[ci] Fix check-licenses (#1208)

* [DNM] Debug check-licenses

* fix gha

* add permissions

* add install

* add debug

* try one path

* run for each repo

* rm check d labels

* run 3 in parallel

* try fail-fast: false

* fix gitlab pipeline

.github/workflows/check-D-labels.yml

@@ -1,54 +0,0 @@
-# name: Check D labels
-# disabled in favor of pr-custom-review
-
-# on:
-#   pull_request:
-#     types: [labeled, opened, synchronize, unlabeled]
-#     paths:
-#       - cumulus/primitives/**
-#       - polkadot/runtime/polkadot/**
-#       - polkadot/runtime/kusama/**
-#       - polkadot/runtime/common/**
-#       - polkadot/primitives/src/**
-#       - substrate/frame/**
-#       - substrate/primitives/**
-
-# jobs:
-#   check-labels:
-#     runs-on: ubuntu-latest
-#     steps:
-#       - name: Pull image
-#         env:
-#           IMAGE: paritytech/ruled_labels:0.4.0
-#         run: docker pull $IMAGE
-
-#       - name: Check labels
-#         env:
-#           IMAGE: paritytech/ruled_labels:0.4.0
-#           MOUNT: /work
-#           GITHUB_PR: ${{ github.event.pull_request.number }}
-#           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-#           API_BASE: https://api.github.com/repos
-#           REPO: ${{ github.repository }}
-#           RULES_PATH: labels/ruled_labels
-#           CHECK_SPECS: specs_cumulus.yaml
-#         run: |
-#           echo "REPO: ${REPO}"
-#           echo "GITHUB_PR: ${GITHUB_PR}"
-#           # Clone repo with labels specs
-#           git clone https://github.com/paritytech/labels
-#           # Fetch the labels for the PR under test
-#           labels=$( curl -H "Authorization: token ${GITHUB_TOKEN}" -s "$API_BASE/${REPO}/pulls/${GITHUB_PR}" | jq '.labels | .[] | .name' | tr "\n" ",")
-
-#           if [ -z "${labels}" ]; then
-#             docker run --rm -i -v $PWD/${RULES_PATH}/:$MOUNT $IMAGE check $MOUNT/$CHECK_SPECS --tags audit --no-label
-#           fi
-
-#           labels_args=${labels: :-1}
-#           printf "Checking labels: %s\n" "${labels_args}"
-
-#           # Prevent the shell from splitting labels with spaces
-#           IFS=","
-
-#           # --dev is more useful to debug mode to debug
-#           docker run --rm -i -v $PWD/${RULES_PATH}/:$MOUNT $IMAGE check $MOUNT/$CHECK_SPECS --labels ${labels_args} --dev --tags audit

.github/workflows/check-licenses.yml

@@ -3,22 +3,32 @@ name: Check licenses
 on:
   pull_request:
 
+permissions:
+  packages: read
+
 jobs:
   check-licenses:
     runs-on: ubuntu-22.04
+    strategy:
+      fail-fast: false
+      matrix:
+        repo: [polkadot, substrate, cumulus]
     steps:
       - name: Checkout sources
         uses: actions/checkout@v3
       - uses: actions/setup-node@v3.8.1
         with:
-          node-version: '18.x'
-          registry-url: 'https://npm.pkg.github.com'
-          scope: '@paritytech'
-      - name: Check the licenses
+          node-version: "18.x"
+          registry-url: "https://npm.pkg.github.com"
+          scope: "@paritytech"
+      - name: Check the licenses for ${{ matrix.repo }}
         run: |
           shopt -s globstar
-
-          npx --yes https://github.com/paritytech/license-scanner scan \
+          echo "install"
+          npm install -g @paritytech/license-scanner@0.0.5
+          echo "run for ${{ matrix.repo }}"
+          cd ${{ matrix.repo }}
+          npx @paritytech/license-scanner scan \
             --ensure-licenses=Apache-2.0 \
             --ensure-licenses=GPL-3.0-only \
             ./**/*.rs