Merge pull request #1854 from oracle-devrel/ao-plt-updates

Additional licenses and github workflows for solutions hub

Author: anshoracle

ai/generative-ai-service/patient-letter-extraction/.github/workflows/banned_file_changes_pr.yml

@@ -0,0 +1,79 @@
+name: Banned file changes (PR)
+on:
+  # pull_request:
+  #   branches: [ "**/*" ]
+  pull_request_target:
+
+jobs:
+  check_for_banned_file_changes:
+    name: Look for unsupported (banned) file modifications on PRs
+    runs-on: ubuntu-latest
+    steps:
+      - name: 'Get number of git commits'
+        uses: oracle-devrel/[email protected]
+        id: num_commits
+        with:
+          pull_url: ${{ github.event.pull_request.url }}
+      - name: 'Checkout repo'
+        uses: actions/checkout@v2
+        with:
+          ref: ${{ github.event.pull_request.head.ref }}
+          repository: ${{ github.event.pull_request.head.repo.full_name }}
+          fetch-depth: ${{ steps.num_commits.outputs.fetch_depth }}
+      - name: Get file changes
+        uses: oracle-devrel/[email protected]
+        id: files
+        with:
+          pull_url: ${{ github.event.pull_request.url }}
+      - name: Look for changes to .github
+        if: contains(steps.files.outputs.all_files_changed, '.github')
+        run: |
+          echo 'Changes to files in .github are not allowed.'
+      - name: Comment if .github changed
+        if: contains(steps.files.outputs.all_files_changed, '.github')
+        uses: oracle-devrel/add-pr-comment
+        with:
+          message: |
+            :no_entry: **Banned Files Modified**
+            Changes to files in `.github` are not permitted.  Please revert your changes and re-submit a new PR.  Simply changing the file back to its original state and re-committing won't work (you must revert the changes made to it).
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Look for changes to license_policy.yml
+        if: contains(steps.files.outputs.all_files_changed, '"license_policy.yml"')
+        run: |
+          echo 'Changes to license_policy.yml are not allowed.'
+      - name: Comment if license_policy.yml changed
+        if: contains(steps.files.outputs.all_files_changed, '"license_policy.yml"')
+        uses: oracle-devrel/add-pr-comment
+        with:
+          message: |
+            :no_entry: **Banned Files Modified**
+            Changes to `license_policy.yml` are not permitted.  Please revert your changes and re-submit a new PR.  Simply changing the file back to its original state and re-committing won't work (you must revert the changes made to it).
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Look for changes to repolinter.json
+        if: contains(steps.files.outputs.all_files_changed, '"repolinter.json"')
+        uses: oracle-devrel/add-pr-comment
+        with:
+          message: |
+            :no_entry: **Banned Files Modified**
+            Changes to `repolinter.json` are not permitted.  Please revert your changes and re-submit a new PR.  Simply changing the file back to its original state and re-committing won't work (you must revert the changes made to it).
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Comment if repolinter.json changed
+        if: contains(steps.files.outputs.all_files_changed, '"repolinter.json"')
+        run: |
+          echo 'Changes to repolinter.json are not allowed.'
+      - name: Look for changes to sonar-project.properties
+        if: contains(steps.files.outputs.all_files_changed, '"sonar-project.properties"')
+        uses: oracle-devrel/add-pr-comment
+        with:
+          message: |
+            :no_entry: **Banned Files Modified**
+            Changes to `sonar-project.properties` are not permitted.  Please revert your changes and re-submit a new PR.  Simply changing the file back to its original state and re-committing won't work (you must revert the changes made to it).
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Comment if sonar-project.properties changed
+        if: contains(steps.files.outputs.all_files_changed, '"sonar-project.properties"')
+        run: |
+          echo 'Changes to sonar-project.properties are not allowed.'
+      - name: Fail on banned file changes
+        if: contains(steps.files.outputs.all_files_changed, '.github') || contains(steps.files.outputs.all_files_changed, '"license_policy.yml"') || contains(steps.files.outputs.all_files_changed, '"repolinter.json"') || contains(steps.files.outputs.all_files_changed, '"sonar-project.properties"')
+        run: |
+          exit 1

