Just found this thread again after searching my inbox for something else. So I am prototyping this at the moment. I plan to do the following...
Each file that is held at gate, will be checked to see what sort of file extension it has (.py, .java, .c etc) and then a check will be made to make sure if has an Apache 2.0 License in place. I check for the file extensions, because of course bash and python use # comment blocks, java uses /* */ and so on, and there are different shebangs I might need to filter out. I plan to get this rigged into gate with infra's help during the plugfest On Wed, Feb 22, 2017 at 6:42 AM, Raymond Paik <rp...@linuxfoundation.org> wrote: > Sorry I missed this over the long weekend (here in the US). > > I think what Luke is suggesting is independent of the license scanning > tool. If Luke's security scanning tool can be extended to flag files > without license headers, that could be helpful. Of course we'd need to > filter out false positives (e.g. image files that will not have license > headers).... > > Thanks, > > Ray > > On Sat, Feb 18, 2017 at 2:57 PM, Yujun Zhang (ZTE) < > zhangyujun+...@gmail.com> wrote: > >> +2 for gate check instead of reminding by Email. >> >> It seems Ray has used another tool for license scanning. >> Luke Hinds <lhi...@redhat.com>于2017年2月19日 周日06:32写道: >> >>> If its useful we could add something to our gate to check for license >>> text? We are trailing a system that checks for private keys, secrets and >>> blobs being pushed to repos, I could look to extend this to perform a >>> license check too? >>> >>> On Sat, Feb 18, 2017 at 5:27 PM, Yujun Zhang (ZTE) < >>> zhangyujun+...@gmail.com> wrote: >>> >>> The script works great in qtip repo[1]. Thanks a lot, Justin. >>> >>> A few comments for improvements >>> >>> >>> 1. add license to this script itself so people know how to >>> contribute. By default, it is proprietary. >>> 2. ignore __init__.py as indicated in OPNFV contribution >>> guidelines[2]. A workaround is `git checkout **/__init__.py` after >>> processing. >>> 3. use company name mapping in stackalytics[3]. I believe it covers >>> most contributors in OPNFV >>> 4. rename the the repo. It is strange to fork a repo named Lab to >>> other account. >>> >>> >>> [1]: https://gerrit.opnfv.org/gerrit/#/c/29029/ >>> [2]: https://wiki.opnfv.org/display/DEV/Contribution+Guidelines >>> [3]: http://git.openstack.org/cgit/openstack/stackalytics/tr >>> ee/etc/default_data.json#n23439 >>> >>> On Fri, Feb 17, 2017 at 10:52 AM gang chi <justin.chig...@gmail.com> >>> wrote: >>> >>> Hi, >>> >>> I think most of team has received mail from Ray who told me there are >>> over hundred files without License in Compass4nfv repo. I think some team >>> may have same issue with me. >>> so I share my script to generate license header for OPNFV repos. >>> >>> https://github.com/Justin-chi/Lab/blob/master/add_license.sh >>> >>> Here is result of the script: https://gerrit.opnfv.org/gerrit/#/c/28885/ >>> >>> Hope it will works for you. >>> >>> Regards >>> Justin >>> _______________________________________________ >>> opnfv-tech-discuss mailing list >>> opnfv-tech-discuss@lists.opnfv.org >>> https://lists.opnfv.org/mailman/listinfo/opnfv-tech-discuss >>> >>> -- >>> Yujun Zhang >>> >>> _______________________________________________ >>> opnfv-tech-discuss mailing list >>> opnfv-tech-discuss@lists.opnfv.org >>> https://lists.opnfv.org/mailman/listinfo/opnfv-tech-discuss >>> >>> >>> >>> >>> -- >>> Luke Hinds | NFV Partner Engineering | Office of Technology | Red Hat >>> e: lhi...@redhat.com | irc: lhinds @freenode | m: +44 77 45 63 98 84 | >>> t: +44 12 52 36 2483 >>> >> -- >> Yujun Zhang >> >> _______________________________________________ >> opnfv-tech-discuss mailing list >> opnfv-tech-discuss@lists.opnfv.org >> https://lists.opnfv.org/mailman/listinfo/opnfv-tech-discuss >> >> > -- Luke Hinds | NFV Partner Engineering | Office of Technology | Red Hat e: lhi...@redhat.com | irc: lhinds @freenode | m: +44 77 45 63 98 84 | t: +44 12 52 36 2483
_______________________________________________ opnfv-tech-discuss mailing list opnfv-tech-discuss@lists.opnfv.org https://lists.opnfv.org/mailman/listinfo/opnfv-tech-discuss
