cicd: integrated reusable workflows

Integrated the reusable workflows in the module template

Addresses: #6

Signed-off-by: Dan Calavrezo <[email protected]>

Author: dcalavrezo-qorix

.github/workflows/copyright.yml

@@ -19,12 +19,6 @@ on:
     types: [checks_requested]
 jobs:
   copyright-check:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout repository
-        uses: actions/[email protected]
-      - name: Setup Bazel
-        uses: bazel-contrib/[email protected]
-      - name: Run copyright checks
-        run: |
-          bazel run //:copyright.check
+    uses: eclipse-score/cicd-workflows/.github/workflows/copyright.yml@main
+    with:
+      bazel-target: "run //:copyright.check"

.github/workflows/license_check.yml

@@ -17,80 +17,16 @@ on:
     types: [opened, reopened, synchronize]
   merge_group:
     types: [checks_requested]
-jobs:
-  license-check:
-    runs-on: ubuntu-latest
-    permissions:
-      pull-requests: write
-      issues: write
-    steps:
-      # ------------------------------------------------------------------------------
-      # Checkout the correct branch safely in all scenarios (PRs, forks, merges)
-      # ------------------------------------------------------------------------------
-      # | Condition                              | Event Type         | Checked Out Branch    |
-      # |----------------------------------------|--------------------|-----------------------|
-      # | github.head_ref                        | pull_request_target | PR branch (source branch) |
-      # | github.event.pull_request.head.ref     | pull_request        | PR branch (source branch) |
-      # | github.ref                             | push, merge_group   | The branch being pushed/merged |
-      # ------------------------------------------------------------------------------
-      # ------------------------------------------------------------------------------
-      # Checkout the correct repository safely in all scenarios (PRs, forks, merges)
-      # ------------------------------------------------------------------------------
-      # | Condition                                      | Event Type         | Checked Out Repository           |
-      # |------------------------------------------------|--------------------|----------------------------------|
-      # | github.event.pull_request.head.repo.full_name  | pull_request       | Forked repository (if PR is from a fork) |
-      # | github.repository                              | push, merge_group  | Default repository (same repo PRs, merges, pushes) |
-      - name: Checkout repository (Handle all events)
-        uses: actions/[email protected]
-        with:
-          ref: ${{ github.head_ref || github.event.pull_request.head.ref || github.ref }}
-          repository: ${{ github.event.pull_request.head.repo.full_name || github.repository }}
-      - name: Setup Bazel
-        uses: bazel-contrib/[email protected]
-      - name: Derive project shortname and repo URL
-        run: |
-          # Use a fixed shortname for the Dash project
-          SHORTNAME="automotive.score"
-          REPO_URL="${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}"
-          echo "SHORTNAME=$SHORTNAME" >> $GITHUB_ENV
-          echo "REPO_URL=$REPO_URL" >> $GITHUB_ENV
-      - name: Run license checks
-        run: |
-          # The bash script won't fail on error. We capture the stderr and stdout and we save
-          # the exit code of the bazel command in a variable
-          # The output will also be stored in a file using the tee command
-          # We save both  output and exit code in the GH actions env file
-          set +e  # Ensure script does not exit on failure, even if the bazel run fails, the execution will continue
-          OUTPUT=$(
-            bazel run //docs:license.check.python -- \
-              -review \
-              -project "$SHORTNAME" \
-              -repo "$REPO_URL" \
-              -token "${{ secrets.ECLIPSE_GITLAB_API_TOKEN }}" 2>&1
-          )
-          EXIT_CODE=$?
-          echo "$OUTPUT" | tee license-check-output.txt
-          echo "exit_code=$EXIT_CODE" >> $GITHUB_ENV
-          echo "output<<EOF" >> $GITHUB_ENV
-          echo "$OUTPUT" >> $GITHUB_ENV
-          echo "EOF" >> $GITHUB_ENV
-      - name: Comment on PR with License Check Results
-        if: github.event.pull_request
-        uses: peter-evans/create-or-update-comment@v4
-        with:
-          issue-number: ${{ github.event.pull_request.number }}
-          body: |
-            ### License Check Results
-            🚀 The **license check preparation** job ran successfully.
-
-            **Status:** ${{ env.exit_code == 0 && '✅ Passed' || '⚠️ Needs Review' }}
 
-            <details>
-            <summary>Click to expand output</summary>
+permissions:
+  pull-requests: write
+  issues: write
 
-            ```
-            ${{ env.output }}
-            ```
 
