@@ -176,23 +176,29 @@ jobs:
176176 - name : convert python dependencies to requirements.txt
177177 if : ${{ steps.check_languages.outputs.uses_poetry == 'true' }}
178178 run : |
179- poetry self add poetry-plugin-export
179+ POETRY_VERSION=$(poetry --version | awk '{print $3}')
180+
181+ if [[ "$(printf '%s\n' "2.0.0" "$POETRY_VERSION" "3.0.0" | sort -V | head -n1)" == "2.0.0" ]] \
182+ && [[ "$(printf '%s\n' "$POETRY_VERSION" "3.0.0" | sort -V | head -n1)" == "$POETRY_VERSION" ]]; then
183+ echo "Poetry version $POETRY_VERSION is >=2.0.0 and <3.0.0 - installing plugin-export"
184+ poetry self add poetry-plugin-export
185+ else
186+ echo "Poetry version $POETRY_VERSION is outside the required range so not installing plugin-export"
187+ fi
180188 poetry export -f requirements.txt --with dev --without-hashes --output=requirements.txt
181189 cat requirements.txt
182190name : Check python licenses
183- uses : aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
184191 if : ${{ steps.check_languages.outputs.uses_poetry == 'true' }}
185- with :
186- scan-type : " fs"
187- skip-files : " **/package-lock.json,**/go.sum,**/pom.xml,**/poetry.lock"
188- scan-ref : " ."
189- severity : " CRITICAL,HIGH"
190- scanners : " license"
191- format : " table"
192- output : " license_scan_python.txt"
193- exit-code : " 1"
194- list-all-pkgs : " false"
195- trivy-config : trivy.yaml
192+ run : |
193+ trivy fs \
194+ --skip-files "**/package-lock.json,**/go.sum,**/pom.xml" \
195+ --severity CRITICAL,HIGH \
196+ --scanners license \
197+ --format table \
198+ --output license_scan_python.txt \
199+ --exit-code 1 \
200+ --config trivy.yaml \
201+ .
196202env :
197203 VIRTUAL_ENV : " ./.venv/"
198204 - name : remove requirements.txt
0 commit comments