Scancode and fossology scans (#211)

Adding [scancode-toolkit](https://www.nexb.com/scancode/#overview) and [fossology](https://www.fossology.org/features/) scans for licensing/copyright vetting. Bumping gotests image to latest version.
nephio-project · Jun 5, 2023 · b88eb5b · b88eb5b
1 parent ed4e85d
commit b88eb5b
Show file tree

Hide file tree

Showing 2 changed files with 50 additions and 6 deletions.
diff --git a/.prow.yaml b/.prow.yaml
@@ -4,7 +4,7 @@ presubmits:
     run_if_changed: "(\\.go|Makefile)$"
     spec:
       containers:
-      - image: nephio/gotests:4
+      - image: nephio/gotests:7
         command:
         - make
         args:
@@ -14,7 +14,7 @@ presubmits:
     run_if_changed: "(\\.go|Makefile)$"
     spec:
       containers:
-      - image: nephio/gotests:4
+      - image: nephio/gotests:7
         command:
         - make
         args:
@@ -24,16 +24,48 @@ presubmits:
     run_if_changed: "(\\.go|Makefile)$"
     spec:
       containers:
-      - image: nephio/gotests:4
+      - image: nephio/gotests:7
         command:
         - make
         args:
         - gosec
   - name: presubmit-nephio-license-header-check
     decorate: true
-    run_if_changed: "\\.go$"
+    always_run: true
     spec:
       containers:
-      - image: nephio/gotests:4
+      - image: nephio/gotests:7
         command:
-        - "/usr/local/bin/checklicense.sh"
+        - "/bin/sh"
+        - "-c"
+        - |
+          /usr/local/bin/checklicense.sh > ${ARTIFACTS}/license_headers_results.txt
+  - name: presubmit-nephio-scancode-toolkit
+    decorate: true
+    always_run: true
+    spec:
+      containers:
+      - image: nephio/scancode-toolkit:v31.2.5
+        command:
+        - "/bin/sh"
+        args:
+        - "-c"
+        - |
+          /scancode-toolkit/scancode --ignore "whitelist.json" -clpeui -n 2 --html ${ARTIFACTS}/scancode_report.html . --tallies-with-details
+        resources:
+          requests:
+            cpu: 2
+            memory: 1Gi
+  - name: presubmit-nephio-fossology
+    decorate: true
+    always_run: true
+    spec:
+      containers:
+      - image: fossology/fossology:scanner
+        command:
+        - "/bin/bash"
+        args:
+        - "-c"
+        - |
+          /bin/fossologyscanner repo nomos ojo copyright keyword
+          cp -R results ${ARTIFACTS}/    
diff --git a/whitelist.json b/whitelist.json
@@ -0,0 +1,12 @@
+{
+  "licenses": [
+    "Apache-2.0",
+    "MIT",
+    "BSD-3-Clause"
+  ],
+  "exclude": [
+    ".git/*",
+    ".prow.yaml",
+    "results/*"
+  ]
+}