Add better handling of license when checking

SCA_AUTO_LICENSE_FILTER is now list of regex. Multilevel license expressions are now parsed too
priv-kweihmann · Feb 23, 2019 · 448039a · 448039a
1 parent 46ab4ee
commit 448039a
Show file tree

Hide file tree

Showing 6 changed files with 24 additions and 11 deletions.
diff --git a/README.md b/README.md
@@ -77,7 +77,7 @@ The behavior of the analysis can be controlled by several __bitbake__-variables
 | SCA_ENABLED_MODULES | The analysis modules to be activated | space-separated-string | "eslint shellcheck pylint" for images, "eslint gcc cpplint cppcheck pylint shellcheck cve-check" for other recipe 
 | SCA_SOURCES_DIR | Path where to find the source-files to be checked | path | "\${B}" for recipes, "\${IMAGE_ROOTFS}" for images
 | SCA_WARNING_LEVEL | Filter for severity of findings | string: info, warning or error | "warning"
-| SCA_AUTO_LICENSE_FILTER | Filter according to recipe license if sca should invoked | license-string | "CLOSED"
+| SCA_AUTO_LICENSE_FILTER | Filter according to recipe license if sca should invoked | space separated regular expression | "*"
 
 ### Available configuration for cpplint
 

diff --git a/classes/sca-global.bbclass b/classes/sca-global.bbclass
@@ -7,7 +7,7 @@ SCA_AUTO_INH_ON_IMAGE ?= "1"
 SCA_AUTO_INH_ON_RECIPE ?= "1"
 
 ## Just apply the one of the following license
-SCA_AUTO_LICENSE_FILTER ?= "CLOSED"
+SCA_AUTO_LICENSE_FILTER ?= "*"
 
 ## All findings below this level will be dropped
 ## from checkstyle-result

diff --git a/classes/sca-license-filter.bbclass b/classes/sca-license-filter.bbclass
@@ -1,6 +1,19 @@
 ## This class contains methods for filtering file
 ## according to their license
 
+def sca_get_module_licenses(d):
+    return d.getVar("LICENSE").replace(" ", "").split("&")
+
+def sca_license_filter_match(d, pkglic=[]):
+    import re
+    modlics = pkglic or sca_get_module_licenses(d)
+    for item in d.getVar("SCA_AUTO_LICENSE_FILTER").split(" "):
+        for lic in modlics:
+            if re.match(lic, item, 0):
+                return True
+    return False
+
+
 def sca_filter_by_license_image(d, licenses):
     import oe.packagedata
     import bb
@@ -27,7 +40,7 @@ def sca_filter_by_license_image(d, licenses):
     for item in pack_list:
         try:
             pkgdata = oe.packagedata.read_subpkgdata_dict(item, d)
-            if pkgdata["LICENSE"] not in licenses:
+            if not sca_license_filter_match(d, [ pkgdata["LICENSE"] ]):
                 file_list = pkgdata["FILES_INFO"]
                 if isinstance(file_list, str):
                     import ast
@@ -44,15 +57,15 @@ def sca_filter_by_license_image(d, licenses):
 
     return list(set(ignores))
 
-def sca_filter_by_license_recipe(d, licenses):
-    if not d.getVar("LICENSE") in licenses:
+def sca_filter_by_license_recipe(d):
+    if not sca_license_filter_match(d):
         return []
     return [ 1 ] ## return dummy value
 
 
-def sca_filter_by_license(d, licenses):
+def sca_filter_by_license(d):
     if d.getVar("SCA_MODE") == "image":
-        return sca_filter_by_license_image(d, licenses)
+        return sca_filter_by_license_image(d)
     else:
-        return sca_filter_by_license_recipe(d, licenses)
+        return sca_filter_by_license_recipe(d)
 
diff --git a/classes/sca-on-recipe.bbclass b/classes/sca-on-recipe.bbclass
@@ -15,7 +15,7 @@ def sca_on_recipe_init(d):
     if pn.endswith("-native") or pn.endswith("-nativesdk"):
         ## Do not inherit on native or SDK targets
         return
-    if not any(sca_filter_by_license(d, d.getVar("SCA_AUTO_LICENSE_FILTER").split(" "))):
+    if not any(sca_filter_by_license(d)):
         ## do not apply when license is not matching
         return
     enabledModules = []

diff --git a/classes/sca-pylint-core.bbclass b/classes/sca-pylint-core.bbclass
@@ -38,7 +38,7 @@ python do_sca_pylint_core() {
         f.write("[sys.path.insert(0, a) for a in \"{}\".split(\":\")];\n".format(d.getVar("SCA_PYLINT_LIBATH")))
 
     _args += get_files_by_extention_or_shebang(d, d.getVar("SCA_SOURCES_DIR"), ".*/python3", ".py",
-                                               sca_filter_by_license(d, d.getVar("SCA_AUTO_LICENSE_FILTER").split(" ")))
+                                               sca_filter_by_license(d))
 
     try:
         cmd_output = subprocess.check_output(_args, universal_newlines=True)

diff --git a/classes/sca-shellcheck-core.bbclass b/classes/sca-shellcheck-core.bbclass
@@ -20,7 +20,7 @@ python do_sca_shellcheck_core() {
     xml_output = ""
     for k,v in { "bash": "*./bash", "sh": "*./sh", "ksh": "*./ksh"}.items():
         for item in get_files_by_extention_or_shebang(d, d.getVar("SCA_SOURCES_DIR"), v, ".sh",
-                                                      sca_filter_by_license(d, d.getVar("SCA_AUTO_LICENSE_FILTER").split(" "))):
+                                                      sca_filter_by_license(d)):
             _t_args = _args + ["-s", k, item]
             cmd_output = ""
             try: