From 68ea9c5f419944b252bcf1c733d257f24707cdfa Mon Sep 17 00:00:00 2001 From: Felix Fontein Date: Sun, 21 Aug 2022 08:29:15 +0200 Subject: [PATCH] Make reuse conformant (#462) * Add .license files. * Add reuse test. * Update README. * Add changelog fragment. * Normalize licenses extra sanity test. * Declare REUSE conformance. * Update README. --- .github/workflows/reuse.yml | 30 ++++++++ .reuse/dep5 | 5 ++ CHANGELOG.rst.license | 3 + README.md | 2 +- changelogs/changelog.yaml.license | 3 + changelogs/fragments/licenses.yml | 2 + tests/sanity/extra/extra-docs.json.license | 3 + tests/sanity/extra/licenses.json.license | 3 + tests/sanity/extra/licenses.py | 75 +++++++++---------- tests/sanity/extra/licenses.py.license | 3 + .../extra/no-unwanted-files.json.license | 3 + tests/sanity/ignore-2.10.txt.license | 3 + tests/sanity/ignore-2.11.txt.license | 3 + tests/sanity/ignore-2.12.txt.license | 3 + tests/sanity/ignore-2.13.txt.license | 3 + tests/sanity/ignore-2.14.txt.license | 3 + tests/sanity/ignore-2.9.txt.license | 3 + 17 files changed, 110 insertions(+), 40 deletions(-) create mode 100644 .github/workflows/reuse.yml create mode 100644 .reuse/dep5 create mode 100644 CHANGELOG.rst.license create mode 100644 changelogs/changelog.yaml.license create mode 100644 changelogs/fragments/licenses.yml create mode 100644 tests/sanity/extra/extra-docs.json.license create mode 100644 tests/sanity/extra/licenses.json.license create mode 100644 tests/sanity/extra/licenses.py.license create mode 100644 tests/sanity/extra/no-unwanted-files.json.license create mode 100644 tests/sanity/ignore-2.10.txt.license create mode 100644 tests/sanity/ignore-2.11.txt.license create mode 100644 tests/sanity/ignore-2.12.txt.license create mode 100644 tests/sanity/ignore-2.13.txt.license create mode 100644 tests/sanity/ignore-2.14.txt.license create mode 100644 tests/sanity/ignore-2.9.txt.license diff --git a/.github/workflows/reuse.yml b/.github/workflows/reuse.yml new file mode 100644 index 00000000..6c4a11bd --- /dev/null +++ b/.github/workflows/reuse.yml @@ -0,0 +1,30 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +name: Verify REUSE + +on: + push: + branches: [main] + pull_request: + branches: [main] + # Run CI once per day (at 04:30 UTC) + schedule: + - cron: '30 4 * * *' + +jobs: + build: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v2 + + - name: Install dependencies + run: | + pip install reuse + + - name: Check REUSE compliance + run: | + reuse lint diff --git a/.reuse/dep5 b/.reuse/dep5 new file mode 100644 index 00000000..0c3745eb --- /dev/null +++ b/.reuse/dep5 @@ -0,0 +1,5 @@ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ + +Files: changelogs/fragments/* +Copyright: Ansible Project +License: GPL-3.0-or-later diff --git a/CHANGELOG.rst.license b/CHANGELOG.rst.license new file mode 100644 index 00000000..edff8c76 --- /dev/null +++ b/CHANGELOG.rst.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/README.md b/README.md index 40285564..6508a750 100644 --- a/README.md +++ b/README.md @@ -121,4 +121,4 @@ See [LICENSES/GPL-3.0-or-later.txt](https://github.com/ansible-collections/commu Parts of the collection are licensed under the [Apache 2.0 license](https://github.com/ansible-collections/community.docker/blob/main/LICENSES/Apache-2.0.txt). This mostly applies to files vendored from the [Docker SDK for Python](https://github.com/docker/docker-py/). -Most files in the collection that are not automatically generated have a machine readable `SDPX-License-Identifier:` comment denoting its respective license(s). +All files have a machine readable `SDPX-License-Identifier:` comment denoting its respective license(s) or an equivalent entry in an accompanying `.license` file. Only changelog fragments (which will not be part of a release) are covered by a blanket statement in `.reuse/dep5`. This conforms to the [REUSE specification](https://reuse.software/spec/). diff --git a/changelogs/changelog.yaml.license b/changelogs/changelog.yaml.license new file mode 100644 index 00000000..edff8c76 --- /dev/null +++ b/changelogs/changelog.yaml.