10:55:59 -0500 Subject: [PATCH] [CI] [license check] Always specify project During CI we run `dash-licenses` to check that the project's 3PP dependencies are approved by the Eclipse foundation. When a PR originates from the main repo, a token is available that permits running the tool in "automated review mode", which opens IP tickets automatically towards the Eclipse Foundation. When a PR originates from elsewhere, that token is not available and so we fall-back to reporting issues in the CI log. Until now, the "-project" option of `dash-licenses` was only thought useful in "automated review" mode, but it turns-out there is a rare case where we benefit providing this information all the time: when a 3PP dependency was narrowly approved, for use in Eclipse Theia only. Here is one such dependency: https://gitlab.eclipse.org/eclipsefdn/emo-team/iplab/-/issues/2734 The dependency above is part of a recent PR from an outside contributor (non-committer), that originated from a fork: https://github.com/eclipse-theia/theia/pull/12141 So far, for PRs originating from a fork, we would not provide the project when running `dash-licenses` and so such dependency are incorrectly flagged as unapproved: https://github.com/eclipse-theia/theia/actions/runs/4075784869/jobs/7077702838#step:5:186 This commit provides the project all the time, so that such dependencies will be correctly assessed, based on what's approved for our project, even for non-committer contributors. Signed-off-by: Marc Dumais --- scripts/check_3pp_licenses.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/check_3pp_licenses.js b/scripts/check_3pp_licenses.js index 317dd1c73a387..242e56c60d3c6 100644 --- a/scripts/check_3pp_licenses.js +++ b/scripts/check_3pp_licenses.js @@ -66,10 +66,10 @@ async function main() { fs.renameSync(dashLicensesSummary, `${dashLicensesSummary}.old`); } info('Running dash-licenses...'); - const args = ['-jar', dashLicensesJar, 'yarn.lock', '-batch', '50', '-timeout', '240', '-summary', dashLicensesSummary]; + const args = ['-jar', dashLicensesJar, 'yarn.lock', '-batch', '50', '-timeout', '240', '-project', project, '-summary', dashLicensesSummary]; if (autoReviewMode && personalAccessToken) { info(`Using "review" mode for project: ${project}`); - args.push('-review', '-token', personalAccessToken, '-project', project); + args.push('-review', '-token', personalAccessToken); } const dashError = getErrorFromStatus(spawn('java', args, { stdio: ['ignore', 'ignore', 'inherit']