Commit 2ec2d27b authored by thc's avatar thc

initial upload

parent e3662360
oss-review-toolkit
.idea
\ No newline at end of file
# licensechecker
licensechecker
==============
wrapper for the oss-review-tool. becomes a fire and forget application
\ No newline at end of file
Overview
--------
### Desciption ###
Uses the [OSR](https://github.com/heremaps/oss-review-toolkit) to check for inherent licenses in a given project. Compares them to a given target license that you want so put on the given project.
### Requirements ###
From [OSR](https://github.com/heremaps/oss-review-toolkit/blob/master/docs/GettingStarted.md):
In addition to Java (version >= 8), for some of the supported package managers and Version Control Systems additional
tools need to be installed. In the context of this tutorial the following tools are required:
* Git (any recent version will do)
* [Node.js](https://nodejs.org) 8.*
* [NPM](https://www.npmjs.com) 5.5.* - 6.4.*
* [Yarn](https://yarnpkg.com) 1.9.* - 1.17.*
### Running ###
run will use the oss review toolkit by heremaps
https://github.com/heremaps/oss-review-toolkit
it expects the docker daemon running
make sure to se the env variables to a place outside the project
// Use this rule like:
//
// $ ort evaluate -i scanner/src/funTest/assets/file-counter-expected-output-for-analyzer-result.yml --rules-resource /rules/no_gpl_declared.kts
// Define a custom rule matcher.
fun PackageRule.LicenseRule.isGpl() =
object : RuleMatcher {
override val description = "isGpl($license)"
override fun matches() = license.contains("GPL")
}
// Define the rule set.
val ruleSet = ruleSet(ortResult) {
// Define a rule that is executed for each package.
packageRule("NO_GPL") {
// Define a rule that is executed for each license of the package.
licenseRule("NO_GPL", LicenseView.All) {
require {
+isGpl()
}
error(
"The package '${pkg.id.toCoordinates()}' has the ${licenseSource.name} license '$license'.",
"Remove the dependency on this package."
)
}
}
}
// Populate the list of errors to return.
ruleViolations += ruleSet.violations
\ No newline at end of file
#!/usr/bin/env bash
# change to path of this script
cd $( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )
# path were ort is downloaded to
ORT=$PWD/oss-review-toolkit
# path back to this files folder relative from $ORT
PROJECT=$(readlink -f "$1")
# license to check against
TARGETLICENSE=$2
if ! [ -d "$PROJECT" ]; then
echo "Error: project directory not found"
exit 1
fi
if ! [ -f rulesets/"$TARGETLICENSE".kts ]; then
echo "Error: targeted license not found"
echo "available licenses:"
for file in rulesets/*.kts; do
echo "$(basename "$file")" | cut -f 1 -d '.'
done
exit 1
fi
## clear ort dir if not empty
rm -rf "$ORT"
## download ort
git clone --recurse-submodules https://github.com/heremaps/oss-review-toolkit.git $ORT
## copy own rulesets
cp rulesets/"$TARGETLICENSE".kts "$ORT"/evaluator/src/main/resources/rules
## build ort docker version
cd $ORT
./docker/build.sh
#
## run analyzer
docker/run.sh "-v $PROJECT:/project" --info analyze --allow-dynamic-versions -i /project -o /project/meta/inherent_licenses/ort/analyzer
## run scanner
docker/run.sh "-v $PROJECT:/project" --info scan --scopes devDependencies -a /project/meta/inherent_licenses/ort/analyzer/analyzer-result.yml -o /project/meta/inherent_licenses/ort/scanner
## run evaluator
docker/run.sh "-v $PROJECT:/project" --info evaluate --rules-resource rules/"$TARGETLICENSE".kts -i /project/meta/inherent_licenses/ort/scanner/scan-result.yml -o /project/meta/inherent_licenses/ort/evaluator
## run reporter
docker/run.sh "-v $PROJECT:/project" --info report -f StaticHtml,Notice,Excel,WebApp -i /project/meta/inherent_licenses/ort/evaluator/evaluation-result.yml -o /project/meta/inherent_licenses/ort/reporter
#
## clean up tmp files from ort
mv -f "$PROJECT"/meta/inherent_licenses/ort/reporter/scan-report.html "$PROJECT"/meta/inherent_licenses/"$TARGETLICENSE"_compatibility_static.html
mv -f "$PROJECT"/meta/inherent_licenses/ort/reporter/scan-report-web-app.html "$PROJECT"/meta/inherent_licenses/"$TARGETLICENSE"_compatibility_app.html
mv -f "$PROJECT"/meta/inherent_licenses/ort/reporter/scan-report.xlsx "$PROJECT"/meta/inherent_licenses/"$TARGETLICENSE"_compatibility.xlsx
mv -f "$PROJECT"/meta/inherent_licenses/ort/reporter/NOTICE "$PROJECT"/meta/inherent_licenses/"$TARGETLICENSE"_compatibility.txt
rm -rf "$PROJECT"/meta/inherent_licenses/ort
#
##leave note
echo 'generated by https://gitext.gfz-potsdam.de/mdolling/licensechecker' > "$PROJECT"/meta/inherent_licenses/readme
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment