add licenses for binary/image

Dockerfile

@@ -19,11 +19,18 @@ COPY controllers/ controllers/
 # Build
 RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GO111MODULE=on go build -a -o manager main.go
 
-# Use distroless as minimal base image to package the manager binary
-# Refer to https://github.com/GoogleContainerTools/distroless for more details
+COPY hack/install-go-licenses.sh hack/
+COPY go-licenses.yaml $WORKDIR
+RUN bash ./hack/install-go-licenses.sh 
+
+COPY third_party/licenses/licenses.csv third_party/licenses/licenses.csv 
+RUN go-licenses save third_party/licenses/licenses.csv --save_path /tmp/NOTICES 
+
 FROM bitnami/minideb:stretch
 WORKDIR /
 COPY --from=builder /workspace/manager .
+COPY third_party/licenses/licenses.csv /workspace/licenses.csv
+COPY --from=builder /tmp/NOTICES /third_party/NOTICES
 USER 65532:65532
 
 ENTRYPOINT ["/manager"]

go-licenses.yaml

@@ -0,0 +1,119 @@
+module:
+  go:
+    version: master
+  overrides:
+  - name: github.com/paddleflow/paddle-operator
+    skip: true
+  - name: cloud.google.com/go/storage
+    version: v1.12.0
+    license:
+      path: LICENSE
+      url: https://github.com/googleapis/google-cloud-go/blob/storage/v1.12.0/LICENSE
+      spdxId: Apache-2.0
+  - name: github.com/jmespath/go-jmespath
+    version: v0.4.0
+    license: # non-standard license file
+      path: LICENSE
+      spdxId: Apache-2.0
+  - name: github.com/aws/aws-sdk-go
+    version: v1.36.1
+    license:
+      path: LICENSE.txt
+      spdxId: Apache-2.0
+    subModules:
+    - path: internal/sync/singleflight
+      license:
+        path: LICENSE
+        spdxId: BSD-3-Clause
+  - name: github.com/davecgh/go-spew
+    version: v1.1.1
+    license:
+      path: LICENSE
+      spdxId: ISC
+  - name: github.com/googleapis/gax-go/v2
+    version: v2.0.5
+    license:
+      path: LICENSE
+      spdxId: BSD-3-Clause
+  - name: golang.org/x/net
+    excludePaths:
+    - html/testdata
+  - name: github.com/gogo/protobuf
+    version: v1.3.2
+    license:
+      path: LICENSE
+      spdxId: BSD-3-Clause / BSD-2-Clause
+  - name: google.golang.org/protobuf
+    version: v1.26.0
+    license:
+      path: LICENSE
+      spdxId: BSD-3-Clause
+  - name: gopkg.in/yaml.v2
+    version: v2.3.0
+    license:
+      path: LICENSE
+      spdxId: Apache-2.0 / MIT # gopkg.in/yaml.v2 is port of a MIT licensed library
+  - name: gopkg.in/yaml.v3
+    version: v3.0.0-20210107192922-496545a6307b
+    license:
+      path: LICENSE
+      spdxId: Apache-2.0 / MIT # gopkg.in/yaml.v3 is port of a MIT licensed library
+  - name: go.opencensus.io
+    version: v0.22.5
+    license:
+      path: LICENSE
+      url: https://github.com/census-instrumentation/opencensus-go/blob/v0.22.5/LICENSE
+      spdxId: Apache-2.0
+  - name: sigs.k8s.io/yaml
+    version: v1.2.0
+    license:
+      path: LICENSE
+      spdxId: MIT / BSD-3-Clause
+  - name: go.uber.org/atomic
+    version: v1.7.0
+    license:
+      path: LICENSE
+      spdxId: MIT
+      url: https://github.com/uber-go/atomic/blob/v1.7.0/LICENSE.txt
+  - name: go.uber.org/zap
+    version: v1.17.0
+    license:
+      path: LICENSE
+      spdxId: MIT
+      url: https://github.com/uber-go/zap/blob/v1.17.0/LICENSE.txt
+  - name: go.uber.org/multierr
+    version: v1.6.0
+    license:
+      path: LICENSE
+      spdxId: MIT
+      url: https://github.com/uber-go/multierr/blob/v1.6.0/LICENSE.txt
+  - name: github.com/Azure/go-autorest/autorest
+    version: v0.9.6
+    license:
+      path: LICENSE
+      spdxId: Apache-2.0
+      url: https://github.com/Azure/go-autorest/blob/autorest/v0.9.6/LICENSE
+  - name: github.com/Azure/go-autorest/autorest/adal
+    version: v0.8.2
+    license:
+      path: LICENSE
+      spdxId: Apache-2.0
+      url: https://github.com/Azure/go-autorest/blob/autorest/adal/v0.8.2/LICENSE
+  - name: github.com/Azure/go-autorest/autorest/date
+    version: v0.2.0
+    license:
+      path: LICENSE
+      spdxId: Apache-2.0
+      url: https://github.com/Azure/go-autorest/blob/autorest/date/v0.2.0/LICENSE
+  - name: github.com/Azure/go-autorest/logger
+    version: v0.1.0
+    license:
+      path: LICENSE
+      spdxId: Apache-2.0
+      url: https://github.com/Azure/go-autorest/blob/logger/v0.1.0/LICENSE
+  - name: github.com/Azure/go-autorest/tracing
+    version: v0.5.0
+    license:
+      path: LICENSE
+      spdxId: Apache-2.0
+      url: https://github.com/Azure/go-autorest/blob/tracing/v0.5.0/LICENSE

