Merge pull request #5 from HPEEzmeral/ezaf-2875-custom-security-manager #17

	name: License Check

	on:
	push:
	branches-ignore:
	- "dependabot/**"
	pull_request:

	jobs:
	license_check:
	name: License Check
	runs-on: ubuntu-20.04
	steps:
	- name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
	uses: actions/checkout@v2
	with:
	persist-credentials: false
	submodules: recursive
	- name: Setup Java
	uses: actions/setup-java@v1
	with:
	java-version: 8
	- name: Generate fossa report
	env:
	FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
	run: \|
	set -eo pipefail
	if [[ "${{github.event_name}}" != "pull_request" ]]; then
	./scripts/fossa.sh
	exit 0
	fi

	URL="https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/files"
	FILES=$(curl -s -X GET -G $URL \| jq -r '.[] \| .filename')

	cat<<EOF
	CHANGED FILES:
	$FILES

	EOF

	if [[ "${FILES}" =~ (.package\.json\|requirements\/[a-z_-]+\.txt\|setup\.py) ]]; then
	echo "Detected dependency changes... running fossa check"

	./scripts/fossa.sh
	else
	echo "No dependency changes... skiping fossa check"
	fi
	shell: bash
	- name: Run license check
	run: ./scripts/check_license.sh

Provide feedback