mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-01-03 20:01:01 -05:00
c1f9d86cd3
* explicitly ignore pkgs for cleaner output * do not ignore but redirect stderr * silent env var to silent stderr * add silent env var to vuln,lint,tf * fix golangci silent * Update bazel/ci/terraform.sh.in Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com> * Update bazel/ci/golicenses.sh.in Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com> * Update bazel/ci/govulncheck.sh.in Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com> * Update bazel/ci/golangci_lint.sh.in Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com> --------- Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
100 lines
1.8 KiB
Bash
100 lines
1.8 KiB
Bash
#!/usr/bin/env bash
|
|
|
|
# Compare licenses of Go dependencies against a whitelist.
|
|
|
|
###### script header ######
|
|
|
|
lib=$(realpath @@BASE_LIB@@) || exit 1
|
|
stat "${lib}" >> /dev/null || exit 1
|
|
|
|
# shellcheck source=../sh/lib.bash
|
|
if ! source "${lib}"; then
|
|
echo "Error: could not find import"
|
|
exit 1
|
|
fi
|
|
|
|
go=$(realpath @@GO@@)
|
|
stat "${go}" >> /dev/null
|
|
golicenses=$(realpath @@GO_LICENSES@@)
|
|
stat "${golicenses}" >> /dev/null
|
|
|
|
cd "${BUILD_WORKSPACE_DIRECTORY}"
|
|
|
|
###### script body ######
|
|
|
|
not_allowed() {
|
|
echo "license not allowed for package: ${line}"
|
|
err=1
|
|
}
|
|
|
|
license_report() {
|
|
PATH="$(dirname "${go}"):${PATH}" \
|
|
GOROOT=$(${go} env GOROOT) \
|
|
GOPATH=$(${go} env GOPATH) \
|
|
GOCACHE=$(${go} env GOCACHE) \
|
|
${golicenses} report ./... | {
|
|
while read -r line; do
|
|
|
|
pkg=${line%%,*}
|
|
lic=${line##*,}
|
|
|
|
case ${lic} in
|
|
Apache-2.0 | BSD-2-Clause | BSD-3-Clause | ISC | MIT) ;;
|
|
|
|
MPL-2.0)
|
|
case ${pkg} in
|
|
github.com/siderolabs/talos/pkg/machinery/config/encoder) ;;
|
|
|
|
github.com/letsencrypt/boulder) ;;
|
|
|
|
github.com/hashicorp/*) ;;
|
|
|
|
*)
|
|
not_allowed
|
|
;;
|
|
esac
|
|
;;
|
|
|
|
AGPL-3.0)
|
|
case ${pkg} in
|
|
github.com/edgelesssys/constellation/v2) ;;
|
|
|
|
github.com/edgelesssys/constellation/v2/operators/constellation-node-operator/v2/api/v1alpha1) ;;
|
|
|
|
*)
|
|
not_allowed
|
|
;;
|
|
esac
|
|
;;
|
|
|
|
Unknown)
|
|
case ${pkg} in
|
|
github.com/edgelesssys/go-tdx-qpl/*) ;;
|
|
|
|
*)
|
|
not_allowed
|
|
;;
|
|
esac
|
|
;;
|
|
|
|
*)
|
|
echo "unknown license: ${line}"
|
|
err=1
|
|
;;
|
|
esac
|
|
|
|
done
|
|
exit "${err}"
|
|
}
|
|
}
|
|
|
|
${go} mod download
|
|
|
|
err=0
|
|
|
|
if test -v SILENT; then
|
|
license_report 2> /dev/null
|
|
else
|
|
license_report
|
|
fi
|