From bfe6e346bdd9bd5adf40e1e2956127d5577d3afd Mon Sep 17 00:00:00 2001 From: Alexander Wels Date: Fri, 21 Oct 2022 08:46:27 -0500 Subject: [PATCH] Add fossa check for licenses. (#2389) Signed-off-by: Alexander Wels Signed-off-by: Alexander Wels --- .fossa.yml | 72 +++++++++++++++++++++++++++++++++++++++++++++ Makefile | 6 +++- go.mod | 1 + go.sum | 2 +- hack/ci/language.sh | 1 + hack/fossa.sh | 8 +++++ vendor/modules.txt | 1 + 7 files changed, 89 insertions(+), 2 deletions(-) create mode 100644 .fossa.yml create mode 100755 hack/fossa.sh diff --git a/.fossa.yml b/.fossa.yml new file mode 100644 index 0000000000..c11eb1f16c --- /dev/null +++ b/.fossa.yml @@ -0,0 +1,72 @@ +# Generated by FOSSA CLI (https://github.com/fossas/fossa-cli) +# Visit https://fossa.com to learn more + +version: 3 +cli: + server: https://app.fossa.com + project: + id: git@github.com:kubevirt/containerized-data-importer.git + name: containerized-data-importer + team: KubeVirt +targets: + exclude: + - type: gradle + - type: npm + - type: rpm +paths: + exclude: + - cluster-up + - staging + +analyze: + modules: + - name: cdi-apiserver + type: go + target: 'kubevirt.io/containerized-data-importer/cmd/cdi-apiserver' + path: cmd/cdi-apiserver + options: + modules-vendor: true + strategy: gomodules + - name: cdi-cloner + type: go + target: 'kubevirt.io/containerized-data-importer/cmd/cdi-cloner' + path: cmd/cdi-cloner + options: + modules-vendor: true + strategy: gomodules + - name: cdi-controller + type: go + target: 'kubevirt.io/containerized-data-importer/cmd/cdi-controller' + path: cmd/cdi-controller + options: + modules-vendor: true + strategy: gomodules + - name: cdi-importer + type: go + target: 'kubevirt.io/containerized-data-importer/cmd/cdi-importer' + path: cmd/cdi-importer + options: + modules-vendor: true + strategy: gomodules + - name: cdi-operator + type: go + target: 'kubevirt.io/containerized-data-importer/cmd/cdi-operator' + path: cmd/cdi-operator + options: + modules-vendor: true + strategy: gomodules + - name: cdi-uploadproxy + type: go + target: 'kubevirt.io/containerized-data-importer/cmd/cdi-uploadproxy' + path: cmd/cdi-uploadproxy + options: + modules-vendor: true + strategy: gomodules + - name: cdi-uploadserver + type: go + target: 'kubevirt.io/containerized-data-importer/cmd/cdi-uploadserver' + path: cmd/cdi-uploadserver + options: + modules-vendor: true + strategy: gomodules + diff --git a/Makefile b/Makefile index e23e08eecf..1206fa31ed 100644 --- a/Makefile +++ b/Makefile @@ -20,7 +20,8 @@ format \ goveralls \ release-description \ - bazel-generate bazel-build bazel-build-images bazel-push-images + bazel-generate bazel-build bazel-build-images bazel-push-images \ + fossa DOCKER?=1 ifeq (${DOCKER}, 1) @@ -159,6 +160,9 @@ generate-doc: build-docgen build-docgen: ${DO_BAZ} "BUILD_ARCH=${BUILD_ARCH} ./hack/build/bazel-build-metricsdocs.sh" +fossa: + ${DO_BAZ} "FOSSA_TOKEN_FILE=${FOSSA_TOKEN_FILE} ./hack/fossa.sh" + help: @echo "Usage: make [Targets ...]" @echo " all " diff --git a/go.mod b/go.mod index 0689c6131a..742b7774df 100644 --- a/go.mod +++ b/go.mod @@ -145,6 +145,7 @@ require ( replace ( github.com/aws/aws-sdk-go => github.com/aws/aws-sdk-go v1.15.77 + github.com/chzyer/logex => github.com/chzyer/logex v1.2.1 github.com/openshift/api => github.com/openshift/api v0.0.0-20211217221424-8779abfbd571 github.com/openshift/client-go => github.com/openshift/client-go v0.0.0-20211209144617-7385dd6338e3 github.com/openshift/library-go => github.com/mhenriks/library-go v0.0.0-20211221173158-d6e4bcc60f0a diff --git a/go.sum b/go.sum index 9d1f9f604a..4bd232f430 100644 --- a/go.sum +++ b/go.sum @@ -198,7 +198,7 @@ github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XL github.com/checkpoint-restore/go-criu/v4 v4.1.0/go.mod h1:xUQBLp4RLc5zJtWY++yjOoMoB5lihDt7fai+75m+rGw= github.com/checkpoint-restore/go-criu/v5 v5.0.0/go.mod h1:cfwC0EG7HMUenopBsUf9d89JlCLQIfgVcNsNN0t6T2M= github.com/checkpoint-restore/go-criu/v5 v5.3.0/go.mod h1:E/eQpaFtUKGOOSEBZgmKAcn+zUUwWxqcaKZlF54wK8E= -github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= +github.com/chzyer/logex v1.2.1/go.mod h1:JLbx6lG2kDbNRFnfkgvh4eRJRPX1QCoOIWomwysCBrQ= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= github.com/cilium/ebpf v0.0.0-20200110133405-4032b1d8aae3/go.mod h1:MA5e5Lr8slmEg9bt0VpxxWqJlO4iwu3FBdHUzV7wQVg= diff --git a/hack/ci/language.sh b/hack/ci/language.sh index 8da2f6ed39..6693c07314 100755 --- a/hack/ci/language.sh +++ b/hack/ci/language.sh @@ -16,6 +16,7 @@ VIOLATIONS=$(git grep -iI -E $PHRASES -- \ ':!*generated*' \ ':!*swagger.json*' \ ':!hack/ci/language.sh' \ + ':!hack/fossa.sh' \ "${CDI_DIR}" | grep -v \ -e 'ekalinin/github-markdown-toc' \ diff --git a/hack/fossa.sh b/hack/fossa.sh new file mode 100755 index 0000000000..97ec7181e5 --- /dev/null +++ b/hack/fossa.sh @@ -0,0 +1,8 @@ +#!/usr/bin/env bash + +set -euo pipefail + +curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash +FOSSA_API_KEY="$(cat $FOSSA_TOKEN_FILE)" fossa analyze +FOSSA_API_KEY="$(cat $FOSSA_TOKEN_FILE)" fossa test --timeout=1800 + diff --git a/vendor/modules.txt b/vendor/modules.txt index 126ab97616..123000a62a 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1265,6 +1265,7 @@ sigs.k8s.io/structured-merge-diff/v4/value ## explicit; go 1.12 sigs.k8s.io/yaml # github.com/aws/aws-sdk-go => github.com/aws/aws-sdk-go v1.15.77 +# github.com/chzyer/logex => github.com/chzyer/logex v1.2.1 # github.com/openshift/api => github.com/openshift/api v0.0.0-20211217221424-8779abfbd571 # github.com/openshift/client-go => github.com/openshift/client-go v0.0.0-20211209144617-7385dd6338e3 # github.com/openshift/library-go => github.com/mhenriks/library-go v0.0.0-20211221173158-d6e4bcc60f0a