You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@skywalking.apache.org by ke...@apache.org on 2020/12/27 06:30:50 UTC
[skywalking-eyes] branch deps updated: Add doc,
enhance Docker to allow subcommands, fix resolver
This is an automated email from the ASF dual-hosted git repository.
kezhenxu94 pushed a commit to branch deps
in repository https://gitbox.apache.org/repos/asf/skywalking-eyes.git
The following commit(s) were added to refs/heads/deps by this push:
new 2dfb83b Add doc, enhance Docker to allow subcommands, fix resolver
2dfb83b is described below
commit 2dfb83b308cb22d3bea21351574da12f7aa56f53
Author: kezhenxu94 <ke...@apache.org>
AuthorDate: Sun Dec 27 14:30:33 2020 +0800
Add doc, enhance Docker to allow subcommands, fix resolver
---
.github/workflows/license-eye-check.yaml | 2 +
.licenserc.yaml | 2 +-
action.yml | 2 +
license-eye/Dockerfile | 10 ++++-
license-eye/Makefile | 12 +++---
license-eye/README.adoc | 49 ++++++++++++++++++++++
license-eye/commands/deps.go | 4 +-
license-eye/commands/deps_resolve.go | 2 +-
license-eye/pkg/deps/golang.go | 12 +++++-
license-eye/pkg/license/identifier.go | 17 ++++++++
.../test/testdata/.licenserc_for_test_check.yaml | 4 ++
11 files changed, 102 insertions(+), 14 deletions(-)
diff --git a/.github/workflows/license-eye-check.yaml b/.github/workflows/license-eye-check.yaml
index 2bcfd23..869db6d 100644
--- a/.github/workflows/license-eye-check.yaml
+++ b/.github/workflows/license-eye-check.yaml
@@ -44,6 +44,8 @@ jobs:
- name: License Check
run: make license
+ env:
+ GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Test
run: make test
diff --git a/.licenserc.yaml b/.licenserc.yaml
index db09875..d1f6c0b 100644
--- a/.licenserc.yaml
+++ b/.licenserc.yaml
@@ -62,7 +62,7 @@ header: # `header` section is configurations for source codes license header.
paths-ignore: # `paths-ignore` are the path list that will be ignored by license-eye.
- 'dist'
- - 'licenses'
+ - 'licenses/**'
- '**/*.md'
- '**/testdata/**'
- '**/go.mod'
diff --git a/action.yml b/action.yml
index 23fe862..fe7cbd3 100644
--- a/action.yml
+++ b/action.yml
@@ -23,3 +23,5 @@ branding:
runs:
using: docker
image: license-eye/Dockerfile
+ args:
+ - header check
diff --git a/license-eye/Dockerfile b/license-eye/Dockerfile
index d4073c6..f7090f6 100644
--- a/license-eye/Dockerfile
+++ b/license-eye/Dockerfile
@@ -22,12 +22,18 @@ WORKDIR /license-eye
COPY . .
-RUN apk add make curl && make build
+RUN apk add --no-cache make curl && make build
FROM alpine:3 AS bin
COPY --from=build /license-eye/bin/linux/license-eye /bin/license-eye
+# Go
+COPY --from=build /usr/local/go/ /usr/local/go/
+ENV PATH="/usr/local/go/bin:$PATH"
+RUN apk add --no-cache gcc musl-dev
+# Go
+
WORKDIR /github/workspace/
-ENTRYPOINT /bin/license-eye header check -v debug
+ENTRYPOINT ["/bin/license-eye", "-v", "debug"]
diff --git a/license-eye/Makefile b/license-eye/Makefile
index e11f136..41e914b 100644
--- a/license-eye/Makefile
+++ b/license-eye/Makefile
@@ -27,7 +27,7 @@ GO_PATH = $(shell $(GO) env GOPATH)
GO_BUILD = $(GO) build
GO_TEST = $(GO) test
GO_LINT = $(GO_PATH)/bin/golangci-lint
-GO_BUILD_LDFLAGS = -X github.com/apache/skywalking-eyes/license-eye/commands.version=$(VERSION)
+GO_BUILD_LDFLAGS = -X github.com/apache/skywalking-eyes/$(PROJECT)/commands.version=$(VERSION)
GO_BINDATA = $(GO_PATH)/bin/go-bindata
@@ -35,8 +35,8 @@ PLATFORMS := windows linux darwin
os = $(word 1, $@)
ARCH = amd64
-RELEASE_BIN = skywalking-license-eye-$(VERSION)-bin
-RELEASE_SRC = skywalking-license-eye-$(VERSION)-src
+RELEASE_BIN = skywalking-$(PROJECT)-$(VERSION)-bin
+RELEASE_SRC = skywalking-$(PROJECT)-$(VERSION)-src
all: clean lint license test build
@@ -51,7 +51,7 @@ fix-lint:
.PHONY: license
license: clean codegen
- $(GO) run cmd/license-eye/main.go header check -c ../.licenserc.yaml
