spdx / spdx-online-tools

Source for the website providing online SPDX tools
https://tools.spdx.org
Apache License 2.0
60 stars 57 forks source link

copy new license made via issue to request license online tool #439

Open jlovejoy opened 1 year ago

jlovejoy commented 1 year ago

not sure if this is possible - but if someone requests a new license via an issue template (not the license submission online tool), is there a way to then funnel that info into the online tool in order to leverage the functionality for creating XML files and a PR, etc.

@seabass-labrax had this idea, so please add any more details that may help describe this!

goneall commented 1 year ago

A couple of hints on this one:

rtgdk commented 1 year ago

As @goneall pointed out above, we can have a github action/script on spdx-license-xml repo that calls an api on spdx-online-tools production/internal server. This can be called on specific files of the repo or while before merging a PR. There exists an api to create license similar to what we have on UI. Not sure if it works on all cases after recent changes.

We can also have a unique api for this usecase to be used by the organisation only. Can be taken up as part of the gsoc project.

BassCoder2808 commented 1 year ago

Hi @jlovejoy @goneall and @rtgdk, actually I wanted to work on this issue if it is still open. As you have mentioned above this issue is not related to this repo but license-list-XML, but I couldn't find the issue there, so should I create a new issue for that in that repo? Also, I have attached a demo github_workflow for the above problem, can you all please review and tell me if I am on the same page or if something else needs to be changed

name: Create License
on:
  issues:
    types: ["new license/exception request"]
jobs:
  create_license_template:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - name: Set up Python 3.10
        uses: actions/setup-python@v3
        with:
          python-version: "3.10"
      - name: Install dependencies
        run: |
          python -m pip install --upgrade pip
          pip install -r requirements.txt
      - name: Create License Files
        run: |
          python license-files.py
rtgdk commented 1 year ago

Yes @BassCoder2808 , you are on the right path. The github workflow should run only for new license/exception request and call the create license api on the spdx production server for now. The output/link of the license request should be pasted in the issue comments for user to track.

BassCoder2808 commented 1 year ago

Ok @rtgdk , I will start working now on the api part now

BassCoder2808 commented 1 year ago

Hi @rtgdk @goneall and @jlovejoy, I worked on this part over the week, and the new github_workflow would look like this.

name: Create License
on:
  issues:
    types: ["new license/exception request"]
jobs:
  create_license_template:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - name: Set up Python 3.10
        uses: actions/setup-python@v3
        with:
          python-version: "3.10"
      - name: Install dependencies
        run: |
          python -m pip install --upgrade pip
          pip install -r requirements.txt
      - name: Authenticate with GitHub
        uses: wei/oauth2-action@v1
        id: github_auth
        with:
          auth_url: https://github.com/login/oauth/authorize
          token_url: https://github.com/login/oauth/access_token
          client_id: ${{ secrets.GITHUB_CLIENT_ID }}
          client_secret: ${{ secrets.GITHUB_CLIENT_SECRET }}
          scope: repo
          callback_url: https://tools.spdx.org/oauth/complete/github
      - name: Create License Files
        run: |
          python license-files.py
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

The new part of github_auth was added, because the way our backend API works, we need to get the github_code for which we need to authorize the user, I have mentioned the way I have thought of doing it above, but wanted to confirm that is this the right way, this works as I have tested it, but if there's an easier way of getting the code instead of this redirecting it to an OAuth page. Another thing is that we will need to add ${{ secrets.GITHUB_CLIENT_ID }} and ${{ secrets.GITHUB_CLIENT_SECRET }} in the Secrets section of the license-list-xml repo so that the above workflow works correctly. Please let me know your thoughts about the approach

jlovejoy commented 1 year ago

@BassCoder2808 - is this something you still want to work on?

I've updated the title of the issue to be more descriptive. You can see the issue template here: https://github.com/spdx/license-list-XML/issues/new/choose (I'd also like to list the online tool link/option first, but we could not figure out how to change the order things appear there)

BassCoder2808 commented 1 year ago

Hi @jlovejoy currently, I am not working on this one because we will need a major change in the way our backend API works.