diff --git a/.github/workflows/ci_check_license_headers.yaml b/.github/workflows/ci_check_license_headers.yaml new file mode 100644 index 0000000..a33fbd0 --- /dev/null +++ b/.github/workflows/ci_check_license_headers.yaml @@ -0,0 +1,99 @@ +# +# Copyright 2021-Present The Serverless Workflow Specification Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +name: "CI :: License headers" + +on: + push: + branches: [main] + pull_request: + branches: ["**"] + types: [opened, reopened, ready_for_review, synchronize] + +env: + APACHE_RAT_VERSION: 0.17 + +jobs: + check: + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v6 + + - name: "Setup JDK 17" + uses: actions/setup-java@v5 + with: + java-version: 17 + distribution: "temurin" + + - name: Cache Apache RAT + uses: actions/cache@v5 + id: cache-rat + with: + path: ${{ runner.temp }}/apache-rat-${{ env.APACHE_RAT_VERSION }}.jar + key: apache-rat-${{ env.APACHE_RAT_VERSION }} + + - name: Download Apache RAT + if: steps.cache-rat.outputs.cache-hit != 'true' + run: | + set -e + BASE_URL="https://repo1.maven.org/maven2/org/apache/rat/apache-rat/${APACHE_RAT_VERSION}" + APACHE_RAT_JAR="apache-rat-${APACHE_RAT_VERSION}.jar" + APACHE_RAT_SHA="apache-rat-${APACHE_RAT_VERSION}.jar.sha1" + APACHE_RAT_DIR="${RUNNER_TEMP:-/tmp}" + + mkdir -p "${APACHE_RAT_DIR}" + cd "${APACHE_RAT_DIR}" + + # Download JAR and corresponding SHA-1 checksum + curl -LO "${BASE_URL}/${APACHE_RAT_JAR}" + curl -LO "${BASE_URL}/${APACHE_RAT_SHA}" + + # Verify the downloaded JAR against the published checksum + EXPECTED_SHA1="$(awk '{print $1}' "${APACHE_RAT_SHA}")" + ACTUAL_SHA1="$(sha1sum "${APACHE_RAT_JAR}" | awk '{print $1}')" + if [ "${EXPECTED_SHA1}" != "${ACTUAL_SHA1}" ]; then + echo "Checksum verification FAILED for ${APACHE_RAT_JAR}" >&2 + exit 1 + fi + rm "${APACHE_RAT_SHA}" + + - name: Run Apache RAT + run: | + APACHE_RAT_JAR="${RUNNER_TEMP:-/tmp}/apache-rat-${APACHE_RAT_VERSION}.jar" + + rm -f .rat-reports + + # Redirect output to .rat-reports file, continue even if RAT returns non-zero exit code because we want to print Unapproved documents + java -jar "$APACHE_RAT_JAR" --input-exclude-file .rat-excludes -- . > .rat-reports 2>&1 || true + + # Verify that RAT ran successfully by checking for its summary output + if ! grep -q "Summary" .rat-reports; then + echo "❌ Apache RAT check FAILED - RAT did not complete successfully" >&2 + cat .rat-reports + exit 1 + fi + + # Check for unapproved licenses + if grep -q "^! Unapproved:" .rat-reports; then + echo "❌ Apache RAT check FAILED - Files with unapproved licenses found:" + echo "" + grep "^! /" .rat-reports + exit 1 + else + echo "✅ Apache RAT check PASSED - All files have approved licenses." + fi diff --git a/.gitignore b/.gitignore index 9a5aced..1f7537b 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,19 @@ +# +# Copyright 2021-Present The Serverless Workflow Specification Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + # Logs logs *.log @@ -137,3 +153,6 @@ dist # Vite logs files vite.config.js.timestamp-* vite.config.ts.timestamp-* + +# Apache RAT +.rat-reports diff --git a/.rat-excludes b/.rat-excludes new file mode 100644 index 0000000..14c2ed8 --- /dev/null +++ b/.rat-excludes @@ -0,0 +1,9 @@ +.gitattributes +.npmrc +.prettierignore +.rat-excludes +.rat-reports +pnpm-lock.yaml +pnpm-workspace.yaml +repo/graph.dot +repo/repo.iml diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md index 9342e61..71caacb 100644 --- a/CODE_OF_CONDUCT.md +++ b/CODE_OF_CONDUCT.md @@ -1,3 +1,19 @@ + + # Code of Conduct We follow the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/main/code-of-conduct.md). Please contact the [CNCF Code of Conduct Committee](mailto:conduct@cncf.io) in order to report violations of the Code of Conduct. diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 78fe251..127107a 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,3 +1,19 @@ + + # Contributing to Serverless Workflow Editor Thank you for your interest in contributing to the CNCF Serverless Workflow Editor! We welcome all types of contributions, including bug reports, feature requests, documentation improvements, and code changes. @@ -71,4 +87,4 @@ For new features or architectural changes: --- ### Community and Communication -Join the conversation on the [CNCF Slack](https://slack.cncf.io/) in the `#serverless-workflow` channel. \ No newline at end of file +Join the conversation on the [CNCF Slack](https://slack.cncf.io/) in the `#serverless-workflow` channel. diff --git a/GOVERNANCE.md b/GOVERNANCE.md index db2349e..7ee11d4 100644 --- a/GOVERNANCE.md +++ b/GOVERNANCE.md @@ -1,3 +1,19 @@ + + # Governance The Serverless Workflow Editor is a sub-project of the [Serverless Workflow Specification](https://github.com/serverlessworkflow/specification). diff --git a/README.md b/README.md index dd92ad0..aac375d 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,18 @@ + + # editor CNCF Serverless Workflow Specification Visual Editor