+ $(GO) run cmd/$(PROJECT)/main.go header check -c ../.licenserc.yaml
.PHONY: codegen
codegen: clean
@@ -66,14 +66,14 @@ test: clean codegen
.PHONY: $(PLATFORMS)
$(PLATFORMS):
mkdir -p $(OUT_DIR)
- GOOS=$(os) GOARCH=$(ARCH) $(GO_BUILD) $(GO_BUILD_FLAGS) -ldflags "$(GO_BUILD_LDFLAGS)" -o $(OUT_DIR)/$(os)/$(PROJECT) cmd/license-eye/main.go
+ GOOS=$(os) GOARCH=$(ARCH) $(GO_BUILD) $(GO_BUILD_FLAGS) -ldflags "$(GO_BUILD_LDFLAGS)" -o $(OUT_DIR)/$(os)/$(PROJECT) cmd/$(PROJECT)/main.go
.PHONY: build
build: codegen windows linux darwin
.PHONY: docker
docker:
- docker build . -t license-eye:latest
+ docker build . -t $(PROJECT):$(VERSION)
.PHONY: clean
clean:
diff --git a/license-eye/README.adoc b/license-eye/README.adoc
index 9118635..11e2707 100644
--- a/license-eye/README.adoc
+++ b/license-eye/README.adoc
@@ -100,6 +100,49 @@ INFO Loading configuration from file: test/testdata/.licenserc_for_test_fix.yaml
INFO Totally checked 16 files, valid: 7, invalid: 8, ignored: 1, fixed: 8
----
+==== Resolve Dependencies' licenses
+
+[source,bash]
+----
+$ bin/darwin/license-eye -c test/testdata/.licenserc_for_test_check.yaml dep resolve
+INFO GITHUB_TOKEN is not set, license-eye won't comment on the pull request
+INFO Loading configuration from file: test/testdata/.licenserc_for_test_check.yaml
+WARNING Failed to resolve the license of dependency: gopkg.in/yaml.v3 cannot identify license content
+Dependency | License
+------------------------------------------- | ------------
+github.com/bmatcuk/doublestar/v2 | MIT
+github.com/sirupsen/logrus | MIT
+golang.org/x/sys/unix | BSD-3-Clause
+github.com/spf13/cobra | Apache-2.0
+github.com/spf13/pflag | BSD-3-Clause
+vendor/golang.org/x/net/dns/dnsmessage | BSD-3-Clause
+vendor/golang.org/x/net/route | BSD-3-Clause
+golang.org/x/oauth2 | BSD-3-Clause
+golang.org/x/oauth2/internal | BSD-3-Clause
+vendor/golang.org/x/crypto/cryptobyte | BSD-3-Clause
+vendor/golang.org/x/crypto/cryptobyte/asn1 | BSD-3-Clause
+golang.org/x/net/context/ctxhttp | BSD-3-Clause
+vendor/golang.org/x/crypto/chacha20poly1305 | BSD-3-Clause
+vendor/golang.org/x/crypto/chacha20 | BSD-3-Clause
+vendor/golang.org/x/crypto/internal/subtle | BSD-3-Clause
+vendor/golang.org/x/crypto/poly1305 | BSD-3-Clause
+vendor/golang.org/x/sys/cpu | BSD-3-Clause
+vendor/golang.org/x/crypto/curve25519 | BSD-3-Clause
+vendor/golang.org/x/crypto/hkdf | BSD-3-Clause
+vendor/golang.org/x/net/http/httpguts | BSD-3-Clause
+vendor/golang.org/x/net/idna | BSD-3-Clause
+vendor/golang.org/x/text/secure/bidirule | BSD-3-Clause
+vendor/golang.org/x/text/transform | BSD-3-Clause
+vendor/golang.org/x/text/unicode/bidi | BSD-3-Clause
+vendor/golang.org/x/text/unicode/norm | BSD-3-Clause
+vendor/golang.org/x/net/http/httpproxy | BSD-3-Clause
+vendor/golang.org/x/net/http2/hpack | BSD-3-Clause
+gopkg.in/yaml.v3 | Unknown
+
+ERROR failed to identify the licenses of following packages:
+gopkg.in/yaml.v3
+----
+
== Configurations
[source,yaml]
@@ -160,6 +203,10 @@ header: # <1>
- '**/assets/assets.gen.go'
comment: on-failure # <8>
+
+dependency: # <9>
+ files: # <10>
+ - go.mod
----
<1> `header` section is configurations for source codes license header.
<2> The link:https://spdx.org/licenses/[SPDX ID] of the license, it's convenient when your license is standard SPDX license, so that you can simply specify this identifier without copying the whole license `content` or `pattern`. This will be used as the content when `fix` command needs to insert a license header.
@@ -169,6 +216,8 @@ header: # <1>
<6> `paths` are the path list that will be checked (and fixed) by license-eye, default is `['++**++']`. Formats like `++**/*.md++` and `++**/bin/**++` are supported.
<7> `paths-ignore` are the path list that will be ignored by license-eye. By default, `.git` and the content in `.gitignore` will be inflated into the `paths-ignore` list.
