/r-license-report

Github Action to generate an R Package Dependencies' License Report

Primary LanguageRMIT LicenseMIT

SuperLinter License report action test

R Dependency License Report

Description

A Github Action that generates a license report of an R package's dependencies for continuous compliance.

Action Type

Docker

Author

Insights Engineering

Inputs

  • path:

    Description: Path to package's root

    Required: false

    Default: .

  • regex:

    Description: Regex used for flagging packages with non-compliant licenses

    Required: false

    Default: ""

  • fail:

    Description: Fail with a non-zero exit code if one or more dependencies are flagged by the regex

    Required: false

    Default: True

  • rspm_snapshot_date:

    Description: RSPM snapshot date (in the YYYY-MM-DD format) for package metadata retrieval. Defaults to current date

    Required: false

    Default: ""

  • bioc_release:

    Description: BioConductor release version for package metadata retrieval

    Required: false

    Default: release

  • as_html:

    Description: Whether you also want the report as an html file

    Required: false

    Default: false

Outputs

None

Usage

To use this GitHub Action you will need to complete the following:

  • Create a new file in your repository called .github/workflows/r-license-report.yml
  • Copy the quickstart workflow from below into that new file, no extra configuration required
  • Commit that file to a new branch
  • Open up a pull request and observe the action working
  • Review the output of the action as needed

Quickstart

In your repository you should have a .github/workflows/r-license-report.yml folder with GitHub Action similar to below:

---
name: License Report

on:
  push:
    branches-ignore: [main]
  pull_request:
    branches: [main]

jobs:
  license-report:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repo
        uses: actions/checkout@v2
      - name: License Report
        uses: insightsengineering/r-license-report@v1

Complete example

The following workflow is a complete example that highlights the available options in this Action:

---
name: License Compliance Check

on:
  push:
    branches-ignore: [main]
  pull_request:
    branches: [main]

jobs:
  license-check:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repo
        uses: actions/checkout@v2

      - name: Generate License Report
        uses: insightsengineering/r-license-report@v1
        with:
          # R package root path, in case your R package is within a subdirectory of the repo
          path: "."
          # A regular expression that can be used for matching and flagging non-compliant licenses
          regex: "^AGPL.*"
          # Fail the action if 1 or more matching non-compliant licenses are found
          fail: true
          # Select an RSPM snapshot date for CRAN dependency metadata retrieval
          rspm_snapshot_date: "2021-12-12"
          # Select a Bioconductor release version for BioC dependency metadata retrieval
          bioc_release: "3.14"
          # Whether you also want the report as an `html` file
          as_html: true

      - name: Upload PDF Report
        uses: actions/upload-artifact@v2
        with:
          name: license-report.pdf
          path: license-report.pdf

An example of the output of the action can be seen below: Screenshot with example output

Standalone Usage

The underlying script used in this action can also be used as a standalone script, and can be used outside of this action (eg. in other CI/CD tools). Simply:

  • Download the script
wget https://raw.githubusercontent.com/insightsengineering/r-license-report/main/license-report.R
  • Set execute permissions
chmod +x license-report.R
  • Run the script
./license-report.R --help