Merge pull request #80 from d-party/f/licenses-check

ライセンスチェックの追加

.github/workflows/codeql-analysis.yml

@@ -13,12 +13,8 @@ name: "CodeQL"
 
 on:
   push:
-    branches: [ main ]
-  pull_request:
-    # The branches below must be a subset of the branches above
-    branches: [ main ]
   schedule:
-    - cron: '25 21 * * 5'
+    - cron: "25 21 * * 5"
 
 jobs:
   analyze:
@@ -32,39 +28,39 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        language: [ 'python' ]
+        language: ["python"]
         # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
         # Learn more about CodeQL language support at https://git.io/codeql-language-support
 
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v3
+      - name: Checkout repository
+        uses: actions/checkout@v3
 
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
-      with:
-        languages: ${{ matrix.language }}
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+          # If you wish to specify custom queries, you can do so here or in a config file.
+          # By default, queries listed here will override any specified in a config file.
+          # Prefix the list here with "+" to use these queries and those in the config file.
+          # queries: ./path/to/local/query, your-org/your-repo/queries@main
 
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v2
+      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+      # If this step fails, then you should remove it and run the build manually (see below)
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v2
 
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 https://git.io/JvXDl
+      # ℹ️ Command-line programs to run using the OS shell.
+      # 📚 https://git.io/JvXDl
 
-    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
-    #    and modify them (or add more) to build your code if your project
-    #    uses a compiled language
+      # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+      #    and modify them (or add more) to build your code if your project
+      #    uses a compiled language
 
-    #- run: |
-    #   make bootstrap
-    #   make release
+      #- run: |
+      #   make bootstrap
+      #   make release
 
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2

.github/workflows/license-check.yml

@@ -0,0 +1,37 @@
+name: LicenseCheck
+
+on:
+  push:
+
+jobs:
+  license-check:
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+    steps:
+      - uses: actions/checkout@v3
+      - name: run docker-compose
+        run: |
+          docker-compose up -d
+      - name: init containers
+        run: |
+          docker-compose exec -T django poetry run python manage.py makemigrations
+          docker-compose exec -T django poetry run python manage.py makemigrations streamer
+          docker-compose exec -T django poetry run python manage.py migrate
+          docker-compose exec -T django poetry run python manage.py collectstatic --noinput
+      - name: check licenses
+        run: >
+          docker-compose exec -T django poetry run pip-licenses
+          --with-system 
+          --allow-only="
+            Apache Software License;
+            BSD License;BSD;
+            Freeware;
+            GNU General Public License (GPL);
+            GNU Lesser General Public License v3 or later (LGPLv3+);
+            MIT License;
+            MIT;
+            Mozilla Public License 2.0 (MPL 2.0);
+            Python Software Foundation License;
+            UNKNOWN;
+            Zope Public License;
+            "

Django/pyproject.toml

@@ -44,6 +44,9 @@ pytest-cov = "^3.0.0"
 pytest-profiling = "^1.7.0"
 pytest-parallel = "^0.1.1"
 lizard = "^1.17.10"
+pip-licenses = "^3.5.4"
+pipdeptree = "^2.2.1"
+graphviz = "^0.20"
 [build-system]
 requires = ["poetry-core"]
 build-backend = "poetry.core.masonry.api"

README.md

@@ -5,6 +5,7 @@
 [![SAST](https://github.com/d-party/d-party-Backend/actions/workflows/sast.yml/badge.svg?branch=main&event=push)](https://github.com/d-party/d-party-Backend/actions/workflows/sast.yml)
 [![Python Auto Black](https://github.com/d-party/d-party-Backend/actions/workflows/autoblack.yml/badge.svg?branch=main&event=push)](https://github.com/d-party/d-party-Backend/actions/workflows/autoblack.yml)
 [![CodeQL](https://github.com/d-party/d-party-Backend/actions/workflows/codeql-analysis.yml/badge.svg?branch=main&event=push)](https://github.com/d-party/d-party-Backend/actions/workflows/codeql-analysis.yml)
+[![LicenseCheck](https://github.com/d-party/d-party-Backend/actions/workflows/license-check.yml/badge.svg?event=push)](https://github.com/d-party/d-party-Backend/actions/workflows/license-check.yml)
 
 [![codecov](https://codecov.io/gh/d-party/d-party-Backend/branch/main/graph/badge.svg?token=WZ8DXWKN50)](https://codecov.io/gh/d-party/d-party-Backend)
 [![Website](https://img.shields.io/website?label=d-party.net&up_message=online&url=https%3A%2F%2Fd-party.net)](https://d-party.net)
@@ -61,6 +62,22 @@ settings.py で`debug = True`においてコンテナを起動させた場合に
 docker-compose exec django poetry run pytest --cov --workers auto
 ```
 
+### ライセンスチェックを実行
+
+ライセンスチェックを実行したい場合、全てのコンテナを立ち上げてから、以下のコマンドを実行してください。
+
+```bash
+docker-compose exec django poetry run pip-licenses
+```
+
+### 依存関係の可視化
+
+依存関係の可視化を実行したい場合、全てのコンテナを立ち上げてから、以下のコマンドを実行してください。
+
+```bash
+docker-compose exec django poetry run pipdeptree --graph-output dot > dependencies.dot
+```
+
 ### cronの標準出力/エラー出力を取得
 
 ```bash