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/changelogs/fragments/licenses.yml b/changelogs/fragments/licenses.yml new file mode 100644 index 00000000..493ec7ef --- /dev/null +++ b/changelogs/fragments/licenses.yml @@ -0,0 +1,2 @@ +minor_changes: + - "The collection repository conforms to the `REUSE specification `__ except for the changelog fragments (https://github.com/ansible-collections/community.docker/pull/462)." diff --git a/tests/sanity/extra/extra-docs.json.license b/tests/sanity/extra/extra-docs.json.license new file mode 100644 index 00000000..edff8c76 --- /dev/null +++ b/tests/sanity/extra/extra-docs.json.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/tests/sanity/extra/licenses.json.license b/tests/sanity/extra/licenses.json.license new file mode 100644 index 00000000..edff8c76 --- /dev/null +++ b/tests/sanity/extra/licenses.json.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/tests/sanity/extra/licenses.py b/tests/sanity/extra/licenses.py index 32d373a6..127288c6 100755 --- a/tests/sanity/extra/licenses.py +++ b/tests/sanity/extra/licenses.py @@ -21,29 +21,35 @@ def find_licenses(filename, relax=False): spdx_license_identifiers = [] other_license_identifiers = [] has_copyright = False - with open(filename, 'r', encoding='utf-8') as f: - for line in f: - line = line.rstrip() - if 'Copyright ' in line: - has_copyright = True - if 'Copyright: ' in line: - print('%s: found copyright line with "Copyright:". Please remove the colon.' % (filename, )) - idx = line.find('SPDX-License-Identifier: ') - if idx >= 0: - spdx_license_identifiers.append(line[idx + len('SPDX-License-Identifier: '):]) - if 'GNU General Public License' in line: - if 'v3.0+' in line: - other_license_identifiers.append('GPL-3.0-or-later') - if 'version 3 or later' in line: - other_license_identifiers.append('GPL-3.0-or-later') - if 'Simplified BSD License' in line: - other_license_identifiers.append('BSD-2-Clause') - if 'Apache License 2.0' in line: - other_license_identifiers.append('Apache-2.0') - if 'PSF License' in line or 'Python-2.0' in line: - other_license_identifiers.append('PSF-2.0') - if 'MIT License' in line: - other_license_identifiers.append('MIT') + try: + with open(filename, 'r', encoding='utf-8') as f: + for line in f: + line = line.rstrip() + if 'Copyright ' in line: + has_copyright = True + if 'Copyright: ' in line: + print('%s: found copyright line with "Copyright:". Please remove the colon.' % (filename, )) + if 'SPDX-FileCopyrightText: ' in line: + has_copyright = True + idx = line.find('SPDX-License-Identifier: ') + if idx >= 0: + lic_id = line[idx + len('SPDX-License-Identifier: '):] + spdx_license_identifiers.extend(lic_id.split(' OR ')) + if 'GNU General Public License' in line: + if 'v3.0+' in line: + other_license_identifiers.append('GPL-3.0-or-later') + if 'version 3 or later' in line: + other_license_identifiers.append('GPL-3.0-or-later') + if 'Simplified BSD License' in line: + other_license_identifiers.append('BSD-2-Clause') + if 'Apache License 2.0' in line: + other_license_identifiers.append('Apache-2.0') + if 'PSF License' in line or 'Python-2.0' in line: + other_license_identifiers.append('PSF-2.0') + if 'MIT License' in line: + other_license_identifiers.append('MIT') + except