ai/generative-ai-service/patient-letter-extraction/.github/workflows/cla.yml

@@ -0,0 +1,39 @@
+name: "CLA Assistant"
+on:
+  issue_comment:
+    types: [created]
+  pull_request_target:
+    types: [opened,closed,synchronize]
+
+jobs:
+  CLAssistant:
+    runs-on: ubuntu-latest
+    steps:
+      - name: "CLA Assistant"
+        if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target'
+        # Beta Release
+        uses: cla-assistant/[email protected]
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          # the below token should have repo scope and must be manually added by you in the repository's secret
+          PERSONAL_ACCESS_TOKEN : ${{ secrets.PERSONAL_ACCESS_TOKEN }}
+        with:
+          # for per-repo CLA-acceptance:
+          # path-to-signatures: 'signatures/oca-20210504/${{ github.repository }}'
+          # for per-GHO CLA-acceptance:
+          path-to-signatures: 'signatures/oca-20210504/oracledevrel'
+          path-to-document: 'https://github.com/oracledevrel/devrel-oca-mgmt/blob/main/oca-20210504.md' # e.g. a CLA or a DCO document
+          # branch should not be protected
+          branch: 'main'
+          allowlist: bot*
+
+          #below are the optional inputs - If the optional inputs are not given, then default values will be taken
+          remote-organization-name: "oracledevrel" # enter the remote organization name where the signatures should be stored (Default is storing the signatures in the same repository)
+          remote-repository-name:  "devrel-oca-mgmt" # enter the  remote repository name where the signatures should be stored (Default is storing the signatures in the same repository)
+          #create-file-commit-message: 'For example: Creating file for storing CLA Signatures'
+          #signed-commit-message: 'For example: $contributorName has signed the CLA in #$pullRequestNo'
+          #custom-notsigned-prcomment: 'pull request comment with Introductory message to ask new contributors to sign'
+          #custom-pr-sign-comment: 'The signature to be committed in order to sign the CLA'
+          #custom-allsigned-prcomment: 'pull request comment when all contributors has signed, defaults to **CLA Assistant Lite bot** All Contributors have signed the CLA.'
+          #lock-pullrequest-aftermerge: false - if you don't want this bot to automatically lock the pull request after merging (default - true)
+          #use-dco-flag: true - If you are using DCO instead of CLA

ai/generative-ai-service/patient-letter-extraction/.github/workflows/license_audit.yml

@@ -0,0 +1,42 @@
+name: Audit licenses
+on:
+  pull_request_target:
+
+jobs:
+  run_scancode_toolkit:
+    name: Get inventory of licenses used in project
+    runs-on: ubuntu-latest
+    container:
+      image: ghcr.io/oracledevrel/scancode-toolkit:v21.3.31
+      credentials:
+        username: ${{ github.actor }}
+        password: ${{ secrets.GHCR_PAT }}
+    steps:
+      - name: 'Checkout repo'
+        uses: actions/checkout@v2
+        with:
+          ref: ${{ github.event.pull_request.head.ref }}
+          repository: ${{ github.event.pull_request.head.repo.full_name }}
+      - name: Run Scancode-toolkit
+        run: |
+          scancode -l --ignore licenses.json --ignore .github/**/* --ignore license_policy.yml --license-policy license_policy.yml --only-findings --summary --json-pp licenses.json *
+          echo "\n\nHere is the licenses.json:\n"
+          echo $(cat licenses.json)
+      - name: Look for non-approved licenses
+        uses: oracle-devrel/[email protected]
+        id: analysis
+        with:
+          licenses_file: '/github/workspace/licenses.json'
+      - name: Analysis results
+        run: echo "${{ steps.analysis.outputs.unapproved_licenses }}"
+      - name: Comment if analysis finds unapproved licenses
+        if: steps.analysis.outputs.unapproved_licenses == 'true'
+        uses: oracle-devrel/add-pr-comment
+        with:
+          message: |
+            :no_entry: **License Inspection**
+            Requires manual inspection.  There are some licenses which dictate further analysis and review.
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Halt pipeline on unapproved licenses
+        if: steps.analysis.outputs.unapproved_licenses == 'true'
+        run: exit 1

ai/generative-ai-service/patient-letter-extraction/.github/workflows/release-zip-file.yml

@@ -0,0 +1,18 @@
+name: Release ZIP file packaging
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  create_zip:
+    runs-on: ubuntu-latest
+    steps:
+      - name: 'Checkout repo'
+        uses: actions/checkout@v2
+      - name: 'Make (and upload) ZIP file(s)'
+        uses: oracle-devrel/[email protected]
+        id: zip_maker
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          

ai/generative-ai-service/patient-letter-extraction/.github/workflows/repolinter.yml

