From 4a4fa6c84a863be7c27050db2b95e03424712909 Mon Sep 17 00:00:00 2001 From: Hugo Linder Date: Tue, 2 Jun 2026 10:49:15 +0200 Subject: [PATCH] Add OSS license gate to Android (RND-1996) Warn-only license gate (gate-severity HIGH,CRITICAL since Android is a distribution context) plus the weekly license-inventory stub. Both call the central reusable workflows in prod-env. Co-Authored-By: Claude Opus 4.8 --- .github/workflows/license-inventory.yml | 11 +++++++++++ .github/workflows/license.yml | 16 ++++++++++++++++ 2 files changed, 27 insertions(+) create mode 100644 .github/workflows/license-inventory.yml create mode 100644 .github/workflows/license.yml diff --git a/.github/workflows/license-inventory.yml b/.github/workflows/license-inventory.yml new file mode 100644 index 0000000000..aa6a5535a5 --- /dev/null +++ b/.github/workflows/license-inventory.yml @@ -0,0 +1,11 @@ +name: license-inventory +on: + schedule: + - cron: "0 5 * * 1" # Mondays ~06:00 Europe/Stockholm + workflow_dispatch: +jobs: + inventory: + permissions: + contents: write + pull-requests: write + uses: HedvigInsurance/prod-env/.github/workflows/license-inventory.yml@master diff --git a/.github/workflows/license.yml b/.github/workflows/license.yml new file mode 100644 index 0000000000..8069ba6381 --- /dev/null +++ b/.github/workflows/license.yml @@ -0,0 +1,16 @@ +name: license +on: + pull_request: + push: + branches: [develop, "renovate/**"] +jobs: + license: + uses: HedvigInsurance/prod-env/.github/workflows/license-gate.yml@master + with: + # Android ships to end-user devices (a distribution context), so block weak + # copyleft (LGPL/MPL/EPL) as well as forbidden licenses — not just the + # forbidden set that backends gate on. + gate-severity: "HIGH,CRITICAL" + # Warn-only pilot: reports findings but never fails the build. Review one run, + # populate `ignored-licenses` for any pre-existing hits, then remove this line. + enforce: false