Exception as exc: + print('%s: error while processing file: %s' % (filename, exc)) if len(set(spdx_license_identifiers)) < len(spdx_license_identifiers): print('%s: found identical SPDX-License-Identifier values' % (filename, )) if other_license_identifiers and set(other_license_identifiers) != set(spdx_license_identifiers): @@ -61,24 +67,14 @@ def main(): # The following paths are allowed to have no license identifier no_comments_allowed = [ 'changelogs/fragments/*.yml', - 'tests/sanity/extra/*.json', - 'tests/sanity/ignore-2.*.txt', - 'LICENSES/*.txt', - 'COPYING', - ] - - # Files of this name are allowed to be empty - empty_allowed = [ - '.keep', - '__init__.py', ] # These files are completely ignored ignore_paths = [ - 'CHANGELOG.rst', - 'changelogs/changelog.yaml', - 'tests/sanity/extra/licenses.py', # The strings in find_licenses() confuse this code :-) '.ansible-test-timeout.json', + '.reuse/dep5', + 'LICENSES/*.txt', + 'COPYING', ] no_comments_allowed = [fn for pattern in no_comments_allowed for fn in glob.glob(pattern)] @@ -91,9 +87,10 @@ def main(): path = path[2:] if path in ignore_paths or path.startswith('tests/output/'): continue - if os.path.basename(path) in empty_allowed: - if os.stat(path).st_size == 0: - continue + if os.stat(path).st_size == 0: + continue + if not path.endswith('.license') and os.path.exists(path + '.license'): + path = path + '.license' valid_licenses_for_path = valid_licenses if path.startswith('plugins/') and not path.startswith(('plugins/modules/', 'plugins/module_utils/')): valid_licenses_for_path = [license for license in valid_licenses if license == 'GPL-3.0-or-later'] diff --git a/tests/sanity/extra/licenses.py.license b/tests/sanity/extra/licenses.py.license new file mode 100644 index 00000000..6c4958fe --- /dev/null +++ b/tests/sanity/extra/licenses.py.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: 2022, Felix Fontein diff --git a/tests/sanity/extra/no-unwanted-files.json.license b/tests/sanity/extra/no-unwanted-files.json.license new file mode 100644 index 00000000..edff8c76 --- /dev/null +++ b/tests/sanity/extra/no-unwanted-files.json.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/tests/sanity/ignore-2.10.txt.license b/tests/sanity/ignore-2.10.txt.license new file mode 100644 index 00000000..edff8c76 --- /dev/null +++ b/tests/sanity/ignore-2.10.txt.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/tests/sanity/ignore-2.11.txt.license b/tests/sanity/ignore-2.11.txt.license new file mode 100644 index 00000000..edff8c76 --- /dev/null +++ b/tests/sanity/ignore-2.11.txt.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/tests/sanity/ignore-2.12.txt.license b/tests/sanity/ignore-2.12.txt.license new file mode 100644 index 00000000..edff8c76 --- /dev/null +++ b/tests/sanity/ignore-2.12.txt.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/tests/sanity/ignore-2.13.txt.license b/tests/sanity/ignore-2.13.txt.license new file mode 100644 index 00000000..edff8c76 --- /dev/null +++ b/tests/sanity/ignore-2.13.txt.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/tests/sanity/ignore-2.14.txt.license b/tests/sanity/ignore-2.14.txt.license new file mode 100644 index 00000000..edff8c76 --- /dev/null +++ b/tests/sanity/ignore-2.14.txt.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project diff --git a/tests/sanity/ignore-2.9.txt.license b/tests/sanity/ignore-2.9.txt.license new file mode 100644 index 00000000..edff8c76 --- /dev/null +++ b/tests/sanity/ignore-2.9.txt.license @@ -0,0 +1,3 @@ +GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +SPDX-License-Identifier: GPL-3.0-or-later +SPDX-FileCopyrightText: Ansible Project