Added a way to describe package's licence manual check (#50)

Author: acabarbaye

mbed_tools_ci_scripts/spdx_report/spdx_helpers.py

@@ -19,7 +19,7 @@
 import toml
 from pathlib import Path
 from spdx.utils import SPDXNone, UnKnown
-from typing import Union, Optional, Iterator, Iterable, Any
+from typing import Union, Optional, Iterator, Any, Tuple
 
 from mbed_tools_ci_scripts.utils.configuration import ConfigurationVariable, configuration
 from mbed_tools_ci_scripts.utils.definitions import UNKNOWN
@@ -106,21 +106,39 @@ def ignore_path(p: Path) -> bool:
     return list_all_files(project_root, ignore_path)
 
 
-def determine_checked_packages_from_string(checked_packages: Any) -> Iterable[Any]:
-    """Determines the list of packages for which the licence has been checked."""
+def _convert_list_into_dict(checked_packages: Any) -> dict:
+    checked_package_description = dict()
+    for item in checked_packages:
+        info = item.split("=" if "=" in item else ":")
+        checked_package_description[info[0].strip()] = info[-1].strip() if len(info) > 1 else None
+    return checked_package_description
+
+
+def determine_checked_packages_from_configuration_entry(checked_packages: Any) -> dict:
+    """Determines the list of packages for which the licence has been manually checked."""
     if isinstance(checked_packages, str):
         checked_packages = checked_packages.split(", ")
-    if isinstance(checked_packages, (list, dict, tuple, set)):
-        yield from checked_packages
+    if isinstance(checked_packages, (list, tuple, set)):
+        return _convert_list_into_dict(checked_packages)
+    if isinstance(checked_packages, dict):
+        return checked_packages
+    return dict()
 
 
-def get_packages_with_checked_licence() -> Iterable[str]:
+def get_packages_with_checked_licence() -> dict:
     """Determines the list of packages for which the licence has been checked from configuration."""
-    yield from determine_checked_packages_from_string(
+    return determine_checked_packages_from_configuration_entry(
         configuration.get_value(ConfigurationVariable.PACKAGES_WITH_CHECKED_LICENCE)
     )
 
 
-def is_package_licence_checked(package_name: str) -> bool:
-    """States whether the licence of a package has been checked and hence, that its licence is compliant."""
-    return package_name.strip() in get_packages_with_checked_licence()
+def get_package_manual_check(package_name: str) -> Tuple[bool, Optional[str]]:
+    """Gets information about package licence manual check."""
+    checked_packages = get_packages_with_checked_licence()
+    return bool(package_name.strip() in checked_packages), checked_packages.get(package_name.strip())
+
+
+def is_package_licence_manually_checked(package_name: str) -> bool:
+    """States whether the licence of a package has been manually checked and hence, that its licence is compliant."""
+    checked, _ = get_package_manual_check(package_name)
+    return checked

mbed_tools_ci_scripts/spdx_report/spdx_project.py

@@ -13,7 +13,7 @@
 from mbed_tools_ci_scripts.spdx_report.spdx_document import SpdxDocument
 from mbed_tools_ci_scripts.utils.hash_helpers import determine_sha1_hash_of_file
 from mbed_tools_ci_scripts.utils.package_helpers import ProjectMetadataParser
-from mbed_tools_ci_scripts.spdx_report.spdx_helpers import is_package_licence_checked
+from mbed_tools_ci_scripts.spdx_report.spdx_helpers import is_package_licence_manually_checked
 from mbed_tools_ci_scripts.spdx_report.spdx_summary import SummaryGenerator
 
 
@@ -126,7 +126,7 @@ def _report_issues(self, issues: Dict[str, str]) -> None:
 
     def _check_one_licence_compliance(self, spdx_document: SpdxDocument, issues: Dict[str, str]) -> None:
         main_valid, actual_valid, name, main_licence, actual_licence = _check_package_licence(spdx_document)
-        if not ((main_valid and actual_valid) or is_package_licence_checked(name)):
+        if not ((main_valid and actual_valid) or is_package_licence_manually_checked(name)):
             issues[name] = actual_licence if main_valid else main_licence
 
     def _check_package_dependencies_licence_compliance(self, issues: Dict[str, str]) -> None:

mbed_tools_ci_scripts/spdx_report/spdx_summary.py

@@ -1,12 +1,15 @@
+#
+# Copyright (C) 2020 Arm Mbed. All rights reserved.
+# SPDX-License-Identifier: Apache-2.0
+#
 """Summary generators."""
 import datetime
 import jinja2
 import logging
-import os
 from pathlib import Path
 from typing import List, Tuple, Optional, Dict, Any
 
-from mbed_tools_ci_scripts.spdx_report.spdx_helpers import is_package_licence_checked
+from mbed_tools_ci_scripts.spdx_report.spdx_helpers import get_package_manual_check
 from mbed_tools_ci_scripts.spdx_report.spdx_package import SpdxPackage
 
