Skip to content

Generate NOTICE.txt from deps in shipped binary #215

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Jun 8, 2022
Merged

Generate NOTICE.txt from deps in shipped binary #215

merged 4 commits into from
Jun 8, 2022

Conversation

stuartnelson3
Copy link
Contributor

The original implementation, using go list -m -json all, lists dependencies that aren't actually being used in the shipped binary.

The change here lists only dependencies being shipped to the customer, then uses that information to query the full module information used by go-license-detector.

Since this is a small project I manually verified that the dependencies don't themselves have any dependencies that should be included in our NOTICE.txt.

Output of go list query:

# go list -deps -f '{{define "M"}}{{.Path}}@{{.Version}}{{end}}{{with .Module}}{{if not .Main}}{{if .Replace}}{{template "M" .Replace}}{{else}}{{template "M" .}}{{end}}{{end}}{{end}}' | sort -u
github.com/pkg/[email protected]
go.elastic.co/[email protected]
go.uber.org/[email protected]
go.uber.org/[email protected]
go.uber.org/[email protected]

This can be verified against the binary:

# go version -m ./bin/extensions/apm-lambda-extension 
./bin/extensions/apm-lambda-extension: go1.18.1
	path	command-line-arguments
	dep	elastic/apm-lambda-extension	(devel)	
	dep	github.com/pkg/errors	v0.9.1	h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
	dep	go.elastic.co/ecszap	v1.0.1	h1:mBxqEJAEXBlpi5+scXdzL7LTFGogbuxipJC0KTZicyA=
	dep	go.uber.org/atomic	v1.9.0	h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE=
	dep	go.uber.org/multierr	v1.8.0	h1:dg6GjLku4EH+249NNmoIciG9N/jURbDG+pFlTkhzIC8=
	dep	go.uber.org/zap	v1.21.0	h1:WefMeulhovoZ2sYXz7st6K0sLj7bBhpiFaud4r4zST8=
	build	-compiler=gc
	build	CGO_ENABLED=1
	build	CGO_CFLAGS=
	build	CGO_CPPFLAGS=
	build	CGO_CXXFLAGS=
	build	CGO_LDFLAGS=
	build	GOARCH=amd64
	build	GOOS=linux
	build	GOAMD64=v1

The -m flag causes go version to print each executable’s embedded module version information

https://go.dev/ref/mod#go-version-m

@stuartnelson3 stuartnelson3 requested review from a team and jlvoiseux June 7, 2022 09:40
@github-actions github-actions bot added the aws-λ-extension AWS Lambda Extension label Jun 7, 2022
@ghost
Copy link

ghost commented Jun 7, 2022
edited by ghost
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Start Time: 2022-06-08T06:08:28.921+0000

  • Duration: 4 min 34 sec

Test stats 🧪

Test Results
Failed 0
Passed 200
Skipped 4
Total 204

🤖 GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

  • run elasticsearch-ci/docs : Re-trigger the docs validation. (use unformatted text in the comment!)

@stuartnelson3 stuartnelson3 mentioned this pull request Jun 7, 2022
Merged
axw
axw approved these changes Jun 8, 2022
View reviewed changes
Copy link
Member

@axw axw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good!

@stuartnelson3
Merge branch 'main' into notice-txt-binary-deps
adbc0c5
@stuartnelson3
set LC_ALL=C for stable sort
69b375b 
from `sort`'s manpage:

>*** WARNING *** The locale specified by the
>environment affects sort order. Set LC_ALL=C to
>get the traditional sort order that uses native
>byte values.

This was the cause for different sort orders
between my machine and CI.
@stuartnelson3 stuartnelson3 merged commit 167ed58 into main Jun 8, 2022
@stuartnelson3 stuartnelson3 deleted the notice-txt-binary-deps branch June 8, 2022 06:19
jlvoiseux pushed a commit that referenced this pull request Jun 9, 2022
@stuartnelson3 @jlvoiseux
Generate NOTICE.txt from deps in shipped binary (#215)
278eb60 
* generate NOTICE.txt from modules in binary

* set LC_ALL=C for stable sort

from `sort`'s manpage:

>*** WARNING *** The locale specified by the
>environment affects sort order. Set LC_ALL=C to
>get the traditional sort order that uses native
>byte values.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@axw axw axw approved these changes

@jlvoiseux jlvoiseux Awaiting requested review from jlvoiseux

Assignees

No one assigned

Labels

aws-λ-extension AWS Lambda Extension

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@stuartnelson3 @axw