HBASE-16318 fail build while rendering velocity template if dependency license isn't in whitelist.
Signed-off-by: Andrew Purtell <[email protected]> Project: http://git-wip-us.apache.org/repos/asf/hbase/repo Commit: http://git-wip-us.apache.org/repos/asf/hbase/commit/e51fcdd7 Tree: http://git-wip-us.apache.org/repos/asf/hbase/tree/e51fcdd7 Diff: http://git-wip-us.apache.org/repos/asf/hbase/diff/e51fcdd7 Branch: refs/heads/master Commit: e51fcdd7788271d33cf02240155429358d71627b Parents: cc12be3 Author: Sean Busbey <[email protected]> Authored: Tue Aug 2 00:53:53 2016 -0500 Committer: Sean Busbey <[email protected]> Committed: Wed Aug 17 12:51:28 2016 -0700 ---------------------------------------------------------------------- .../src/main/resources/META-INF/LICENSE.vm | 32 ++++++++++++++++++++ 1 file changed, 32 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hbase/blob/e51fcdd7/hbase-resource-bundle/src/main/resources/META-INF/LICENSE.vm ---------------------------------------------------------------------- diff --git a/hbase-resource-bundle/src/main/resources/META-INF/LICENSE.vm b/hbase-resource-bundle/src/main/resources/META-INF/LICENSE.vm index 8e5c9fe..31e508f 100644 --- a/hbase-resource-bundle/src/main/resources/META-INF/LICENSE.vm +++ b/hbase-resource-bundle/src/main/resources/META-INF/LICENSE.vm @@ -1558,6 +1558,10 @@ You can redistribute it and/or modify it under either the terms of the GPL #set($jruby = false) ## track hadoops #set($hadoop = false) +## Whitelist of licenses that it's safe to not aggregate as above. +## Note that this doesn't include ALv2 or the aforementioned aggregate +## license mentions. +#set($non_aggregate_fine = [ 'Public Domain', 'New BSD license', 'BSD license', 'Mozilla Public License Version 2.0' ]) ## include LICENSE sections for anything not under ASL2.0 #foreach( ${dep} in ${projects} ) ## if there are no licenses we'll fail the build later, so @@ -1646,6 +1650,34 @@ ${dep.scm.url} This product includes ${dep.name} licensed under the ${dep.licenses[0].name}. ${dep.licenses[0].comments} +#if(!(${non_aggregate_fine.contains($dep.licenses[0].name)})) +Please check ^^^^^^^^^^^^ this License for acceptability here: + +https://www.apache.org/legal/resolved + +If it is okay, then update the list named 'non_aggregate_fine' in the LICENSE.vm file. +If it isn't okay, then revert the change that added the dependency. + +More info on the dependency: + +<groupId>${dep.groupId}</groupId> +<artifactId>${dep.artifactId}</artifactId> +<version>${dep.version}</version> + +maven central search +g:${dep.groupId} AND a:${dep.artifactId} AND v:${dep.version} + +project website +${dep.url} +project source +${dep.scm.url} + +## fail the template. If you're looking at the source LICENSE.vm +## file based on a stacktrace or exception message, you need to find +## the generated LICENSE file that has the actual dependency info printed. +#set($empty = []) +${empty[0]} +#end #end #end #end
