Skip to content

fix #18 - Add GitHub Action to enforce Apache 2.0 license headers#27

Merged
ricardozanini merged 11 commits intoserverlessworkflow:mainfrom
fantonangeli:issue-18-Add-GitHub-Action-to-enforce-Apache-20-license-headers-2
Mar 10, 2026
Merged

fix #18 - Add GitHub Action to enforce Apache 2.0 license headers#27
ricardozanini merged 11 commits intoserverlessworkflow:mainfrom
fantonangeli:issue-18-Add-GitHub-Action-to-enforce-Apache-20-license-headers-2

Conversation

@fantonangeli
Copy link
Contributor

@fantonangeli fantonangeli commented Mar 5, 2026

Closes #18

Summary

Add a GitHub Actions workflow that validates Apache 2.0 license headers are present in all applicable source files and fails the build if headers are missing. The check must execute on every Pull Request.

Goals

Ensure all source files comply with Apache 2.0 licensing requirements.

  • Prevent merging code without proper license headers.
  • Automate enforcement instead of relying on manual review.
  • Maintain CNCF/open-source governance standards.

Non-Goals

  • Complex legal compliance tooling beyond header validation.
  • Checking third-party dependency licenses.

@fantonangeli fantonangeli requested review from Copilot, lornakelly and ricardozanini and removed request for Copilot March 5, 2026 16:31
@ricardozanini
Copy link
Member

ricardozanini commented Mar 5, 2026

@fantonangeli you must sign your commits with a key that matches your email.

ricardozanini
ricardozanini requested changes Mar 5, 2026
View reviewed changes
@fantonangeli
GHA creation
35e5193 
Signed-off-by: fantonangeli <fabrizio.antonangeli@gmail.com>
@fantonangeli fantonangeli force-pushed the issue-18-Add-GitHub-Action-to-enforce-Apache-20-license-headers-2 branch from 5dd02f0 to 40a08ea Compare March 6, 2026 16:42
fantonangeli added a commit to fantonangeli/serverlessworkflow-editor that referenced this pull request Mar 6, 2026
@fantonangeli
Fixes comment: serverlessworkflow#27 (comment)
69a4aef
Copilot AI review requested due to automatic review settings March 6, 2026 17:19
Copilot AI reviewed Mar 6, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds automated license-header enforcement using Apache RAT so pull requests fail if files without approved licensing are introduced, supporting the repository’s Apache 2.0 compliance goal.

Changes:

  • Add a CI workflow that runs Apache RAT on pushes to main and on PR events.
  • Introduce .rat-excludes to exclude certain non-source/config/generated files from RAT scanning.
  • Add Apache 2.0 license headers to README.md and .gitignore.

Reviewed changes

Copilot reviewed 3 out of 4 changed files in this pull request and generated 3 comments.

File Description
README.md Adds an Apache 2.0 license header in an HTML comment.
.rat-excludes Defines files to exclude from Apache RAT scanning.
.gitignore Adds an Apache 2.0 license header comment block.
.github/workflows/ci_check_license_headers.yaml New workflow that downloads and runs Apache RAT, failing on unapproved files.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

@fantonangeli
fix missing license
c614475 
Signed-off-by: fantonangeli <fabrizio.antonangeli@gmail.com>
@fantonangeli
Fixes comment: serverlessworkflow#27 (comment)
68eca73 
Signed-off-by: fantonangeli <fabrizio.antonangeli@gmail.com>
@fantonangeli fantonangeli force-pushed the issue-18-Add-GitHub-Action-to-enforce-Apache-20-license-headers-2 branch from 2947dc9 to 68eca73 Compare March 6, 2026 17:29
@fantonangeli
Fix copilot comments
b095ee2 
Signed-off-by: fantonangeli <fabrizio.antonangeli@gmail.com>
Copilot AI review requested due to automatic review settings March 6, 2026 18:39
Copilot AI reviewed Mar 6, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 3 out of 4 changed files in this pull request and generated 4 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

ricardozanini
ricardozanini reviewed Mar 6, 2026
View reviewed changes
@fantonangeli
Fix comment serverlessworkflow#27 (comment)
b3ac5f0 
Signed-off-by: fantonangeli <fabrizio.antonangeli@gmail.com>
@fantonangeli
Updated actions version
22bfafc 
Signed-off-by: fantonangeli <fabrizio.antonangeli@gmail.com>
@fantonangeli
Fixes comment: https://github.com/serverlessworkflow/editor/pull/27/c…
b088800 
…hanges#r2897289283

Signed-off-by: fantonangeli <fabrizio.antonangeli@gmail.com>
@fantonangeli
Fixes comment: https://github.com/serverlessworkflow/editor/pull/27/c…
8c73f46 
…hanges#r2897676663

Signed-off-by: fantonangeli <fabrizio.antonangeli@gmail.com>
@fantonangeli
Update action/cache
0b6dce4 
Signed-off-by: fantonangeli <fabrizio.antonangeli@gmail.com>
Copilot AI review requested due to automatic review settings March 9, 2026 17:13
Copilot AI reviewed Mar 9, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 3 out of 4 changed files in this pull request and generated 3 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

@ricardozanini
Copy link
Member

ricardozanini commented Mar 9, 2026

@lornakelly are you going to review this PR?

@fantonangeli
Merge remote-tracking branch 'upstream/main' into issue-18-Add-GitHub…
30e806b 
…-Action-to-enforce-Apache-20-license-headers-2

Signed-off-by: fantonangeli <fabrizio.antonangeli@gmail.com>
@fantonangeli
Add license to docs
b2212ac 
Signed-off-by: fantonangeli <fabrizio.antonangeli@gmail.com>
@lornakelly
Copy link

lornakelly commented Mar 10, 2026

@lornakelly are you going to review this PR?

Yes, apologies, I didnt know it needed 2 reviews, im used to one person grabbing a PR to review on first come first served basis and saw you had started review before me. I understand now and will make sure to review all future PRs as well even if someone is already reviewing

lornakelly
lornakelly approved these changes Mar 10, 2026
View reviewed changes
Copy link

@lornakelly lornakelly left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ricardozanini ricardozanini merged commit a80ebb1 into serverlessworkflow:main Mar 10, 2026
1 check passed
@fantonangeli fantonangeli deleted the issue-18-Add-GitHub-Action-to-enforce-Apache-20-license-headers-2 branch March 10, 2026 13:33
@fantonangeli fantonangeli mentioned this pull request Mar 10, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@ricardozanini ricardozanini ricardozanini approved these changes

+1 more reviewer

@lornakelly lornakelly lornakelly approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add GitHub Action to enforce Apache 2.0 license headers

4 participants

@fantonangeli @ricardozanini @lornakelly