Skip to content

Commit 0571490

Browse files
pi-anlpi-anl
committed
github/workflows: Add SPDX compliance and mkspdx test workflows.
Adds CI checks for REUSE compliance on all pushes and pull requests, and unit tests for the mkspdx SBOM generation tool across Python 3.9, 3.11, and 3.12. Signed-off-by: Andrew Leech <[email protected]> Signed-off-by: Andrew Leech <[email protected]>
1 parent 76c2b5c commit 0571490

File tree

2 files changed

+69
-0
lines changed

2 files changed

+69
-0
lines changed

.github/workflows/mkspdx_tests.yml

Lines changed: 53 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,53 @@
1+
name: mkspdx SBOM tool tests
2+
3+
on:
4+
push:
5+
paths:
6+
- 'tools/mkspdx/**'
7+
- '.github/workflows/mkspdx_tests.yml'
8+
pull_request:
9+
paths:
10+
- 'tools/mkspdx/**'
11+
- '.github/workflows/mkspdx_tests.yml'
12+
13+
concurrency:
14+
group: ${{ github.workflow }}-${{ github.ref }}
15+
cancel-in-progress: true
16+
17+
jobs:
18+
test:
19+
runs-on: ubuntu-latest
20+
strategy:
21+
matrix:
22+
python-version: ['3.9', '3.11', '3.12']
23+
steps:
24+
- uses: actions/checkout@v6
25+
- name: Set up Python ${{ matrix.python-version }}
26+
uses: actions/setup-python@v6
27+
with:
28+
python-version: ${{ matrix.python-version }}
29+
- name: Install dependencies
30+
run: |
31+
python -m pip install --upgrade pip
32+
pip install pytest
33+
# Optional: install reuse for enhanced tests
34+
pip install reuse || true
35+
- name: Run unit tests
36+
run: |
37+
python -m pytest tools/mkspdx/tests/ -v --tb=short
38+
- name: Test CLI help
39+
run: |
40+
python -m tools.mkspdx --help
41+
- name: Test validation mode
42+
run: |
43+
# Create a minimal valid SPDX document and validate it
44+
cat > /tmp/test.spdx << 'EOF'
45+
SPDXVersion: SPDX-2.3
46+
DataLicense: CC0-1.0
47+
SPDXID: SPDXRef-DOCUMENT
48+
DocumentName: test
49+
DocumentNamespace: https://example.org/test
50+
Creator: Tool: test
51+
Created: 2025-01-01T00:00:00Z
52+
EOF
53+
python -m tools.mkspdx --validate /tmp/test.spdx

.github/workflows/spdx_compliance.yml

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
name: SPDX license compliance
2+
3+
on: [push, pull_request]
4+
5+
concurrency:
6+
group: ${{ github.workflow }}-${{ github.ref }}
7+
cancel-in-progress: true
8+
9+
jobs:
10+
spdx-compliance:
11+
runs-on: ubuntu-latest
12+
steps:
13+
- uses: actions/checkout@v6
14+
# Version should be kept in sync with .pre-commit-config.yaml
15+
- name: REUSE Compliance Check
16+
uses: fsfe/reuse-action@v5

0 commit comments

Comments
 (0)