Add workaround for files with permissive binary licenses

Add function "has_binary_license" to check if a file has a non-permissive license contains one. PBL is not recognized by scancode,
causing it to be flagged as a non-permissive license. CI doesn't allow
any non-permissive licenses, although, files flageed as SPDX are
allowed. Workaround causes all files with a valid PBL to be flagged as
missing an SPDX.

Add condition in "has_spdx_text_in_scancode_output" to ignore any spdx
identifier with "unknown" in the name. Scancode erroneously matches PBL to matched_rule.identifer "spdx-license-identifier: unknown-spdx". This prevents the workaround from working.

Author: harrisonmutai-arm

tools/test/travis-ci/scancode-evaluate.py

@@ -65,7 +65,10 @@ def has_permissive_text_in_scancode_output(scancode_output_data_file_licenses):
 def has_spdx_text_in_scancode_output(scancode_output_data_file_licenses):
     """Returns true if at least one license in the scancode output has the spdx identifier."""
     return any(
-        'spdx' in scancode_output_data_file_license['matched_rule']['identifier']
+        ('spdx' in scancode_output_data_file_license['matched_rule']['identifier']) and not ('unknown' in
+                                                                                             scancode_output_data_file_license[
+                                                                                                 'matched_rule'][
+                                                                                                 'identifier'])
         for scancode_output_data_file_license in scancode_output_data_file_licenses
     )
 
@@ -75,6 +78,11 @@ def has_spdx_text_in_analysed_file(scanned_file_content):
     return bool(re.findall("SPDX-License-Identifier:?", scanned_file_content))
 
 
+def has_binary_license(scanned_file_content):
+    """Returns true if the file analysed by ScanCode contains a Permissive Binary License."""
+    return bool(re.findall("Permissive Binary License", scanned_file_content))
+
+
 def license_check(scancode_output_path):
     """Check licenses in the scancode json file for specified directory.
 
@@ -129,8 +137,9 @@ def license_check(scancode_output_path):
                 # Ignore files that cannot be decoded
                 # check the next file in the scancode output
                 continue
-
-            if not has_spdx_text_in_analysed_file(scanned_file_content):
+            # temporary workaround for files with Permissive Binary Licenses
+            # TODO raise issue in scancode repo to get PBL added to licenses
+            if not has_spdx_text_in_analysed_file(scanned_file_content) or has_binary_license(scanned_file_content):
                 scancode_output_data_file['fail_reason'] = MISSING_SPDX_TEXT
                 spdx_offenders.append(scancode_output_data_file)
 

tools/test/travis-ci/scancode_evaluate_test.py

@@ -34,22 +34,36 @@
  * limitations under the License.\
  */"
 
+BINARY_HEADER = "/*\
+ * Copyright (c) 2019, Arm Limited, All Rights Reserved\
+ * SPDX-License-Identifier: LicenseRef-PBL\
+ *\
+ * This file and the related binary are licensed under the\
+ * Permissive Binary License, Version 1.0 (the \"License\");\
+ * you may not use these files except in compliance with the License.\
+ *\
+ */"
+
 @pytest.fixture()
 def create_scanned_files():
     """Create stub files.
     test3.h missing license notice
     test4.h with license notice
     test5.h with license notice
+    test6.h with permissive binary license
     """
     file_paths = [
         os.path.join(STUBS_PATH, "test3.h"),
         os.path.join(STUBS_PATH, "test4.h"),
-        os.path.join(STUBS_PATH, "test5.h")
+        os.path.join(STUBS_PATH, "test5.h"),
+        os.path.join(STUBS_PATH, "test6.h")
     ]
     for file_path in file_paths:
         with open(file_path, "w") as new_file:
             if file_path in [os.path.join(STUBS_PATH, "test3.h")]:
                 new_file.write(HEADER_WITHOUT_SPDX)
+            elif file_path in [os.path.join(STUBS_PATH, "test6.h")]:
+                new_file.write(BINARY_HEADER)
             else:
                 new_file.write(HEADER_WITH_SPDX)
     yield
@@ -81,10 +95,11 @@ def test_missing_license_permissive_license_and_spdx(self, create_scanned_files)
             test3.h: Missing `Permissive` license text and `spdx` in match.identifier and not in file tested by ScanCode (error count += 1)
             test4.h: Missing `Permissive` license text and `spdx` in match.identifier but found in file tested by ScanCode (error count += 1)
             test5.h: Missing `spdx` in match.identifier but found in file tested by ScanCode. (error count += 0)
+            test6.h: Matching 'unknown-spdx' in match.identifier and Permissive Binary License in header (error count += 1)
             @inputs scancode_test/scancode_test_2.json
             @output 3
         """
-        assert license_check(os.path.join(STUBS_PATH, "scancode_test_3.json")) == 3
+        assert license_check(os.path.join(STUBS_PATH, "scancode_test_3.json")) == 4
 
     def test_permissive_license_no_spdx(self, create_scanned_files):
         """ Multiple `Permissive` licenses in one file but none with `spdx` in

tools/test/travis-ci/scancode_test/scancode_test_3.json

@@ -170,6 +170,50 @@
       ],
       "scan_errors":[
 
+      ]
+   },
+     {
+      "path":"tools/test/travis-ci/scancode_test/test6.h",
+      "type":"file",
+      "licenses":[
+         {
+            "key": "unknown-spdx",
+            "score": 100.0,
+             "name": "Unknown SPDX license detected but not recognized",
+             "short_name": "unknown SPDX",
+             "category": "Unstated License",
+             "is_exception": false,
+             "owner": "Unspecified",
+             "homepage_url": null,
+             "text_url": "",
+             "reference_url": "https://enterprise.dejacode.com/urn/urn:dje:license:unknown-spdx",
+             "spdx_license_key": null,
+             "spdx_url": "",
+             "start_line": 3,
+             "end_line": 3,
+             "matched_rule": {
+               "identifier": "spdx-license-identifier: unknown-spdx",
+               "license_expression": "unknown-spdx",
+               "licenses": [
+                 "unknown-spdx"
+               ],
+               "is_license_text": false,
+               "is_license_notice": false,
+               "is_license_reference": false,
+               "is_license_tag": true,
+               "matcher": "1-spdx-id",
+               "rule_length": 1,
+               "matched_length": 1,
+               "match_coverage": 100.0,
+               "rule_relevance": 100
+          }
+         }
+      ],
+      "license_expressions":[
+         "unknown-spdx"
+      ],
+      "scan_errors":[
+
       ]
    }
   ]