From 60b9daa25fb5d20fca2be07a7338d60d80a08846 Mon Sep 17 00:00:00 2001 From: Laurent Gougeon Date: Wed, 30 Oct 2024 17:50:17 +0100 Subject: [PATCH] Adding licenses and other files to Docker images. --- README.md | 4 ++- docker/Makefile | 21 ++++++++++----- docker/ecpds/java/.gitignore | 6 +++++ docker/ecpds/java/Dockerfile | 4 +++ pom.xml | 51 ++++++++++++++++++++++-------------- 5 files changed, 58 insertions(+), 28 deletions(-) create mode 100644 docker/ecpds/java/.gitignore diff --git a/README.md b/README.md index 899bb905..8cb4ab8e 100644 --- a/README.md +++ b/README.md @@ -297,5 +297,7 @@ Additionally, you can find the OpenECPDS options for various editors at this lin This project automates the downloading of specific tools (GraalVM, Maven, Docker, Kompose, Kubectl). Additionally, it uses external APIs that are downloaded via Maven. For licenses and details on these dependencies, please refer to their respective documentation. You can retrieve the licenses from the development container using: ```bash -mvn dependency:copy-dependencies +make get-licenses ``` + +If successful, the licenses will be available in the `target/generated-resources` directory. These licenses are also included in the root directory of the container images, along with the `AUTHORS`, `LICENSE.txt`, `NOTICE` and `VERSION` files. \ No newline at end of file diff --git a/docker/Makefile b/docker/Makefile index 3e8ced41..c2b42e6d 100755 --- a/docker/Makefile +++ b/docker/Makefile @@ -26,8 +26,9 @@ RESET := \033[0m DOCKER_HOST_OS ?= $(shell uname -s) DOCKER_GUEST_OS := $(shell uname -s) -# How to get the rpms? -COPY := cp ../target/rpm +# Source directories for the rpms and licences +RPM_DIR := ../target/rpm +LICENSES_DIR := ../target/generated-resources # Detect container manager (Docker or Podman) ifeq ($(shell command -v podman 2> /dev/null),) @@ -45,7 +46,7 @@ DOCKER_VERSION := $(shell $(DOCKER) --version) HTTPS_ACCESS := $(shell curl -s --max-time 2 -I https://google.com | sed 's/^[^ ]* *\([0-9]\).*/\1/; 1q') # Output the help for each task -.PHONY: help all get-rpms build images bk-images rm-images clean .clean info +.PHONY: help all get-rpms get-licenses build images bk-images rm-images clean .clean info help: ## Show this help message @awk 'BEGIN {FS = ":.*?## "} /^[a-zA-Z_-]+:.*?## / {printf "\033[36m%-15s\033[0m %s\n", $$1, $$2}' $(MAKEFILE_LIST) @@ -53,8 +54,9 @@ help: ## Show this help message # Display help by default .DEFAULT_GOAL := help -all: ## Get RPMs, and build images +all: ## Get RPMs, licenses and build images @$(MAKE) get-rpms + @$(MAKE) get-licenses @$(MAKE) build .https-access: ## Check HTTPS access (required to build images) @@ -62,13 +64,17 @@ all: ## Get RPMs, and build images printf "$(RED)** HTTPS connectivity is down **$(RESET)\n" && exit 1; \ fi -get-rpms: ## Get RPMs from the RPMS directory in rpmbuild +get-rpms: ## Get RPMs from the source RPM directories @$(MAKE) .get-rpm app=mover rpm=mover arch=noarch @$(MAKE) .get-rpm app=master rpm=master arch=noarch @$(MAKE) .get-rpm app=monitor rpm=monitor arch=noarch .get-rpm: # Create the target directory and get the specified RPM (args: app, rpm, arch) - mkdir -p ecpds/$(app)/rpms && $(COPY)/ecpds-$(rpm)/RPMS/$(arch)/ecpds-$(rpm)-$(TAG).$(arch).rpm ecpds/$(app)/rpms/. + mkdir -p ecpds/$(app)/rpms && cp -f $(RPM_DIR)/ecpds-$(rpm)/RPMS/$(arch)/ecpds-$(rpm)-$(TAG).$(arch).rpm ecpds/$(app)/rpms/. + +get-licenses: ## Get the licenses for the java image + cp -fr $(LICENSES_DIR)/licenses* ecpds/java/. + cp -f ../AUTHORS ../LICENSE.txt ../NOTICE ../VERSION ecpds/java/. build: .https-access ## Build database, Java, and service images @$(MAKE) .build app=database tag=$(TAG) @@ -118,10 +124,11 @@ push: .checkcr ## Push images to CR $(DOCKER) push $(CR_URL)/$(app):$(tag) $(DOCKER) push $(CR_URL)/$(app) -clean: ## Remove all RPMs +clean: ## Remove all RPMs and licenses @$(MAKE) .clean app=mover @$(MAKE) .clean app=master @$(MAKE) .clean app=monitor + cd ecpds/java && rm -fr AUTHORS LICENSE.txt NOTICE VERSION licenses* .clean: # Remove RPMs for the specified app (arg: app) rm -f ecpds/$(app)/rpms/ecpds-*-*.*.rpm diff --git a/docker/ecpds/java/.gitignore b/docker/ecpds/java/.gitignore new file mode 100644 index 00000000..6a78f294 --- /dev/null +++ b/docker/ecpds/java/.gitignore @@ -0,0 +1,6 @@ +AUTHORS +LICENSE.txt +NOTICE +VERSION +licenses.xml +licenses diff --git a/docker/ecpds/java/Dockerfile b/docker/ecpds/java/Dockerfile index 72a2e64b..24487683 100755 --- a/docker/ecpds/java/Dockerfile +++ b/docker/ecpds/java/Dockerfile @@ -30,3 +30,7 @@ RUN java -Xshare:dump # Re-enable disabled algorithms to allow connecting to low security sites COPY java.security $JAVA_HOME/conf/security/. + +# Copy licences and related files +COPY AUTHORS LICENSE.txt NOTICE VERSION licenses.xml . +COPY licenses /licenses diff --git a/pom.xml b/pom.xml index 1ab984c0..067e03e4 100644 --- a/pom.xml +++ b/pom.xml @@ -5,10 +5,9 @@ ecmwf product-data-store 6.7.9 - Product Data Store (PDS) + Product Data Store (OpenECPDS) Product Data Store for Acquisition and Dissemination activities - - https://www.ecmwf.int/en/newsletter/159/computing/ecmwf-production-data-store + https://github.com/ecmwf/open-ecpds jar UTF-8 @@ -213,23 +212,6 @@ - - org.codehaus.mojo - license-maven-plugin - 2.4.0 - - true - - Apache-2.0 - - apache_v2 - ECMWF - 2004 - - **/*.java - - - org.apache.maven.plugins maven-dependency-plugin @@ -252,6 +234,35 @@ + + org.codehaus.mojo + license-maven-plugin + 2.4.0 + + + org.apache.logging.log4j + log4j-core + 2.24.0 + + + org.apache.logging.log4j + log4j-api + 2.24.0 + + + + ignore + + + + download-licenses + prepare-package + + download-licenses + + + + org.owasp dependency-check-maven