hack/install-go-licenses.sh

@@ -0,0 +1,27 @@
+#!/bin/sh
+#
+# Copyright 2021 The Kubeflow Authors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -ex
+
+DOWNLOAD_URL="https://github.com/Bobgy/go-licenses/releases/download/v0.0.0-2021-06-27/go-licenses-linux.tar.gz"
+if which wget; then
+	wget "${DOWNLOAD_URL}"
+else
+	curl -LO "${DOWNLOAD_URL}"
+fi
+tar xvf go-licenses-linux.tar.gz
+mv go-licenses /usr/local/bin
+mv licenses /usr/local/bin

third_party/licenses/licenses.csv

@@ -0,0 +1,75 @@
+# Generated by https://github.com/google/go-licenses/v2. DO NOT EDIT.
+cloud.google.com/go, https://github.com/googleapis/google-cloud-go/blob/v0.51.0/LICENSE, Apache-2.0
+cloud.google.com/go, https://github.com/googleapis/google-cloud-go/blob/v0.51.0/cmd/go-cloud-debug-agent/internal/debug/elf/elf.go, BSD-2-Clause
+github.com/Azure/go-autorest/autorest, https://github.com/Azure/go-autorest/blob/autorest/v0.9.6/LICENSE, Apache-2.0
+github.com/Azure/go-autorest/autorest/adal, https://github.com/Azure/go-autorest/blob/autorest/adal/v0.8.2/LICENSE, Apache-2.0
+github.com/Azure/go-autorest/autorest/date, https://github.com/Azure/go-autorest/blob/autorest/date/v0.2.0/LICENSE, Apache-2.0
+github.com/Azure/go-autorest/logger, https://github.com/Azure/go-autorest/blob/logger/v0.1.0/LICENSE, Apache-2.0
+github.com/Azure/go-autorest/tracing, https://github.com/Azure/go-autorest/blob/tracing/v0.5.0/LICENSE, Apache-2.0
+github.com/beorn7/perks, https://github.com/beorn7/perks/blob/v1.0.1/LICENSE, MIT
+github.com/beorn7/perks, https://github.com/beorn7/perks/blob/v1.0.1/README.md, MIT
+github.com/cespare/xxhash/v2, https://github.com/cespare/xxhash/blob/v2.1.1/LICENSE.txt, MIT
+github.com/coreos/go-semver, https://github.com/coreos/go-semver/blob/v0.3.0/LICENSE, Apache-2.0
+github.com/coreos/go-systemd/v22, https://github.com/coreos/go-systemd/blob/v22.3.2/LICENSE, Apache-2.0
+github.com/davecgh/go-spew, https://github.com/davecgh/go-spew/blob/v1.1.1/LICENSE, ISC
+github.com/dgrijalva/jwt-go, https://github.com/dgrijalva/jwt-go/blob/v3.2.0/LICENSE, MIT
+github.com/evanphx/json-patch, https://github.com/evanphx/json-patch/blob/v4.9.0/LICENSE, BSD-3-Clause
+github.com/fsnotify/fsnotify, https://github.com/fsnotify/fsnotify/blob/v1.4.9/LICENSE, BSD-3-Clause
+github.com/go-logr/logr, https://github.com/go-logr/logr/blob/v0.3.0/LICENSE, Apache-2.0
+github.com/go-logr/zapr, https://github.com/go-logr/zapr/blob/v0.2.0/LICENSE, Apache-2.0
+github.com/gogo/protobuf, https://github.com/gogo/protobuf/blob/v1.3.2/LICENSE, BSD-3-Clause / BSD-2-Clause
+github.com/golang/groupcache, https://github.com/golang/groupcache/blob/215e87163ea7/LICENSE, Apache-2.0
+github.com/golang/protobuf, https://github.com/golang/protobuf/blob/v1.5.2/LICENSE, BSD-3-Clause
