Skip to content

Commit

Permalink
add dependency licenses to release artifacts
Browse files Browse the repository at this point in the history
  • Loading branch information
schrej committed Oct 24, 2022
1 parent e7a46dd commit add407c
Show file tree
Hide file tree
Showing 6 changed files with 44 additions and 2 deletions.
9 changes: 9 additions & 0 deletions .github/workflows/container-image.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,15 @@ jobs:
runs-on: "ubuntu-latest"
steps:
- uses: actions/checkout@v3

- name: Install Go
uses: actions/setup-go@v3
with:
go-version: '^1.18'

- name: Create Licenses Report
run: |
make licenses-report
- name: Login to GitHub Container Registry
uses: docker/[email protected]
Expand Down
11 changes: 10 additions & 1 deletion .github/workflows/draft_release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ jobs:
uses: softprops/action-gh-release@v1
with:
draft: true
files: out/*
files: out/*.*
# body_path: _releasenotes/${{ env.RELEASE_TAG }}.md

release_image:
Expand All @@ -39,6 +39,15 @@ jobs:
steps:
- name: Check out the repo
uses: actions/checkout@v3

- name: Install Go
uses: actions/setup-go@v3
with:
go-version: '^1.18'

- name: Create Licenses Report
run: |
make licenses-report
- name: Login to GitHub Container Registry
uses: docker/[email protected]
Expand Down
3 changes: 3 additions & 0 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -28,4 +28,7 @@ WORKDIR /
COPY --from=builder /workspace/manager .
USER 65532

# Add directory containing the licenses of all dependencies
COPY out/licenses /licenses

ENTRYPOINT ["/manager"]
14 changes: 13 additions & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ run: manifests generate fmt vet ## Run a controller from your host.
go run ./main.go

.PHONY: docker-build
docker-build: test ## Build docker image with the manager.
docker-build: test licenses-report ## Build docker image with the manager.
docker build -t ${IMG} .

.PHONY: docker-push
Expand All @@ -97,6 +97,7 @@ release: clean-release
$(MAKE) set-manifest-pull-policy PULL_POLICY=IfNotPresent
$(MAKE) release-manifests
$(MAKE) release-metadata
$(MAKE) licenses-report
$(MAKE) clean-release-git

.PHONY: clean-release
Expand All @@ -115,6 +116,12 @@ release-manifests: kustomize $(RELEASE_DIR)
release-metadata:
cp metadata.yaml $(RELEASE_DIR)/metadata.yaml

licenses-report: go-licenses
rm -rf $(RELEASE_DIR)/licenses
$(GO_LICENSES) save --save_path $(RELEASE_DIR)/licenses ./...
$(GO_LICENSES) report --template hack/licenses.md.tpl ./... > $(RELEASE_DIR)/licenses/licenses.md
(cd out/licenses && tar -czf ../licenses.tar.gz *)

##@ Release Utils

.PHONY: set-manifest-pull-policy
Expand Down Expand Up @@ -164,3 +171,8 @@ ENVTEST = $(HACK_BIN)/setup-envtest
.PHONY: envtest
envtest: ## Download envtest-setup locally if necessary.
env GOBIN=$(HACK_BIN) go install sigs.k8s.io/controller-runtime/tools/setup-envtest@latest

GO_LICENSES = $(HACK_BIN)/go-licenses
.PHONY: go-licenses
go-licenses:
env GOBIN=$(HACK_BIN) go install github.com/google/go-licenses@latest
4 changes: 4 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -37,3 +37,7 @@ Licensed under the **Apache License, Version 2.0** (the "License"); you may not
You may obtain a copy of the License at https://www.apache.org/licenses/LICENSE-2.0.
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the [LICENSE](./LICENSE) for the specific language governing permissions and limitations under the License.
### Dependency Licenses
You can find the licenses of used Go dependencies as a `licenses.tar.gz` archive as part of our [releases](https://github.com/telekom/cluster-api-ipam-provider-in-cluster/releases) and in the `/license` directory contained in our container images available at [ghcr.io/telekom/cluster-api-ipam-provider-in-cluster](https://ghcr.io/telekom/cluster-api-ipam-provider-in-cluster).
5 changes: 5 additions & 0 deletions hack/licenses.md.tpl
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
# Dependency Licenses

{{ range . }}
- {{.Name}}@{{.Version}} ([{{.LicenseName}}]({{.LicenseURL}}))
{{- end }}

0 comments on commit add407c

Please sign in to comment.