 JINJA_TEMPLATE_SUMMARY_HTML = "third_party_IP_report.html.jinja2"
@@ -60,7 +63,7 @@ def _generate_template_arguments(self) -> Dict[str, Any]:
             "name": self.project.name,
             "compliance": global_compliance,
             "compliance_details": (
-                f"Project [{self.project.name}]'s licence is compliant: {self.project.licence}.{os.linesep}"
+                f"Project [{self.project.name}]'s licence is compliant: {self.project.licence}."
                 "All its dependencies are also compliant licence-wise."
             )
             if global_compliance
@@ -76,19 +79,24 @@ def _generate_packages_description(self) -> Tuple[bool, dict]:
         for p in self.all_packages:
             main_licence_valid = p.is_main_licence_accepted
             actual_licence_valid = p.is_licence_accepted
-            package_checked = is_package_licence_checked(p.name)
+            package_manually_checked, manual_check_details = get_package_manual_check(p.name)
             is_licence_compliant = main_licence_valid and actual_licence_valid
-            is_compliant = is_licence_compliant or package_checked
+            is_compliant = is_licence_compliant or package_manually_checked
             if not is_compliant:
                 global_compliance = False
             description_list[p.name] = self._generate_description_for_one_package(
-                is_compliant, is_licence_compliant, package_checked, p
+                is_compliant, is_licence_compliant, package_manually_checked, manual_check_details, p
             )
 
         return global_compliance, description_list
 
     def _generate_description_for_one_package(
-        self, is_compliant: bool, is_licence_compliant: bool, package_checked: bool, p: SpdxPackage
+        self,
+        is_compliant: bool,
+        is_licence_compliant: bool,
+        package_manually_checked: bool,
+        manual_check_details: Optional[str],
+        p: SpdxPackage,
     ) -> dict:
         return {
             "name": p.name,
@@ -100,8 +108,8 @@ def _generate_description_for_one_package(
             "licence_compliance_details": "Licence is compliant."
             if is_licence_compliant
             else (
-                "Package's licence has been checked"
-                if package_checked
+                f"Package's licence manually checked: {manual_check_details}"
+                if package_manually_checked
                 else "Licence is not compliant according to project's configuration."
             ),
         }

news/20200424.feature

@@ -0,0 +1 @@
+Changed the configuration type entry for package licence compliance check.

pyproject.toml

@@ -18,7 +18,19 @@ DOCUMENTATION_PRODUCTION_OUTPUT_PATH = "docs"
 VERSION_FILE_PATH = "mbed_tools_ci_scripts/_version.py"
 CHANGELOG_FILE_PATH = "CHANGELOG.md"
 AWS_BUCKET=""
-PACKAGES_WITH_CHECKED_LICENCE=["jeepney", "chardet", "zipp", "python-dateutil", "keyring", "setuptools", "GitPython", "pdoc3", "python-dotenv", "twine", "jellyfish"]
+
+[ProjectConfig.PACKAGES_WITH_CHECKED_LICENCE]
+jeepney="MIT"
+chardet="LGPL-2.1+ but accepted for this project since not distributed."
+zipp="MIT"
+python-dateutil="All contributions after December 1, 2017 released under dual license - either Apache 2.0 License or the BSD 3-Clause License."
+keyring="MIT"
+setuptools="MIT"
+GitPython="BSD-3-Clause"
+pdoc3="Accepted for this project since not distributed"
+python-dotenv="BSD-3-Clause"
+twine="Apache-2.0"
+jellyfish="BSD-2-Clause"
 
 [AutoVersionConfig]
 CONFIG_NAME = "DEFAULT"

tests/spdx/test_spdx_helper.py

@@ -0,0 +1,43 @@
+#
+# Copyright (C) 2020 Arm Mbed. All rights reserved.
+# SPDX-License-Identifier: Apache-2.0
+#
+from unittest import TestCase
+
+from mbed_tools_ci_scripts.spdx_report.spdx_helpers import determine_checked_packages_from_configuration_entry
+
+
+class TestSpdxHelpers(TestCase):
+    def test_parse_configuration_entry(self):
+        expected_dictionary = dict(package1="Checked", package2="Accepted licence : MIT", package3="!!!!!")
+        self.assertDictEqual(
+            expected_dictionary, determine_checked_packages_from_configuration_entry(expected_dictionary)
+        )
+        self.assertDictEqual(
+            expected_dictionary,
+            determine_checked_packages_from_configuration_entry(
+                "package1 = Checked, package2= Accepted licence : MIT , package3=!!!!! "
+            ),
+        )
+        self.assertDictEqual(
+            expected_dictionary,
+            determine_checked_packages_from_configuration_entry(
+                ["package1 = Checked", " package2= Accepted licence : MIT ", " package3=!!!!! "]
+            ),
+        )
+        expected_dictionary = dict(package1="Checked", package2="Accepted licence (MIT)", package3="!!!!!")
+        self.assertDictEqual(
+            expected_dictionary, determine_checked_packages_from_configuration_entry(expected_dictionary)
+        )
+        self.assertDictEqual(
+            expected_dictionary,
+            determine_checked_packages_from_configuration_entry(
+                "package1 : Checked, package2= Accepted licence (MIT) , package3:!!!!! "
+            ),
+        )
+        self.assertDictEqual(
+            expected_dictionary,
+            determine_checked_packages_from_configuration_entry(
+                ["package1 : Checked", " package2: Accepted licence (MIT) ", " package3=!!!!! "]
+            ),
+        )