-            </details>
-          reactions: eyes
+jobs:
+  license-check:
+    uses: eclipse-score/cicd-workflows/.github/workflows/license-check.yml@main
+    with:
+      repo-url: "${{ github.server_url }}/${{ github.repository }}"
+    secrets:
+      dash-api-token: ${{ secrets.ECLIPSE_GITLAB_API_TOKEN }}

BUILD

@@ -11,6 +11,8 @@
 # SPDX-License-Identifier: Apache-2.0
 # *******************************************************************************
 load("@score_cr_checker//:cr_checker.bzl", "copyright_checker")
+load("@dash_license_checker//:dash.bzl", "dash_license_checker")
+load("//:project_config.bzl", "PROJECT_CONFIG")
 
 copyright_checker(
     name = "copyright",
@@ -24,3 +26,11 @@ copyright_checker(
     config = "@score_cr_checker//resources:config",
     visibility = ["//visibility:public"],
 )
+
+
+dash_license_checker(
+    visibility = ["//visibility:public"],
+    src = "//examples:cargo_lock",
+    file_type = "",               # let it auto-detect based on project_config
+    project_config = PROJECT_CONFIG
+)

MODULE.bazel

@@ -36,3 +36,6 @@ use_repo(llvm, "llvm_toolchain")
 use_repo(llvm, "llvm_toolchain_llvm")
 
 register_toolchains("@llvm_toolchain//:all")
+
+# Dash license checker
+bazel_dep(name = "dash_license_checker", version = "0.1.0")

README.md

@@ -1,3 +1,4 @@
+
 # C++ & Rust Bazel Template Repository
 
 This repository serves as a **template** for setting up **C++ and Rust projects** using **Bazel**.
@@ -18,10 +19,12 @@ It provides a **standardized project structure**, ensuring best practices for:
 | `README.md`                         | Short description & build instructions            |
 | `src/`                              | Source files for the module                       |
 | `tests/`                            | Unit tests (UT) and integration tests (IT)        |
+| `examples/`                         | Example files used for guidance                   |
 | `docs/`                             | Documentation (Doxygen for C++ / mdBook for Rust) |
 | `.github/workflows/`                | CI/CD pipelines                                   |
 | `.vscode/`                          | Recommended VS Code settings                      |
 | `.bazelrc`, `MODULE.bazel`, `BUILD` | Bazel configuration & settings                    |
+| `project_config.bzl`                | Project-specific metadata for Bazel macros        |
 | `LICENSE.md`                        | Licensing information                             |
 | `CONTRIBUTION.md`                   | Contribution guidelines                           |
 
@@ -38,7 +41,7 @@ cd YOUR_PROJECT
 
 ### 2️⃣ Build the Examples of module
 
-> DISCLAMER: Depending what module implements, it's possible that different
+> DISCLAIMER: Depending what module implements, it's possible that different
 > configuration flags needs to be set on command line.
 
 To build all targets of the module the following command can be used:
@@ -82,3 +85,30 @@ The template integrates **tools and linters** from **centralized repositories**
 ## 📖 Documentation
 
 - A **centralized docs structure** is planned.
+
+---
+
+## ⚙️ `project_config.bzl`
+
+This file defines project-specific metadata used by Bazel macros, such as `dash_license_checker`.
+
+### 📌 Purpose
+
+It provides structured configuration that helps determine behavior such as:
+
+- Source language type (used to determine license check file format)
+- Safety level or other compliance info (e.g. ASIL level)
+
+### 📄 Example Content
+
+```python
+PROJECT_CONFIG = {
+    "asil_level": "QM",  # or "ASIL-A", "ASIL-B", etc.
+    "source_code": ["cpp", "rust"]  # Languages used in the module
+}
+```
+
+### 🔧 Use Case
+
+When used with macros like `dash_license_checker`, it allows dynamic selection of file types
+ (e.g., `cargo`, `requirements`) based on the languages declared in `source_code`.

examples/BUILD

@@ -0,0 +1,8 @@
+# Needed for Dash tool to check python dependency licenses.
+filegroup(
+    name = "cargo_lock",
+    srcs = [
+        "Cargo.lock",
+    ],
+    visibility = ["//visibility:public"],
+)

examples/Cargo.lock

@@ -0,0 +1,5 @@
+# project_config.bzl
+PROJECT_CONFIG = {
+    "asil_level": "QM",
+    "source_code": ["rust"]
+}