diff --git a/.github/workflows/ort.yml b/.github/workflows/ort.yml index fff55ebd2d..ba8d5a8fa1 100644 --- a/.github/workflows/ort.yml +++ b/.github/workflows/ort.yml @@ -34,62 +34,66 @@ jobs: uses: actions/checkout@v4 with: submodules: "true" - ref: ${{ env.BASE_BRANCH }} - - name: Set up JDK 11 for the ORT package - uses: actions/setup-java@v3 - with: - distribution: "temurin" - java-version: 11 - - - name: Cache ORT and Gradle packages - uses: actions/cache@v4 - id: cache-ort - with: - path: | - ./ort - ~/.gradle/caches - ~/.gradle/wrapper - key: ${{ runner.os }}-ort - - - name: Checkout ORT Repository - if: steps.cache-ort.outputs.cache-hit != 'true' - uses: actions/checkout@v4 - with: - repository: "oss-review-toolkit/ort" - path: "./ort" - ref: main - submodules: recursive - - - name: Checkout ORT latest release tag - if: steps.cache-ort.outputs.cache-hit != 'true' - working-directory: ./ort/ - run: | - # Get new tags from remote - git fetch --tags - # Get latest tag name - LATEST_TAG=$(git describe --tags "$(git rev-list --tags --max-count=1)") - # Checkout latest tag - git checkout $LATEST_TAG - - - name: Install ORT - if: steps.cache-ort.outputs.cache-hit != 'true' - working-directory: ./ort/ - run: | - export JAVA_OPTS="$JAVA_OPTS -Xmx8g" - ./gradlew installDist - - - name: Create ORT config file + # - name: Set up JDK 11 for the ORT package + # uses: actions/setup-java@v3 + # with: + # distribution: "temurin" + # java-version: 11 + + # - name: Cache ORT and Gradle packages + # uses: actions/cache@v4 + # id: cache-ort + # with: + # path: | + # ./ort + # ~/.gradle/caches + # ~/.gradle/wrapper + # key: ${{ runner.os }}-ort + + # - name: Checkout ORT Repository + # if: steps.cache-ort.outputs.cache-hit != 'true' + # uses: actions/checkout@v4 + # with: + # repository: "oss-review-toolkit/ort" + # path: "./ort" + # ref: main + # submodules: recursive + + # - name: Checkout ORT latest release tag + # if: steps.cache-ort.outputs.cache-hit != 'true' + # working-directory: ./ort/ + # run: | + # # Get new tags from remote + # git fetch --tags + # # Get latest tag name + # LATEST_TAG=$(git describe --tags "$(git rev-list --tags --max-count=1)") + # # Checkout latest tag + # git checkout $LATEST_TAG + + # - name: Install ORT + # if: steps.cache-ort.outputs.cache-hit != 'true' + # working-directory: ./ort/ + # run: | + # export JAVA_OPTS="$JAVA_OPTS -Xmx8g" + # ./gradlew installDist + + # - name: Create ORT config file + # run: | + # mkdir -p ~/.ort/config + # cat << EOF > ~/.ort/config/config.yml + # ort: + # analyzer: + # allowDynamicVersions: true + # enabledPackageManagers: [Cargo, NPM, PIP] + # EOF + # cat ~/.ort/config/config.yml + + - name: Create result dirs run: | - mkdir -p ~/.ort/config - cat << EOF > ~/.ort/config/config.yml - ort: - analyzer: - allowDynamicVersions: true - enabledPackageManagers: [Cargo, NPM, PIP] - EOF - cat ~/.ort/config/config.yml - + mkdir python/ort_results + mkdir node/ort_results + mkdir glide-core/ort_results ### NODE ### - name: Set up Node.js 16.x @@ -114,12 +118,29 @@ jobs: mv package.json package.json.tmpl envsubst < package.json.tmpl > "package.json" cat package.json - - - name: Run ORT tools for Node - uses: ./.github/workflows/run-ort-tools + + # - name: Run ORT tools for Node + # uses: ./.github/workflows/run-ort-tools + # with: + # folder_name: "node" + - name: Run GitHub action for ORT + uses: oss-review-toolkit/ort-ci-github-action@v1 with: - folder_name: "node" - + allow-dynamic-versions: 'true' + ort-cli-analyze-args: '-P ort.analyzer.enabledPackageManagers=NPM,Cagro,PIP' + sw-name: "node" + image: "ghcr.io/oss-review-toolkit/ort:latest" + report-formats: "PlainTextTemplate" + run: > + cache-dependencies, + analyzer, + reporter, + upload-results + - name: Download the ort results + uses: actions/download-artifact@v3 + with: + path: ./node/ort_results + name: "ort-results-node" ### Python ### - name: Set up Python 3.10 @@ -133,17 +154,52 @@ jobs: python -m pip install --upgrade pip pip install git+https://github.com/nexB/python-inspector - - name: Run ORT tools for Python - uses: ./.github/workflows/run-ort-tools - with: - folder_name: "python" + # - name: Run ORT tools for Python + # uses: ./.github/workflows/run-ort-tools + # with: + # folder_name: "python" + - name: Run GitHub action for ORT for Python + uses: oss-review-toolkit/ort-ci-github-action@v1 + with: + allow-dynamic-versions: 'true' + ort-cli-analyze-args: '-P ort.analyzer.enabledPackageManagers=NPM,Cagro,PIP' + sw-name: "python" + image: "ghcr.io/oss-review-toolkit/ort:latest" + report-formats: "PlainTextTemplate" + run: > + cache-dependencies, + analyzer, + reporter, + upload-results + - name: Download the ort results + uses: actions/download-artifact@v3 + with: + path: ./python/ort_results + name: "ort-results-python" ### Rust ### - - - name: Run ORT tools for Rust - uses: ./.github/workflows/run-ort-tools + - name: Run GitHub action for ORT for Rust + uses: oss-review-toolkit/ort-ci-github-action@v1 + with: + allow-dynamic-versions: 'true' + ort-cli-analyze-args: '-P ort.analyzer.enabledPackageManagers=NPM,Cagro,PIP' + sw-name: "rust" + image: "ghcr.io/oss-review-toolkit/ort:latest" + report-formats: "PlainTextTemplate" + run: > + cache-dependencies, + analyzer, + reporter, + upload-results + - name: Download the ort results + uses: actions/download-artifact@v3 with: - folder_name: "glide-core" + path: ./glide-core/ort_results + name: "ort-results-rust" + # - name: Run ORT tools for Rust + # uses: ./.github/workflows/run-ort-tools + # with: + # folder_name: "glide-core" - name: Check for diff run: |