one licence scan

anthony-nhs · anthony-nhs · commit 11ca9c978448 · 2026-01-07T07:52:18.000Z
diff --git a/.github/workflows/quality-checks.yml b/.github/workflows/quality-checks.yml
@@ -186,17 +186,20 @@ jobs:
               echo "Poetry version $POETRY_VERSION is outside the required range so not installing plugin-export"
           fi
           poetry export -f requirements.txt --with dev --without-hashes --output=requirements.txt
-      - name: Check python licenses
+      - name: download go dependencies
+        if: ${{ steps.check_languages.outputs.uses_go == 'true' }}
+        run: |
+          cd src
+          go mod vendor
+      - name: Check licenses
         uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
-        if: ${{ steps.check_languages.outputs.uses_poetry == 'true' }}
         with:
           scan-type: "fs"
-          skip-files: "**/poetry.lock,**/go.mod,**/pom.xml,**/package-lock.json"
           scan-ref: "."
           severity: "CRITICAL,HIGH"
           scanners: "license"
           format: "table"
-          output: "license_scan_python.txt"
+          output: "license_scan.txt"
           exit-code: "1"
           list-all-pkgs: "false"
           trivy-config: trivy.yaml
@@ -206,74 +209,17 @@ jobs:
         if: ${{ steps.check_languages.outputs.uses_poetry == 'true' }}
         run: |
           rm -f requirements.txt
-      - name: Check node licenses
-        uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
-        if: ${{ steps.check_languages.outputs.uses_node == 'true' }}
-        with:
-          scan-type: "fs"
-          skip-files: "**/poetry.lock,**/go.mod,**/pom.xml"
-          scan-ref: "."
-          severity: "CRITICAL,HIGH"
-          scanners: "license"
-          format: "table"
-          output: "license_scan_node.txt"
-          exit-code: "1"
-          list-all-pkgs: "false"
-          trivy-config: trivy.yaml
-      - name: download go dependencies
-        if: ${{ steps.check_languages.outputs.uses_go == 'true' }}
-        run: |
-          cd src
-          go mod vendor
-      - name: Check go licenses
-        uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
-        if: ${{ steps.check_languages.outputs.uses_go == 'true' }}
-        with:
-          scan-type: "fs"
-          skip-files: "**/poetry.lock,**/package-lock.json,**/pom.xml"
-          scan-ref: "."
-          severity: "CRITICAL,HIGH"
-          scanners: "license"
-          format: "table"
-          output: "license_scan_go.txt"
-          exit-code: "1"
-          list-all-pkgs: "false"
-          trivy-config: trivy.yaml
       - name: clean go dependencies
         if: ${{ steps.check_languages.outputs.uses_go == 'true' }}
         run: |
           cd src
           rm -rf vendor
-      - name: Check java licenses
-        uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
-        if: ${{ steps.check_languages.outputs.uses_java == 'true' }}
-        with:
-          scan-type: "fs"
-          skip-files: "**/poetry.lock,**/package-lock.json,**/go.mod"
-          scan-ref: "."
-          severity: "CRITICAL,HIGH"
-          scanners: "license"
-          format: "table"
-          output: "license_scan_java.txt"
-          exit-code: "1"
-          list-all-pkgs: "false"
-          trivy-config: trivy.yaml
       - name: Show license scan output
         if: always()
         run: |
-          if [ -f license_scan_python.txt ]; then
-            cat license_scan_python.txt
-          fi
-          if [ -f license_scan_node.txt ]; then
-            cat license_scan_node.txt
+          if [ -f license_scan.txt ]; then
+            cat license_scan.txt
           fi
-          if [ -f license_scan_go.txt ]; then
-            cat license_scan_go.txt
-          fi
-          if [ -f license_scan_java.txt ]; then
-            cat license_scan_java.txt
-          fi
-
       - name: Run code lint
         run: make lint
 
