diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index bcd087f62..43f593cbc 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -46,6 +46,16 @@ jobs: - name: Check License Headers uses: kt3k/license_checker@v1.0.6 + licenses: + name: Dependency Licenses + runs-on: ubuntu-latest + steps: + - name: Check out the repository + uses: actions/checkout@v2 + + - name: Check the licenses + run: make licensecheck + markdown-link-check: name: Markdown Links (modified files) runs-on: ubuntu-latest diff --git a/.lichen.yaml b/.lichen.yaml new file mode 100644 index 000000000..b01245837 --- /dev/null +++ b/.lichen.yaml @@ -0,0 +1,26 @@ +# Licenses other than Apache-2.0 are governed by +# https://github.com/cncf/foundation/blob/master/allowed-third-party-license-policy.md#approved-licenses-for-allowlist +# Note that Allowlist also requires that projects were created +# on GitHub at least 12 months prior and have at least 10 stars +# or 10 forks +allow: + - "Apache-2.0" + - "BSD-2-Clause" + - "BSD-2-Clause-FreeBSD" + - "BSD-3-Clause" + - "MIT" + - "ISC" + - "Python-2.0" + - "PostgreSQL" + - "X11" + - "Zlib" + +override: + - path: "github.com/rdegges/go-ipify" + licenses: ["Unlicense"] + +# https://github.com/cncf/foundation/tree/master/license-exceptions +exceptions: + licenseNotPermitted: + - path: "github.com/hashicorp/golang-lru" + licenses: ["MPL-2.0"] diff --git a/Dockerfile.dapper b/Dockerfile.dapper index f169d4f96..3ae748fce 100644 --- a/Dockerfile.dapper +++ b/Dockerfile.dapper @@ -11,7 +11,8 @@ ENV PROTOC_VERSION=3.15.5 RUN curl -LO https://github.com/protocolbuffers/protobuf/releases/download/v3.15.5/protoc-${PROTOC_VERSION}-linux-x86_64.zip && \ unzip protoc-${PROTOC_VERSION}-linux-x86_64.zip -d /usr/local && \ rm -f protoc-${PROTOC_VERSION}-linux-x86_64.zip && \ - GO111MODULE=off go get google.golang.org/protobuf/cmd/protoc-gen-go + GO111MODULE=off go get google.golang.org/protobuf/cmd/protoc-gen-go && \ + GO111MODULE=off go get github.com/uw-labs/lichen WORKDIR ${DAPPER_SOURCE} diff --git a/Makefile b/Makefile index 177a5cb47..5d8f65a82 100644 --- a/Makefile +++ b/Makefile @@ -81,16 +81,21 @@ comma := , # so "make images ARCHES=arm" will build a linux/arm/v7 image ARCHES ?= amd64 BINARIES = submariner-gateway submariner-route-agent submariner-globalnet submariner-networkplugin-syncer +ARCH_BINARIES := $(foreach arch,$(subst $(comma),$(space),$(ARCHES)),$(foreach binary,$(BINARIES),bin/linux/$(call gotodockerarch,$(arch))/$(binary))) IMAGES_ARGS = --platform $(subst $(space),$(comma),$(foreach arch,$(subst $(comma),$(space),$(ARCHES)),linux/$(call gotodockerarch,$(arch)))) -build: $(foreach arch,$(subst $(comma),$(space),$(ARCHES)),$(foreach binary,$(BINARIES),bin/linux/$(call gotodockerarch,$(arch))/$(binary))) +build: $(ARCH_BINARIES) + +licensecheck: BUILD_ARGS=--debug +licensecheck: $(ARCH_BINARIES) + lichen -c .lichen.yaml $(ARCH_BINARIES) ci: validate unit build images $(TARGETS): vendor/modules.txt ./scripts/$@ -.PHONY: $(TARGETS) build ci images unit validate +.PHONY: $(TARGETS) build ci images unit validate licensecheck else