ort-server/.github/workflows/ort.yml at 82c74d689e36f036c6fab84a7b9da6bf44fc8f0c · eclipse-apoapsis/ort-server · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
name: ORT

on:
  workflow_dispatch:

env:
  GH_TOKEN: ${{ github.token }}
  ORT_CONFIG_DIR: ${{ github.workspace }}/ort-server/.github/ort

jobs:
  ort:
    name: Run ORT
    runs-on: ubuntu-24.04
    steps:
    - name: Checkout Repository
      uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
      with:
        path: ort-server

    - name: Setup Gradle
      uses: gradle/actions/setup-gradle@50e97c2cd7a37755bbfafc9c5b7cafaece252f6e # v6.1.0

    - name: Setup Java
      uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
      with:
        distribution: temurin
        java-version: 25

    - name: Setup Node
      uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
      with:
        node-version: 24
        cache-dependency-path: ort-server/ui/pnpm-lock.yaml

    - name: Enable Corepack
      run: corepack enable

    - name: Install the latest ORT release
      run: |
        mkdir ort
        gh release -R oss-review-toolkit/ort download -p 'ort-*.tgz' -O - | tar -xzf - --strip-components=1 -C ort
        echo "ort/bin" >> $GITHUB_PATH

    - name: Cache ORT Cache Directory
      uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5
      with:
        path: ~/.ort/cache
        key: ort-cache-${{ runner.os }}

    - name: Run ORT Analyzer
      run: |
        set +e
        ort --info analyze -i ort-server -o ort-results
        EXIT_CODE=$?
        if [ $EXIT_CODE -ne 0 ] && [ $EXIT_CODE -ne 2 ]; then
          echo "ORT Analyzer exited with code $EXIT_CODE, failing workflow."
          exit $EXIT_CODE
        fi

    - name: Run ORT Advisor
      run: |
        set +e
        ort --info advise -i ort-results/analyzer-result.yml -o ort-results -a OSV
        EXIT_CODE=$?
        if [ $EXIT_CODE -ne 0 ] && [ $EXIT_CODE -ne 2 ]; then
          echo "ORT Advisor exited with code $EXIT_CODE, failing workflow."
          exit $EXIT_CODE
        fi

    - name: Run ORT Evaluator
      run: |
        set +e
        ort --info evaluate -i ort-results/advisor-result.yml -o ort-results --rules-resource /rules/osadl.rules.kts
        EXIT_CODE=$?
        if [ $EXIT_CODE -ne 0 ] && [ $EXIT_CODE -ne 2 ]; then
          echo "ORT Evaluator exited with code $EXIT_CODE, failing workflow."
          exit $EXIT_CODE
        fi

    - name: Upload Evaluator Result
      uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
      with:
        name: evaluation-result
        path: ort-results/evaluation-result.yml

    - name: Run ORT Reporter
      run: |
        set +e
        ort --info report -i ort-results/evaluation-result.yml -o ort-reports -f CycloneDX,SPDXDocument,WebApp
        EXIT_CODE=$?
        if [ $EXIT_CODE -ne 0 ] && [ $EXIT_CODE -ne 2 ]; then
          echo "ORT Reporter exited with code $EXIT_CODE, failing workflow."
          exit $EXIT_CODE
        fi

    - name: Upload ORT Reports
      uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
      with:
        name: reports
        path: ort-reports