github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-09-14 13:45:06 +00:00
Code Issues Projects Releases Wiki Activity

Fix license verification script

Browse Source
This commit is contained in:
Davanum Srinivas
2024-01-25 03:47:09 +00:00
parent 1ad143177c
commit 9b96ab46ee
1 changed files with 6 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
hack/verify-licenses.sh
View File

@@ -46,7 +46,6 @@ function http_code() {
curl -I -s -o /dev/null -w "%{http_code}" "$1" curl -I -s -o /dev/null -w "%{http_code}" "$1"
} }
allowed_licenses=()
packages_flagged=() packages_flagged=()
packages_url_missing=() packages_url_missing=()
exit_code=0 exit_code=0
@@ -60,17 +59,15 @@ go install github.com/google/go-licenses@latest
curl -s 'https://spdx.org/licenses/licenses.json' -o "${KUBE_TEMP}"/licenses.json curl -s 'https://spdx.org/licenses/licenses.json' -o "${KUBE_TEMP}"/licenses.json
echo '[INFO] Fetching current list of CNCF approved licenses...' echo '[INFO] Fetching current list of CNCF approved licenses...'
while read -r L; do jq -r '.licenses[] | select(.isDeprecatedLicenseId==false) .licenseId' /tmp/licenses.json | sort | uniq > "${KUBE_TEMP}"/licenses.txt
allowed_licenses+=("${L}")
done < <(jq -r '.licenses[] | select(.isDeprecatedLicenseId==false) .licenseId' "${KUBE_TEMP}"/licenses.json)
# Scanning go-packages under the project & verifying against the CNCF approved list of licenses # Scanning go-packages under the project & verifying against the CNCF approved list of licenses
echo '[INFO] Starting license scan on go-packages...' echo '[INFO] Starting license scan on go-packages...'
go-licenses report ./... >> "${KUBE_TEMP}"/licenses.csv go-licenses report ./... >> "${KUBE_TEMP}"/licenses.csv 2>"${KUBE_TEMP}"/go-licenses.log
echo -e 'PACKAGE_NAME LICENSE_NAME LICENSE_URL\n' >> "${KUBE_TEMP}"/approved_licenses.dump echo -e 'PACKAGE_NAME LICENSE_NAME LICENSE_URL\n' >> "${KUBE_TEMP}"/approved_licenses.dump
while IFS=, read -r GO_PACKAGE LICENSE_URL LICENSE_NAME; do while IFS=, read -r GO_PACKAGE LICENSE_URL LICENSE_NAME; do
if ! printf -- "%s\n" "${allowed_licenses[@]}" | grep -q "^${LICENSE_NAME}$"; then if ! grep -q "^${LICENSE_NAME}$" "${KUBE_TEMP}"/licenses.txt; then
echo "${GO_PACKAGE} ${LICENSE_NAME} ${LICENSE_URL}" >> "${KUBE_TEMP}"/notapproved_licenses.dump echo "${GO_PACKAGE} ${LICENSE_NAME} ${LICENSE_URL}" >> "${KUBE_TEMP}"/notapproved_licenses.dump
packages_flagged+=("${GO_PACKAGE}") packages_flagged+=("${GO_PACKAGE}")
continue continue
@@ -125,13 +122,13 @@ fi
if [[ ${#packages_flagged[@]} -gt 0 ]]; then if [[ ${#packages_flagged[@]} -gt 0 ]]; then
kube::log::error "[ERROR] The following go-packages in the project are using non-CNCF approved licenses. Please refer to the CNCF's approved licence list for further information: https://github.com/cncf/foundation/blob/main/allowed-third-party-license-policy.md" echo -e "\n[ERROR] The following go-packages in the project are using non-CNCF approved licenses. Please refer to the CNCF's approved licence list for further information: https://github.com/cncf/foundation/blob/main/allowed-third-party-license-policy.md"
awk '{ printf "%-100s : %-20s : %s\n", $1, $2, $3 }' "${KUBE_TEMP}"/notapproved_licenses.dump awk '{ printf "%-100s : %-20s : %s\n", $1, $2, $3 }' "${KUBE_TEMP}"/notapproved_licenses.dump
exit_code=1 exit_code=1
elif [[ "${exit_code}" -eq 1 ]]; then elif [[ "${exit_code}" -eq 1 ]]; then
kube::log::status "[ERROR] Project is using go-packages with unknown or unreachable license URLs. Please refer to the CNCF's approved licence list for further information: https://github.com/cncf/foundation/blob/main/allowed-third-party-license-policy.md" echo -e "\n[ERROR] Project is using go-packages with unknown or unreachable license URLs. Please refer to the CNCF's approved licence list for further information: https://github.com/cncf/foundation/blob/main/allowed-third-party-license-policy.md"
else else
kube::log::status "[SUCCESS] Scan complete! All go-packages under the project are using current CNCF approved licenses!" echo -e "\n[SUCCESS] Scan complete! All go-packages under the project are using current CNCF approved licenses!"
fi fi
exit "${exit_code}" exit "${exit_code}"