Closed mrutkows closed 6 years ago
The question came up about how we should (or even if we should) list services and tooling the project depends upon to build and run.
For example, we need Ansible and CouchDB (until a Memory Artifactory is completed) (see https://github.com/apache/incubator-openwhisk/blob/master/tools/travis/setup.sh)
With the noted library use in LICENSE of "logback: which uses LGPL, have we done enough? After reading the advice in URL below, we address #2, but can we address #1?
as noted logback is default logger as per docs: https://github.com/apache/incubator-openwhisk/blob/925500cf8d34bb75bebd077ea057af236eba0b01/docs/logging.md
Default Logging Provider
OpenWhisk uses Logback as default logging provider via slf4j.
Logback can be configured in the configuration file logback.xml.
Besides other things this configuration file defines the default log level for OpenWhisk.
Akka Logging inherits the log level defined here.
If we can show another logger over the same Interface this could satisfy #1
We should add below files the exclusion list
configurations:
openwhisk/ansible/group_vars/all
openwhisk/ansible/environments/docker-machine/group_vars/all
openwhisk/ansible/environments/distributed/group_vars/all
openwhisk/ansible/environments/distributed/files/openstack/openstack.env
openwhisk/ansible/environments/distributed/hosts
openwhisk/ansible/environments/vagrant/group_vars/all
openwhisk/ansible/environments/vagrant/hosts
openwhisk/ansible/environments/local/group_vars/all
openwhisk/ansible/ansible.cfg
openwhisk/ansible/files/package-versions.ini
openwhisk/tools/eclipse/scala.properties
openwhisk/tools/eclipse/java.xml
openwhisk/tools/build/scanCode.cfg
openwhisk/tools/jenkins/apache/dockerhub.groovy
openwhisk/core/invoker/src/main/resources/application.conf
openwhisk/core/controller/src/main/resources/application.conf
openwhisk/core/controller/src/main/resources/reference.conf
openwhisk/common/scala/src/main/resources/logback.xml
openwhisk/common/scala/src/main/resources/logging.conf
openwhisk/common/scala/src/main/resources/application.conf
openwhisk/common/scala/src/main/resources/reference.conf
openwhisk/performance/gatling_tests/src/gatling/resources/conf/logback.xml
openwhisk/performance/wrk_tests/post.lua
legal documents
openwhisk/CREDITS.txt
openwhisk/licenses/LICENSE-scala.txt
openwhisk/licenses/LICENSE-apachehttpcomponentsclient.txt
openwhisk/licenses/LICENSE-pureconfig.txt
openwhisk/licenses/LICENSE-logbackclassic.txt
openwhisk/licenses/LICENSE-jsr305.txt
Very short files without any creativity
openwhisk/actionRuntimes/python2Action/Dockerfile
openwhisk/actionRuntimes/swift4.1Action/Dockerfile
openwhisk/actionRuntimes/nodejs6Action/Dockerfile
openwhisk/actionRuntimes/javaAction/Dockerfile
openwhisk/actionRuntimes/swift3.1.1Action/Dockerfile
openwhisk/actionRuntimes/nodejs8Action/Dockerfile
openwhisk/actionRuntimes/actionProxy/Dockerfile
openwhisk/actionRuntimes/pythonAction/Dockerfile
openwhisk/actionRuntimes/php7.1Action/Dockerfile
openwhisk/sdk/docker/Dockerfile
We need to change RAT config and scan tool config to exclude these files. Issue #125 is created.
@houshengbo @daisy-ycguo It appears that a performance test was recently added to main openwhisk repo. (under performance dirctory) which is of type ".lua" and has no license.
See PR https://github.com/apache/incubator-openwhisk/pull/3527
This means either we work to document this as a ASF license header exclusion (1 line file) and also, now document a LUA dependency, or work with community (and PR authors) to change required test dependencies.
@daisy-ycguo @houshengbo Added exclusion for "performance" directory for main openwhisk: PR https://github.com/apache/incubator-openwhisk-utilities/pull/26
@daisy-ycguo @houshengbo Carlos and I were chatting about a PR for scancode and we started talking about the new "performance" directory under main openwhisk. It now has new dependencies...
here is what we need to look at closely as these may not have public licenses...
Need to see the license on the docker image we use `williamyeh/wrk`
https://hub.docker.com/r/williamyeh/wrk/
Carlos found:
hyis one doesn’t seem to have a license:
https://github.com/William-Yeh/docker-wrk/blob/master/Dockerfile
GitHub
William-Yeh/docker-wrk
docker-wrk - A minimal wrk image for Docker - Modern HTTP benchmarking tool.
checking `FROM williamyeh/ansible:mini-alpine3`
Carlos commented:
`performance` folder can be deleted and not included in the release .tgz
same for `tests` no need it in the release.tgz
but nice to include if possible
Found it
wrk is Apache 2.0 https://github.com/wg/wrk/blob/master/LICENSE
GitHub
wg/wrk
wrk - Modern HTTP benchmarking tool
Carlos then found the downstream deps:
then wrk depends on LUAJIT and OpenSSL https://github.com/wg/wrk/blob/master/INSTALL#L11
GitHub
wg/wrk
wrk - Modern HTTP benchmarking tool
@mrutkows I don't quite understand the reason to exclude the whole performance
folder. Do you want to exclude only .lua
files from header checking ? or you want to exclude LUA dependency from legal files ?
@daisy-ycguo what Carlos is saying, and I agree, is that we may need to exclude these tests from any release packaging.
Carlos seems to have found that the perf. test tool has an Apache 2 license... https://github.com/wg/wrk/blob/master/LICENSE
@daisy-ycguo again, this is a TRACKING issue to record/track/discuss issues we encounter that MAY affect license file for each repo. I have not asked anyone to do anything at this point.
(my comment)... perhaps we should move “performance” under “tests” dir. to clarify and simplify our exclusions (both in docs and in release tooling)
A PR https://github.com/apache/incubator-openwhisk/pull/3596 is proposed to add short license header to test data files.
I also found that below files should be excluded from license header checking. I will update the document and pom.xml later.
openwhisk/tests/dat/apigw/testswaggerdocinvalid
openwhisk/tests/dat/apigw/testswaggerdoc2
openwhisk/tests/dat/apigw/testswaggerdoc1
openwhisk/tests/src/test/resources/application.conf.j2
Add openwhisk/tests/dat/actions/empty.js
to exclusion list because it will cause test fail if adding header.
Please use this issue to track any issues surrounding either the LICENSE.txt or NOTICE.txt file for the associated repository listed in the title.
Open Issues/PRs:
Closed Issues/Merged PRs:
Related PRs:
Notes: Please use this issue to document directories/files (by extension) or individual files we have decided will not require a LICENSE header because it falls under an allowed Apache category (see https://www.apache.org/legal/src-headers.html)