-
Notifications
You must be signed in to change notification settings - Fork 3
46 lines (44 loc) · 1.53 KB
/
policy-scan.yml
File metadata and controls
46 lines (44 loc) · 1.53 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
name: Checks the security policy and configurations
on:
pull_request:
types: [opened, synchronize, reopened]
jobs:
security-policy:
if: github.event.repository.visibility == 'public'
runs-on: ubuntu-latest
defaults:
run:
shell: bash
steps:
- uses: actions/checkout@master
- name: Checks for SECURITY.md policy file
run: |
if ! [[ -f "SECURITY.md" || -f ".github/SECURITY.md" ]]; then exit 1; fi
security-license:
if: github.event.repository.visibility == 'public'
runs-on: ubuntu-latest
defaults:
run:
shell: bash
steps:
- uses: actions/checkout@master
- name: Checks for License file
run: |
expected_license_files=("LICENSE" "LICENSE.txt" "LICENSE.md" "License.txt")
license_file_found=false
current_year=$(date +"%Y")
for license_file in "${expected_license_files[@]}"; do
if [ -f "$license_file" ]; then
license_file_found=true
# check the license file for the current year, if not exists, exit with error
if ! grep -q "$current_year" "$license_file"; then
echo "License file $license_file does not contain the current year."
exit 2
fi
break
fi
done
if [ "$license_file_found" = false ]; then
echo "No license file found. Please add a license file to the repository."
exit 1
fi