Make mostly reuse conformant (#502)
* Add .license files.
* Update README.
* Normalize licenses test.
* Add reuse GHA.
* Add blanket rule for changelog fragments.
* Add .license file for vendored third-party certificates.
* Fix workflow's permissions.
* Revert "Add .license file for vendored third-party certificates."
This reverts commit 35e106867c.
* Make reuse lint test optional.
* Add exceptions.
* Update README.
* Improve reuse test.
pull/511/head
Felix Fontein
GitHub
parent
152c5422f1
commit
95626abdd3
|
|
@ -0,0 +1,34 @@
|
|||
---
|
||||
# Copyright (c) Ansible Project
|
||||
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
name: Verify REUSE
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [main]
|
||||
pull_request:
|
||||
branches: [main]
|
||||
# Run CI once per day (at 04:45 UTC)
|
||||
schedule:
|
||||
- cron: '45 4 * * *'
|
||||
|
||||
jobs:
|
||||
check:
|
||||
permissions:
|
||||
contents: read
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
|
||||
- name: Install dependencies
|
||||
run: |
|
||||
pip install reuse
|
||||
|
||||
- name: Check REUSE compliance (except some PEM files)
|
||||
run: |
|
||||
rm -f tests/integration/targets/*/files/*.pem
|
||||
rm -f tests/integration/targets/*/files/roots/*.pem
|
||||
reuse lint
|
||||
|
|
@ -0,0 +1,5 @@
|
|||
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
|
||||
|
||||
Files: changelogs/fragments/*
|
||||
Copyright: Ansible Project
|
||||
License: GPL-3.0-or-later
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-FileCopyrightText: Ansible Project
|
||||
|
|
@ -120,4 +120,4 @@ See [LICENSES/GPL-3.0-or-later.txt](https://github.com/ansible-collections/commu
|
|||
|
||||
Parts of the collection are licensed under the [Apache 2.0 license](https://github.com/ansible-collections/community.crypto/blob/main/LICENSES/Apache-2.0.txt) (`plugins/module_utils/crypto/_obj2txt.py` and `plugins/module_utils/crypto/_objects_data.py`), the [BSD 2-Clause license](https://github.com/ansible-collections/community.crypto/blob/main/LICENSES/BSD-2-Clause.txt) (`plugins/module_utils/ecs/api.py`), the [BSD 3-Clause license](https://github.com/ansible-collections/community.crypto/blob/main/LICENSES/BSD-3-Clause.txt) (`plugins/module_utils/crypto/_obj2txt.py`), and the [PSF 2.0 license](https://github.com/ansible-collections/community.crypto/blob/main/LICENSES/PSF-2.0.txt) (`plugins/module_utils/_version.py`). This only applies to vendored files in ``plugins/module_utils/`` and to the ECS module utils.
|
||||
|
||||
Most files in the collection that are not automatically generated have a machine readable `SDPX-License-Identifier:` comment denoting its respective license(s).
|
||||
Almost all files have a machine readable `SDPX-License-Identifier:` comment denoting its respective license(s) or an equivalent entry in an accompanying `.license` file. Only changelog fragments (which will not be part of a release) are covered by a blanket statement in `.reuse/dep5`. Right now a few vendored PEM files do not have licensing information as well. This conforms to the [REUSE specification](https://reuse.software/spec/) up to the aforementioned PEM files.