+github.com/google/go-cmp, https://github.com/google/go-cmp/blob/v0.5.5/LICENSE, BSD-3-Clause
+github.com/google/gofuzz, https://github.com/google/gofuzz/blob/v1.1.0/LICENSE, Apache-2.0
+github.com/google/uuid, https://github.com/google/uuid/blob/v1.1.2/LICENSE, BSD-3-Clause
+github.com/googleapis/gnostic, https://github.com/googleapis/gnostic/blob/v0.5.1/LICENSE, Apache-2.0
+github.com/hashicorp/golang-lru, https://github.com/hashicorp/golang-lru/blob/v0.5.4/LICENSE, MPL-2.0
+github.com/imdario/mergo, https://github.com/imdario/mergo/blob/v0.3.10/LICENSE, BSD-3-Clause
+github.com/json-iterator/go, https://github.com/json-iterator/go/blob/v1.1.11/LICENSE, MIT
+github.com/matttproud/golang_protobuf_extensions, https://github.com/matttproud/golang_protobuf_extensions/blob/c182affec369/LICENSE, Apache-2.0
+github.com/matttproud/golang_protobuf_extensions, https://github.com/matttproud/golang_protobuf_extensions/blob/c182affec369/testdata/test.proto, BSD-3-Clause
+github.com/modern-go/concurrent, https://github.com/modern-go/concurrent/blob/bacd9c7ef1dd/LICENSE, Apache-2.0
+github.com/modern-go/reflect2, https://github.com/modern-go/reflect2/blob/v1.0.1/LICENSE, Apache-2.0
+github.com/pkg/errors, https://github.com/pkg/errors/blob/v0.9.1/LICENSE, BSD-2-Clause
+github.com/prometheus/client_golang, https://github.com/prometheus/client_golang/blob/v1.11.0/LICENSE, Apache-2.0
+github.com/prometheus/client_model, https://github.com/prometheus/client_model/blob/v0.2.0/LICENSE, Apache-2.0
+github.com/prometheus/common, https://github.com/prometheus/common/blob/v0.26.0/LICENSE, Apache-2.0
+github.com/prometheus/common, https://github.com/prometheus/common/blob/v0.26.0/internal/bitbucket.org/ww/goautoneg/README.txt, BSD-3-Clause
+github.com/prometheus/common, https://github.com/prometheus/common/blob/v0.26.0/internal/bitbucket.org/ww/goautoneg/autoneg.go, BSD-3-Clause
+github.com/prometheus/common, https://github.com/prometheus/common/blob/v0.26.0/internal/bitbucket.org/ww/goautoneg/autoneg_test.go, BSD-3-Clause
+github.com/prometheus/procfs, https://github.com/prometheus/procfs/blob/v0.6.0/LICENSE, Apache-2.0
+github.com/spf13/pflag, https://github.com/spf13/pflag/blob/v1.0.5/LICENSE, BSD-3-Clause
+go.etcd.io/etcd/api/v3, https://github.com/etcd-io/etcd/blob/v3.5.0/LICENSE, Apache-2.0
+go.etcd.io/etcd/client/pkg/v3, https://github.com/etcd-io/etcd/blob/v3.5.0/LICENSE, Apache-2.0
+go.etcd.io/etcd/client/v3, https://github.com/etcd-io/etcd/blob/v3.5.0/LICENSE, Apache-2.0
+go.uber.org/atomic, https://github.com/uber-go/atomic/blob/v1.7.0/LICENSE.txt, MIT
+go.uber.org/multierr, https://github.com/uber-go/multierr/blob/v1.6.0/LICENSE.txt, MIT
