fix: update license check

[lockwobr]

Summary

Make ci use the same logic for check.

Type of Change

• Bug fix (non-breaking change that fixes an issue)
• New feature (non-breaking change that adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Documentation update
• Refactoring (no functional changes)
• Build/CI/tooling

Component(s) Affected

• CLI (cmd/aicr, pkg/cli)
• API server (cmd/aicrd, pkg/api, pkg/server)
• Recipe engine / data (pkg/recipe)
• Bundlers (pkg/bundler, pkg/component/*)
• Collectors / snapshotter (pkg/collector, pkg/snapshotter)
• Validator (pkg/validator)
• Core libraries (pkg/errors, pkg/k8s)
• Docs/examples (docs/, examples/)
• Other: ____________

Implementation Notes

Testing

# Commands run (prefer `make qualify` for non-trivial changes)
make qualify

Risk Assessment

• Low — Isolated change, well-tested, easy to revert
• Medium — Touches multiple components or has broader impact
• High — Breaking change, affects critical paths, or complex rollout

Rollout notes:

Checklist

• Tests pass locally (make test with -race)
• Linter passes (make lint)
• I did not skip/disable tests to make CI green
• I added/updated tests for new functionality
• I updated docs if user-facing behavior changed
• Changes follow existing patterns in the codebase
• Commits are cryptographically signed (git commit -S) — GPG signing info

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Enterprise

Run ID: e946f7a2-a6dc-48b7-b5a0-451262aae1e4

📥 Commits

Reviewing files that changed from the base of the PR and between ca69ca8 and e24c48e.

📒 Files selected for processing (2)

• .github/workflows/merge-gate.yaml
• Makefile

---

📝 Walkthrough

Walkthrough

The workflow .github/workflows/merge-gate.yaml no longer invokes go-licenses check inline and instead calls the repository make license-check target; job conditions and aggregation remain unchanged. The Makefile's license-check target continues to run go-licenses check with the same allowed licenses and ignore entries, with only the CLI syntax for the ignore flag changed from --ignore <value> to --ignore=<value>.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

• fix: update license check #712: Modifies the repository's license-check behavior and Makefile license-check configuration.

🚥 Pre-merge checks | ✅ 4

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'fix: update license check' directly relates to the main changeset, which updates license checking logic in both the CI workflow and Makefile to ensure consistent behavior.
Description check	✅ Passed	The description 'Make ci use the same logic for check' is related to the changeset, which consolidates license checking by delegating from CI workflow to the Makefile target.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/bad-check

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@Makefile`:
- Around line 164-165: The Makefile contains --ignore flags for
github.com/hashicorp/go-cleanhttp and github.com/hashicorp/go-retryablehttp
which bypass the license gate; remove those
--ignore=github.com/hashicorp/go-cleanhttp,github.com/hashicorp/go-retryablehttp
entries or instead add MPL-2.0 to the --allowed_licenses list (the
--allowed_licenses and --ignore flags are the unique symbols to edit) so the
license check is not circumvented and the MPL-2.0-licensed modules are handled
explicitly.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Enterprise

Run ID: a71c8e25-e30a-4b5e-b670-86198f048567

📥 Commits

Reviewing files that changed from the base of the PR and between 0a04439 and ca69ca8.

📒 Files selected for processing (2)

• .github/workflows/merge-gate.yaml
• Makefile

[github-actions]

Coverage Report ✅

Metric	Value
Coverage	75.2%
Threshold	70%
Status	Pass

Coverage Badge

![Coverage](https://img.shields.io/badge/coverage-75.2%25-green)

No Go source files changed in this PR.