License Scanning for Maven #837

	name: License Scanning for Maven

	on:
	schedule:
	- cron: '0 8,18 * * 1-5'
	push:
	paths:
	- 'maven/pom.xml'
	- '.github/workflows/license-check.yml'
	- '.github/workflows/acceptable-licenses.txt'

	jobs:
	scan:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v3
	- name: Cache Maven dependencies
	uses: actions/cache@v2
	env:
	cache-name: cache-mvn-modules
	with:
	path: ~/.m2
	key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/pom.xml') }}
	restore-keys: \|
	${{ runner.os }}-build-${{ env.cache-name }}-
	${{ runner.os }}-build-
	${{ runner.os }}-
	- name: Set up JDK 17
	uses: actions/setup-java@v3
	with:
	java-version: 17
	distribution: 'adopt'
	- name: Install XQ
	run: pip install xq
	- name: Download deps and plugins
	run: mvn de.qaware.maven:go-offline-maven-plugin:resolve-dependencies
	- name: Build
	run: mvn install -DskipTests
	- name: License XML report
	run: \|
	mvn org.codehaus.mojo:license-maven-plugin:2.0.0:aggregate-download-licenses
	- name: Validate XML report
	run: \|
	ALLOW_LICENSES=`cat .github/workflows/acceptable-licenses.txt \| sed "s\|<name>\|name='\|" \| sed "s\|</name>\|' \|" \| tr -s '\n' '~' \| sed 's/\~/or /g' `
	xq "//dependency[count(licenses/license[${ALLOW_LICENSES}])=0]" target/generated-resources/aggregate-licenses.xml > target/license-issues.xml
	LINES_FOUND=`cat target/license-issues.xml \| grep "<result>" \| wc -l`
	if [ $LINES_FOUND -gt 0 ]; then cat target/license-issues.xml ; exit -1; fi
	- name: Upload license XML Issues
	uses: actions/upload-artifact@v3
	with:
	name: license-xml-report
	path: 'target/license-issues.xml'

Provide feedback