Re: [OE-core] [RFC PATCH 2/2] license_image.bbclass: check and reject packages which have incompatible licenses
On Wed, Oct 09, 2019 at 09:41:28PM +0200, Alexander Kanavin wrote: > It wouldn't be too hard to add a condition that checks the (image-specific) > whitelist, I just wanted to gather a bit of feedback for the overall idea :) I like the idea. I'm building images with e.g. GPLv3 forbidden but I enable building lots of GPLv3 components because they are needed in e.g. ptests. Resulting distro config snippet is large with lots of lines like: WHITELIST_GPL-3.0 += "autoconf" PACKAGE_EXCLUDE += "autoconf-dbg autoconf-staticdev autoconf-dev autoconf-doc autoconf-locale autoconf" WHITELIST_GPL-3.0 += "ccache" PACKAGE_EXCLUDE += "ccache-sdktests-dbg ccache-sdktests ccache-dbg ccache-staticdev ccache-dev ccache-doc ccache-locale ccache" In testing then I start with the pure product image without GPLv3 components and extend it with extra packages which are needed for the test execution. I have separate product feature and SW component test phases. Only in the latter case target SW is changed before test execution. I want to avoid building separate test images with GPLv3, because in the past test vs. product images resulted in only the test images being actually tested. But I can see that having separate product and test images from a single build could be useful. Thanks for proposing this patch! -Mikko -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
Re: [OE-core] [RFC PATCH 2/2] license_image.bbclass: check and reject packages which have incompatible licenses
It wouldn't be too hard to add a condition that checks the (image-specific) whitelist, I just wanted to gather a bit of feedback for the overall idea :) Alex On Wed, 9 Oct 2019 at 20:15, Christopher Larson wrote: > Does this obey the whitelist? Can I whitelist a gplv3 package to get it > installed, ideally with a warning rather than silent or error? I don't have > the code in front of me at the moment. I have a class in meta-mentor that > does this sort of check, so wanted to see how the implementations compare. > On a related note, > https://github.com/MentorEmbedded/meta-mentor/blob/master/meta-mentor-common/classes/incompatible-recipe-check.bbclass > + > https://github.com/MentorEmbedded/meta-mentor/blob/95d05dcc12651a7b246f91b240120f92d196b0de/meta-mel-support/recipes-core/packagegroups/packagegroup-tools-benchmark.bb#L10 > might be of interest to you in your gplv2 work, perhaps? Specifically > handling the whitelisting. > > On Wed, Oct 9, 2019 at 8:45 AM Alexander Kanavin > wrote: > >> The use case is setting INCOMPATIBLE_LICENSE per image, >> rather than as an awkward, and too strict global setting. >> >> This for example would allow building development images with gplv3 tools, >> but production images without them, and checking that nothing >> gpl3-licensed >> gets into the latter. >> >> Examples are provided via the selftest: three scenarios are tested: >> >> - bash is added to the image, with a default gpl3 license; this is >> rejected >> - bash is added to the image, with a "gpl3 & other" license; this is also >> rejected >> - bash is added to the image, with a "gpl3 | other" license; this is >> accepted, but >> only 'other' is added to the license manifest (this was already handled >> correctly >> previously). >> >> Eventually, this would allow deprecating the meta-gplv2 layer, while still >> enforcing the no-gpl3 rule where possible and needed. >> >> Signed-off-by: Alexander Kanavin >> --- >> meta/classes/license_image.bbclass| 2 ++ >> .../oeqa/selftest/cases/incompatible_lic.py | 29 +++ >> 2 files changed, 31 insertions(+) >> >> diff --git a/meta/classes/license_image.bbclass >> b/meta/classes/license_image.bbclass >> index 3f102d0fbc3..e5cb1b8c77d 100644 >> --- a/meta/classes/license_image.bbclass >> +++ b/meta/classes/license_image.bbclass >> @@ -47,6 +47,8 @@ def write_license_files(d, license_manifest, pkg_dic, >> rootfs=True): >> for pkg in sorted(pkg_dic): >> if bad_licenses: >> try: >> +if incompatible_pkg_license(d, bad_licenses, >> pkg_dic[pkg]["LICENSE"]): >> +bb.fatal("Package %s has an incompatible license >> %s and cannot be installed into the image." %(pkg, pkg_dic[pkg]["LICENSE"])) >> (pkg_dic[pkg]["LICENSE"], pkg_dic[pkg]["LICENSES"]) >> = \ >> >> oe.license.manifest_licenses(pkg_dic[pkg]["LICENSE"], >> bad_licenses, canonical_license, d) >> diff --git a/meta/lib/oeqa/selftest/cases/incompatible_lic.py >> b/meta/lib/oeqa/selftest/cases/incompatible_lic.py >> index 8fb93af8a89..e80c9783122 100644 >> --- a/meta/lib/oeqa/selftest/cases/incompatible_lic.py >> +++ b/meta/lib/oeqa/selftest/cases/incompatible_lic.py >> @@ -39,3 +39,32 @@ class IncompatibleLicenseTests(OESelftestTestCase): >> # INCOMPATIBLE_LICENSE contains this license >> def test_incompatible_nonspdx_license(self): >> self.lic_test('incompatible-nonspdx-license', 'FooLicense', >> 'FooLicense') >> + >> +class IncompatibleLicensePerImageTests(OESelftestTestCase): >> +def default_config(self): >> +return """ >> +IMAGE_INSTALL_append = "bash" >> +INCOMPATIBLE_LICENSE_pn-core-image-minimal = "GPL-3.0 LGPL-3.0" >> +""" >> + >> +def test_bash_default(self): >> +self.write_config(self.default_config()) >> +error_msg = "ERROR: core-image-minimal-1.0-r0 do_rootfs: Package >> bash has an incompatible license GPLv3+ and cannot be installed into the >> image." >> + >> +result = bitbake('core-image-minimal', ignore_status=True) >> +if error_msg not in result.output: >> +raise AssertionError(result.output) >> + >> +def test_bash_and_license(self): >> +self.write_config(self.default_config() + >> '\nLICENSE_append_pn-bash = " & SomeLicense"') >> +error_msg = "ERROR: core-image-minimal-1.0-r0 do_rootfs: Package >> bash has an incompatible license GPLv3+ & SomeLicense and cannot be >> installed into the image." >> + >> +result = bitbake('core-image-minimal', ignore_status=True) >> +if error_msg not in result.output: >> +raise AssertionError(result.output) >> + >> +def test_bash_or_license(self): >> +self.write_config(self.default_config() + >> '\nLICENSE_append_pn-bash = " | SomeLicense"') >> + >> +bitbake('core-image-minimal') >> + >> -- >> 2.17.1 >> >> -- >> ___ >>
Re: [OE-core] [RFC PATCH 2/2] license_image.bbclass: check and reject packages which have incompatible licenses
Does this obey the whitelist? Can I whitelist a gplv3 package to get it installed, ideally with a warning rather than silent or error? I don't have the code in front of me at the moment. I have a class in meta-mentor that does this sort of check, so wanted to see how the implementations compare. On a related note, https://github.com/MentorEmbedded/meta-mentor/blob/master/meta-mentor-common/classes/incompatible-recipe-check.bbclass + https://github.com/MentorEmbedded/meta-mentor/blob/95d05dcc12651a7b246f91b240120f92d196b0de/meta-mel-support/recipes-core/packagegroups/packagegroup-tools-benchmark.bb#L10 might be of interest to you in your gplv2 work, perhaps? Specifically handling the whitelisting. On Wed, Oct 9, 2019 at 8:45 AM Alexander Kanavin wrote: > The use case is setting INCOMPATIBLE_LICENSE per image, > rather than as an awkward, and too strict global setting. > > This for example would allow building development images with gplv3 tools, > but production images without them, and checking that nothing gpl3-licensed > gets into the latter. > > Examples are provided via the selftest: three scenarios are tested: > > - bash is added to the image, with a default gpl3 license; this is rejected > - bash is added to the image, with a "gpl3 & other" license; this is also > rejected > - bash is added to the image, with a "gpl3 | other" license; this is > accepted, but > only 'other' is added to the license manifest (this was already handled > correctly > previously). > > Eventually, this would allow deprecating the meta-gplv2 layer, while still > enforcing the no-gpl3 rule where possible and needed. > > Signed-off-by: Alexander Kanavin > --- > meta/classes/license_image.bbclass| 2 ++ > .../oeqa/selftest/cases/incompatible_lic.py | 29 +++ > 2 files changed, 31 insertions(+) > > diff --git a/meta/classes/license_image.bbclass > b/meta/classes/license_image.bbclass > index 3f102d0fbc3..e5cb1b8c77d 100644 > --- a/meta/classes/license_image.bbclass > +++ b/meta/classes/license_image.bbclass > @@ -47,6 +47,8 @@ def write_license_files(d, license_manifest, pkg_dic, > rootfs=True): > for pkg in sorted(pkg_dic): > if bad_licenses: > try: > +if incompatible_pkg_license(d, bad_licenses, > pkg_dic[pkg]["LICENSE"]): > +bb.fatal("Package %s has an incompatible license > %s and cannot be installed into the image." %(pkg, pkg_dic[pkg]["LICENSE"])) > (pkg_dic[pkg]["LICENSE"], pkg_dic[pkg]["LICENSES"]) = > \ > > oe.license.manifest_licenses(pkg_dic[pkg]["LICENSE"], > bad_licenses, canonical_license, d) > diff --git a/meta/lib/oeqa/selftest/cases/incompatible_lic.py > b/meta/lib/oeqa/selftest/cases/incompatible_lic.py > index 8fb93af8a89..e80c9783122 100644 > --- a/meta/lib/oeqa/selftest/cases/incompatible_lic.py > +++ b/meta/lib/oeqa/selftest/cases/incompatible_lic.py > @@ -39,3 +39,32 @@ class IncompatibleLicenseTests(OESelftestTestCase): > # INCOMPATIBLE_LICENSE contains this license > def test_incompatible_nonspdx_license(self): > self.lic_test('incompatible-nonspdx-license', 'FooLicense', > 'FooLicense') > + > +class IncompatibleLicensePerImageTests(OESelftestTestCase): > +def default_config(self): > +return """ > +IMAGE_INSTALL_append = "bash" > +INCOMPATIBLE_LICENSE_pn-core-image-minimal = "GPL-3.0 LGPL-3.0" > +""" > + > +def test_bash_default(self): > +self.write_config(self.default_config()) > +error_msg = "ERROR: core-image-minimal-1.0-r0 do_rootfs: Package > bash has an incompatible license GPLv3+ and cannot be installed into the > image." > + > +result = bitbake('core-image-minimal', ignore_status=True) > +if error_msg not in result.output: > +raise AssertionError(result.output) > + > +def test_bash_and_license(self): > +self.write_config(self.default_config() + > '\nLICENSE_append_pn-bash = " & SomeLicense"') > +error_msg = "ERROR: core-image-minimal-1.0-r0 do_rootfs: Package > bash has an incompatible license GPLv3+ & SomeLicense and cannot be > installed into the image." > + > +result = bitbake('core-image-minimal', ignore_status=True) > +if error_msg not in result.output: > +raise AssertionError(result.output) > + > +def test_bash_or_license(self): > +self.write_config(self.default_config() + > '\nLICENSE_append_pn-bash = " | SomeLicense"') > + > +bitbake('core-image-minimal') > + > -- > 2.17.1 > > -- > ___ > Openembedded-core mailing list > Openembedded-core@lists.openembedded.org > http://lists.openembedded.org/mailman/listinfo/openembedded-core > -- Christopher Larson kergoth at gmail dot com Founder - BitBake, OpenEmbedded, OpenZaurus Senior Software Engineer, Mentor Graphics -- ___ Openembedded-core mailing