<8> On what condition {name} will comment the check results on the pull request, `on-failure`, `always`, `never`. Options other than `never` require the environment variable `GITHUB_TOKEN` to be set.
+<9> `dependency` section is configurations for resolving dependencies' licenses.
+<10> `files` are the files that declare the dependencies of a project, typically, `go.mo` in Go project, `pom.xml` in maven project, and `package.json` in NodeJS project. If it's a relative path, it's relative to the `.licenserc.yaml`.
NOTE: When the `SPDX-ID` is Apache-2.0 and the owner is Apache Software foundation, the content would be link:https://www.apache.org/legal/src-headers.html#headers[a dedicated license] link:https://www.apache.org/foundation/license-faq.html#Apply-My-Software[specified by the ASF], otherwise, the license would be link:https://www.apache.org/foundation/license-faq.html#Apply-My-Software[the standard one].
diff --git a/license-eye/commands/deps.go b/license-eye/commands/deps.go
index 87aadfd..cac7d08 100644
--- a/license-eye/commands/deps.go
+++ b/license-eye/commands/deps.go
@@ -22,8 +22,8 @@ import (
)
var Deps = &cobra.Command{
- Use: "deps",
- Aliases: []string{"d"},
+ Use: "dependency",
+ Aliases: []string{"d", "deps", "dep", "dependencies"},
Short: "Dependencies related commands; e.g. check, etc.",
Long: "deps command checks all dependencies of a module and their transitive dependencies.",
}
diff --git a/license-eye/commands/deps_resolve.go b/license-eye/commands/deps_resolve.go
index b493952..4969da7 100644
--- a/license-eye/commands/deps_resolve.go
+++ b/license-eye/commands/deps_resolve.go
@@ -28,7 +28,7 @@ import (
var ResolveCommand = &cobra.Command{
Use: "resolve",
Aliases: []string{"r"},
- Long: "resolves all dependencies of a go.mod file and their transitive dependencies",
+ Long: "resolves all dependencies of a module and their transitive dependencies",
RunE: func(cmd *cobra.Command, args []string) error {
report := deps.Report{}
diff --git a/license-eye/pkg/deps/golang.go b/license-eye/pkg/deps/golang.go
index cb9eac1..c198373 100644
--- a/license-eye/pkg/deps/golang.go
+++ b/license-eye/pkg/deps/golang.go
@@ -18,8 +18,11 @@
package deps
import (
+ "context"
+ "fmt"
"go/build"
"io/ioutil"
+ "os"
"path/filepath"
"regexp"
@@ -53,6 +56,10 @@ func (resolver *GoModeResolver) Resolve(goModFile string, report *Report) error
logger.Log.Debugln("Resolving module:", file.Module.Mod)
+ if err := os.Chdir(filepath.Dir(goModFile)); err != nil {
+ return err
+ }
+
requiredPkgNames := make([]string, len(file.Require))
for i, require := range file.Require {
requiredPkgNames[i] = require.Mod.Path
@@ -70,7 +77,8 @@ func (resolver *GoModeResolver) Resolve(goModFile string, report *Report) error
// ResolvePackages resolves the licenses of the given packages.
func (resolver *GoModeResolver) ResolvePackages(pkgNames []string, report *Report) error {
requiredPkgs, err := packages.Load(&packages.Config{
- Mode: packages.NeedName | packages.NeedFiles | packages.NeedCompiledGoFiles | packages.NeedImports | packages.NeedDeps,
+ Context: context.Background(),
+ Mode: packages.NeedName | packages.NeedFiles | packages.NeedCompiledGoFiles | packages.NeedImports | packages.NeedDeps,
}, pkgNames...)
if err != nil {
@@ -105,7 +113,7 @@ func (resolver *GoModeResolver) ResolvePackageLicense(p *packages.Package, repor
}
if len(filesInPkg) == 0 {
- return nil
+ return fmt.Errorf("empty package")
}
absPath, err := filepath.Abs(filesInPkg[0])
diff --git a/license-eye/pkg/license/identifier.go b/license-eye/pkg/license/identifier.go
index 9751607..a20a729 100644
--- a/license-eye/pkg/license/identifier.go
+++ b/license-eye/pkg/license/identifier.go
@@ -1,3 +1,20 @@
+//
+// Licensed to Apache Software Foundation (ASF) under one or more contributor
+// license agreements. See the NOTICE file distributed with
+// this work for additional information regarding copyright
+// ownership. Apache Software Foundation (ASF) licenses this file to you under
+// the Apache License, Version 2.0 (the "License"); you may
+// not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
package license
import (
diff --git a/license-eye/test/testdata/.licenserc_for_test_check.yaml b/license-eye/test/testdata/.licenserc_for_test_check.yaml
index d5cdec0..2821cbe 100644
--- a/license-eye/test/testdata/.licenserc_for_test_check.yaml
+++ b/license-eye/test/testdata/.licenserc_for_test_check.yaml
@@ -25,3 +25,7 @@ header:
- '**/.DS_Store'
- '**/.json'
- '**/exclude_test/**'
+
+dependency:
+ files:
+ - ../../go.mod