Giters

WallaceIT / meta-fossology

Meta layer for automatic Fossology scan of sources

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

meta-fossology

Yocto meta-layer for automatic scan of built sources using Fossology.

Build host requirements

  • Yocto build requirements
  • python3-requests
  • python3-requests-toolbelt

How-To

To enable Fossology scan on built sources, following lines shall be added to local.conf file of current Yocto build:

FOSSOLOGY_SERVER = "http://127.0.0.1:8081/repo"
FOSSOLOGY_TOKEN = "<MY-TOKEN>"

FOSSOLOGY_TOKEN shall be set to the value of a read/write token generated through Fossology web UI.

Exclude packages from scan

By default, -initial, -cross, -native, nativesdk- and -cross-canadian packages are excluded from the scan; to customize this behaviour, following variables are available:

# Include *-initial and *-cross packages
FOSSOLOGY_EXCLUDE_CROSS_INITIAL = "0"

# Include *-native packages
FOSSOLOGY_EXCLUDE_NATIVE = "0"

# Include nativesdk-* and *-cross-canadian packages
FOSSOLOGY_EXCLUDE_SDK = "0"

A selection of target packages, contained in FOSSOLOGY_EXCLUDE_PACKAGES, is also excluded.

Select upload folder

Upload folder can be selected through the FOSSOLOGY_FOLDER variable, either using the folder name or its numeric ID.

e.g.

FOSSOLOGY_FOLDER = "My upload folder"

By default the root folder, having ID=1, is used.

Customize analysis and decider agents

Analysis and decider agents can be customized using respectively the FOSSOLOGY_ANALYSIS and FOSSOLOGY_DECIDER variables.

e.g.

FOSSOLOGY_ANALYSIS = "bucket copyright_email_author ecc keyword mime monk nomos"
FOSSOLOGY_DECIDER = "nomos_monk bulk_reused new_scanner"

For available agents see the fossology class.

Customize output report format

Report format can be customized using the FOSSOLOGY_REPORT_FORMAT variable.

e.g.

FOSSOLOGY_REPORT_FORMAT = "spdx2tv"

For available formats see the fossology class.

Report output directory

Once generated, reports will be downloaded to DEPLOY_DIR_FOSSOLOGY, which defaults to tmp/deploy/fossology.

Delete upload from server

In order to delete a specific upload from the Fossology server, the fossology_delete task can be invoked.

e.g.

bitbake -c fossology_delete opkg-utils

License

Meta-fossology layer is released under the MIT license.

Fossology is a Linux Foundation Project with its own licenses; for details, see the Fossology official website.

About

Meta layer for automatic Fossology scan of sources

License:Other

Languages

Language:Python 100.0%