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-FileCopyrightText: Ansible Project
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-FileCopyrightText: Ansible Project
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-FileCopyrightText: Ansible Project
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-FileCopyrightText: Ansible Project
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-FileCopyrightText: Ansible Project
|
||||
|
|
@ -21,6 +21,7 @@ def find_licenses(filename, relax=False):
|
|||
spdx_license_identifiers = []
|
||||
other_license_identifiers = []
|
||||
has_copyright = False
|
||||
try:
|
||||
with open(filename, 'r', encoding='utf-8') as f:
|
||||
for line in f:
|
||||
line = line.rstrip()
|
||||
|
|
@ -28,6 +29,8 @@ def find_licenses(filename, relax=False):
|
|||
has_copyright = True
|
||||
if 'Copyright: ' in line:
|
||||
print('%s: found copyright line with "Copyright:". Please remove the colon.' % (filename, ))
|
||||
if 'SPDX-FileCopyrightText: ' in line:
|
||||
has_copyright = True
|
||||
idx = line.find('SPDX-License-Identifier: ')
|
||||
if idx >= 0:
|
||||
lic_id = line[idx + len('SPDX-License-Identifier: '):]
|
||||
|
|
@ -45,6 +48,8 @@ def find_licenses(filename, relax=False):
|
|||
other_license_identifiers.append('PSF-2.0')
|
||||
if 'MIT License' in line:
|
||||
other_license_identifiers.append('MIT')
|
||||
except Exception as exc:
|
||||
print('%s: error while processing file: %s' % (filename, exc))
|
||||
if len(set(spdx_license_identifiers)) < len(spdx_license_identifiers):
|
||||
print('%s: found identical SPDX-License-Identifier values' % (filename, ))
|
||||
if other_license_identifiers and set(other_license_identifiers) != set(spdx_license_identifiers):
|
||||
|
|
@ -62,30 +67,16 @@ def main():
|
|||
# The following paths are allowed to have no license identifier
|
||||
no_comments_allowed = [
|
||||
'changelogs/fragments/*.yml',
|
||||
'tests/sanity/extra/*.json',
|
||||
'tests/sanity/ignore-2.*.txt',
|
||||
'LICENSES/*.txt',
|
||||
'COPYING',
|
||||
]
|
||||
|
||||
# Files of this name are allowed to be empty
|
||||
empty_allowed = [
|
||||
'.keep',
|
||||
'__init__.py',
|
||||
]
|
||||
|
||||
# These files are completely ignored
|
||||
ignore_paths = [
|
||||
'CHANGELOG.rst',
|
||||
'changelogs/changelog.yaml',
|
||||
'tests/sanity/extra/licenses.py', # The strings in find_licenses() confuse this code :-)
|
||||
'.ansible-test-timeout.json',
|
||||
'tests/unit/plugins/module_utils/acme/fixtures/*.txt',
|
||||
'tests/unit/plugins/module_utils/acme/fixtures/*.pem',
|
||||
'tests/unit/plugins/module_utils/acme/fixtures/*.pem.old',
|
||||
'.reuse/dep5',
|
||||
'LICENSES/*.txt',
|
||||
'COPYING',
|
||||
'tests/integration/targets/*/files/*.pem',
|
||||
'tests/integration/targets/*/files/roots/*.pem',
|
||||
'tests/integration/targets/luks_device/files/keyfile*',
|
||||
]
|
||||
|
||||
no_comments_allowed = [fn for pattern in no_comments_allowed for fn in glob.glob(pattern)]
|
||||
|
|
@ -98,9 +89,10 @@ def main():
|
|||
path = path[2:]
|
||||
if path in ignore_paths or path.startswith('tests/output/'):
|
||||
continue
|
||||
if os.path.basename(path) in empty_allowed:
|
||||
if os.stat(path).st_size == 0:
|
||||
continue
|
||||
if not path.endswith('.license') and os.path.exists(path + '.license'):
|
||||
path = path + '.license'
|
||||
valid_licenses_for_path = valid_licenses
|
||||
if path.startswith('plugins/') and not path.startswith(('plugins/modules/', 'plugins/module_utils/')):
|
||||
valid_licenses_for_path = [license for license in valid_licenses if license == 'GPL-3.0-or-later']
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-FileCopyrightText: 2022, Felix Fontein <felix@fontein.de>
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-FileCopyrightText: Ansible Project
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-FileCopyrightText: Ansible Project
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-FileCopyrightText: Ansible Project
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-FileCopyrightText: Ansible Project
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-FileCopyrightText: Ansible Project
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-FileCopyrightText: Ansible Project
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-FileCopyrightText: Ansible Project
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-FileCopyrightText: Ansible Project
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-FileCopyrightText: Ansible Project
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-FileCopyrightText: Ansible Project
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-FileCopyrightText: Ansible Project
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-FileCopyrightText: Ansible Project
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-FileCopyrightText: Ansible Project
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-FileCopyrightText: Ansible Project
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-FileCopyrightText: Ansible Project
|
||||
Loading…
Reference in New Issue