[OE-core] [RFC PATCH 2/2] license_image.bbclass: check and reject packages which have incompatible licenses
The use case is setting INCOMPATIBLE_LICENSE per image, rather than as an awkward, and too strict global setting. This for example would allow building development images with gplv3 tools, but production images without them, and checking that nothing gpl3-licensed gets into the latter. Examples are provided via the selftest: three scenarios are tested: - bash is added to the image, with a default gpl3 license; this is rejected - bash is added to the image, with a "gpl3 & other" license; this is also rejected - bash is added to the image, with a "gpl3 | other" license; this is accepted, but only 'other' is added to the license manifest (this was already handled correctly previously). Eventually, this would allow deprecating the meta-gplv2 layer, while still enforcing the no-gpl3 rule where possible and needed. Signed-off-by: Alexander Kanavin --- meta/classes/license_image.bbclass| 2 ++ .../oeqa/selftest/cases/incompatible_lic.py | 29 +++ 2 files changed, 31 insertions(+) diff --git a/meta/classes/license_image.bbclass b/meta/classes/license_image.bbclass index 3f102d0fbc3..e5cb1b8c77d 100644 --- a/meta/classes/license_image.bbclass +++ b/meta/classes/license_image.bbclass @@ -47,6 +47,8 @@ def write_license_files(d, license_manifest, pkg_dic, rootfs=True): for pkg in sorted(pkg_dic): if bad_licenses: try: +if incompatible_pkg_license(d, bad_licenses, pkg_dic[pkg]["LICENSE"]): +bb.fatal("Package %s has an incompatible license %s and cannot be installed into the image." %(pkg, pkg_dic[pkg]["LICENSE"])) (pkg_dic[pkg]["LICENSE"], pkg_dic[pkg]["LICENSES"]) = \ oe.license.manifest_licenses(pkg_dic[pkg]["LICENSE"], bad_licenses, canonical_license, d) diff --git a/meta/lib/oeqa/selftest/cases/incompatible_lic.py b/meta/lib/oeqa/selftest/cases/incompatible_lic.py index 8fb93af8a89..e80c9783122 100644 --- a/meta/lib/oeqa/selftest/cases/incompatible_lic.py +++ b/meta/lib/oeqa/selftest/cases/incompatible_lic.py @@ -39,3 +39,32 @@ class IncompatibleLicenseTests(OESelftestTestCase): # INCOMPATIBLE_LICENSE contains this license def test_incompatible_nonspdx_license(self): self.lic_test('incompatible-nonspdx-license', 'FooLicense', 'FooLicense') + +class IncompatibleLicensePerImageTests(OESelftestTestCase): +def default_config(self): +return """ +IMAGE_INSTALL_append = "bash" +INCOMPATIBLE_LICENSE_pn-core-image-minimal = "GPL-3.0 LGPL-3.0" +""" + +def test_bash_default(self): +self.write_config(self.default_config()) +error_msg = "ERROR: core-image-minimal-1.0-r0 do_rootfs: Package bash has an incompatible license GPLv3+ and cannot be installed into the image." + +result = bitbake('core-image-minimal', ignore_status=True) +if error_msg not in result.output: +raise AssertionError(result.output) + +def test_bash_and_license(self): +self.write_config(self.default_config() + '\nLICENSE_append_pn-bash = " & SomeLicense"') +error_msg = "ERROR: core-image-minimal-1.0-r0 do_rootfs: Package bash has an incompatible license GPLv3+ & SomeLicense and cannot be installed into the image." + +result = bitbake('core-image-minimal', ignore_status=True) +if error_msg not in result.output: +raise AssertionError(result.output) + +def test_bash_or_license(self): +self.write_config(self.default_config() + '\nLICENSE_append_pn-bash = " | SomeLicense"') + +bitbake('core-image-minimal') + -- 2.17.1 -- ___ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core