+go.uber.org/zap, https://github.com/uber-go/zap/blob/v1.17.0/LICENSE.txt, MIT
+golang.org/x/crypto, https://github.com/golang/crypto/blob/75b288015ac9/LICENSE, BSD-3-Clause
+golang.org/x/net, https://github.com/golang/net/blob/a5a99cb37ef4/LICENSE, BSD-3-Clause
+golang.org/x/oauth2, https://github.com/golang/oauth2/blob/bf48bf16ab8d/LICENSE, BSD-3-Clause
+golang.org/x/sys, https://github.com/golang/sys/blob/ebe580a85c40/LICENSE, BSD-3-Clause
+golang.org/x/text, https://github.com/golang/text/blob/v0.3.5/LICENSE, BSD-3-Clause
+golang.org/x/time, https://github.com/golang/time/blob/3af7569d3a1e/LICENSE, BSD-3-Clause
+gomodules.xyz/jsonpatch/v2, https://github.com/gomodules/jsonpatch/blob/v2.1.0/LICENSE, Apache-2.0
+google.golang.org/genproto, https://github.com/googleapis/go-genproto/blob/f16073e35f0c/LICENSE, Apache-2.0
+google.golang.org/grpc, https://github.com/grpc/grpc-go/blob/v1.38.0/LICENSE, Apache-2.0
+google.golang.org/protobuf, https://github.com/protocolbuffers/protobuf-go/blob/v1.26.0/LICENSE, BSD-3-Clause
+gopkg.in/inf.v0, https://github.com/go-inf/inf/blob/v0.9.1/LICENSE, BSD-3-Clause
+gopkg.in/yaml.v2, https://github.com/go-yaml/yaml/blob/v2.3.0/LICENSE, Apache-2.0 / MIT
+gopkg.in/yaml.v3, https://github.com/go-yaml/yaml/blob/496545a6307b/LICENSE, Apache-2.0 / MIT
+k8s.io/api, https://github.com/kubernetes/api/blob/v0.19.2/LICENSE, Apache-2.0
+k8s.io/apiextensions-apiserver, https://github.com/kubernetes/apiextensions-apiserver/blob/v0.19.2/LICENSE, Apache-2.0
+k8s.io/apimachinery, https://github.com/kubernetes/apimachinery/blob/v0.19.2/LICENSE, Apache-2.0
+k8s.io/client-go, https://github.com/kubernetes/client-go/blob/v0.19.2/LICENSE, Apache-2.0
+k8s.io/component-base, https://github.com/kubernetes/component-base/blob/v0.19.2/LICENSE, Apache-2.0
+k8s.io/klog/v2, https://github.com/kubernetes/klog/blob/v2.2.0/LICENSE, Apache-2.0
+k8s.io/kube-openapi, https://github.com/kubernetes/kube-openapi/blob/6aeccd4b50c6/LICENSE, Apache-2.0
+k8s.io/utils, https://github.com/kubernetes/utils/blob/4140de9c8800/LICENSE, Apache-2.0
+k8s.io/utils, https://github.com/kubernetes/utils/blob/4140de9c8800/inotify/LICENSE, BSD-3-Clause
+k8s.io/utils, https://github.com/kubernetes/utils/blob/4140de9c8800/third_party/forked/golang/LICENSE, BSD-3-Clause
+sigs.k8s.io/controller-runtime, https://github.com/kubernetes-sigs/controller-runtime/blob/v0.7.0/LICENSE, Apache-2.0
+sigs.k8s.io/structured-merge-diff/v4, https://github.com/kubernetes-sigs/structured-merge-diff/blob/v4.0.1/LICENSE, Apache-2.0
+sigs.k8s.io/yaml, https://github.com/kubernetes-sigs/yaml/blob/v1.2.0/LICENSE, MIT / BSD-3-Clause
+volcano.sh/apis, https://github.com/volcano-sh/apis/blob/v1.3.0-k8s1.18.3-alpha.3/LICENSE, Apache-2.0