@@ -0,0 +1,89 @@
+name: Repolinter
+on:
+  pull_request_target:
+jobs:
+  run_repolinter:
+    name: Run Repolinter on pull request
+    runs-on: ubuntu-latest
+    container:
+      image: ghcr.io/oracledevrel/repolinter:v0.11.1
+      credentials:
+        username: ${{ github.actor }}
+        password: ${{ secrets.GHCR_PAT }}
+    steps:
+      - name: 'Checkout repo'
+        uses: actions/checkout@v2
+        with:
+          ref: ${{ github.event.pull_request.head.ref }}
+          repository: ${{ github.event.pull_request.head.repo.full_name }}
+      - name: Run Repolinter
+        run: |
+          set +e
+          bundle exec /app/bin/repolinter.js lint --format json --rulesetFile repolinter.json . > repolinter_results.json
+          echo "\n\nHere is the repolinter_results.json:\n"
+          echo $(cat repolinter_results.json)
+          exit 0
+      - name: Analyze the Repolinter results
+        uses: oracle-devrel/[email protected]
+        id: analysis
+        with:
+          json_results_file: '/github/workspace/repolinter_results.json'
+      - name: Overall analysis results
+        run: |
+          echo "Passed: ${{ steps.analysis.outputs.passed }}"
+          echo "Errored: ${{ steps.analysis.outputs.errored }}"
+      - name: Comment if analysis finds missing disclaimer
+        if: steps.analysis.outputs.disclaimer_found == 'false'
+        uses: oracle-devrel/add-pr-comment
+        with:
+          message: |
+            :no_entry: **FAILURE: Missing Disclaimer**
+            The standard Oracle Disclaimer seems to be missing from the readme.  Please add it:
+
+            ORACLE AND ITS AFFILIATES DO NOT PROVIDE ANY WARRANTY WHATSOEVER, EXPRESS OR IMPLIED, FOR ANY SOFTWARE, MATERIAL OR CONTENT OF ANY KIND CONTAINED OR PRODUCED WITHIN THIS REPOSITORY, AND IN PARTICULAR SPECIFICALLY DISCLAIM ANY AND ALL IMPLIED WARRANTIES OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A PARTICULAR PURPOSE.  FURTHERMORE, ORACLE AND ITS AFFILIATES DO NOT REPRESENT THAT ANY CUSTOMARY SECURITY REVIEW HAS BEEN PERFORMED WITH RESPECT TO ANY SOFTWARE, MATERIAL OR CONTENT CONTAINED OR PRODUCED WITHIN THIS REPOSITORY. IN ADDITION, AND WITHOUT LIMITING THE FOREGOING, THIRD PARTIES MAY HAVE POSTED SOFTWARE, MATERIAL OR CONTENT TO THIS REPOSITORY WITHOUT ANY REVIEW. USE AT YOUR OWN RISK.
+
+            Details:
+            ${{ steps.analysis.outputs.disclaimer_details }}
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Comment if analysis finds missing readme
+        if: steps.analysis.outputs.readme_file_found == 'false'
+        uses: oracle-devrel/add-pr-comment
+        with:
+          message: |
+            :no_entry: **FAILURE: Missing README**
+            The README file seems to be missing.  Please add it.
+
+            Details:
+            ${{ steps.analysis.outputs.readme_file_details }}
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Comment if analysis finds missing license
+        if: steps.analysis.outputs.license_file_found == 'false'
+        uses: oracle-devrel/add-pr-comment
+        with:
+          message: |
+            :no_entry: **FAILURE: Missing LICENSE**
+            The LICENSE file seems to be missing.  Please add it.
+
+            Details:
+            ${{ steps.analysis.outputs.license_file_details }}
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Comment if analysis finds copyright notice missing
+        if: steps.analysis.outputs.copyright_found == 'false'
+        uses: oracle-devrel/add-pr-comment
+        with:
+          message: |
+            :warning: **WARNING: Missing Copyright Notice(s)**
+            It's a good idea to have copyright notices at the top of each file.  It looks like at least one file was missing this (though it might be further down in the file - this might be a false-positive).
+
+            Details:
+            ${{ steps.analysis.outputs.copyright_details }}
+          repo-token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Halt pipeline if README is missing
+        if: steps.analysis.outputs.readme_file_found == 'false'
+        run: exit 1
+      - name: Halt pipeline if LICENSE is missing
+        if: steps.analysis.outputs.license_file_found == 'false'
+        run: exit 1
+      - name: Halt pipeline if disclaimer is missing
+        if: steps.analysis.outputs.disclaimer_found == 'false'
+        run: exit 1