mendersoftware · oldgiova · Nov 29, 2024 · Nov 26, 2024 · Nov 28, 2024 · Nov 28, 2024
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
@@ -62,6 +62,14 @@ variables:
     description: "The repositorywhere to push images"
     value: "mendersoftware"
 
+  # Publish licenses
+  GITHUB_DOCS_REPO_URL:
+    description: "The Github Repo URL where to push the documentation"
+    value: "mendersoftware/mender-docs"
+  LICENSE_REMOTE_FILE:
+    description: "The changelog file in the remote changelog repo"
+    value: "302.Release-information/03.Open-source-licenses/01.Mender-Server/docs.md"
+
 include:
   - project: "Northern.tech/Mender/mendertesting"
     file:
@@ -363,7 +371,7 @@ publish:backend:docker:
     - export MENDER_PUBLISH_TAG="${CI_COMMIT_REF_NAME}"
   script:
     - make -C backend -j 4 docker-publish NOASK=y \
-          SKOPEO_ARGS='--digestfile '''${CI_PROJECT_DIR}'''/.digests/$(COMPONENT)'
+      SKOPEO_ARGS='--digestfile '''${CI_PROJECT_DIR}'''/.digests/$(COMPONENT)'
     - |
       if echo -n "${MENDER_PUBLISH_TAG}" | grep -E '^v[0-9]+\.v[0-9]+\.[0-9]+$'; then
          make -C backend -j 4 docker-publish NOASK=y \
@@ -410,6 +418,41 @@ publish:backend:licenses:
     paths:
       - backend/licenses.md
 
+publish:licenses:docs-site:
+  stage: .post
+  tags:
+    - hetzner-amd-beefy
+  rules:
+    # Only make available for stable branches
+    - if: '$CI_COMMIT_TAG =~ /^v\d+\.\d+\.\d+/'
+      allow_failure: true
+  image: "registry.gitlab.com/northern.tech/mender/mender-test-containers:release-please-v1-master"
+  needs:
+    - job: publish:backend:licenses
+      artifacts: true
+    - job: publish:frontend:licenses
+      artifacts: true
+  before_script:
+    # Setting up git
+    - git config --global user.email "${GITHUB_USER_EMAIL}"
+    - git config --global user.name "${GITHUB_USER_NAME}"
+    # GITHUB_TOKEN for Github cli authentication
+    - export GITHUB_TOKEN=${GITHUB_CLI_TOKEN}
+  script:
+    - git clone https://${GITHUB_USER_NAME}:${GITHUB_BOT_TOKEN_REPO_FULL}@github.com/${GITHUB_DOCS_REPO_URL}
+    - cd ${GITHUB_DOCS_REPO_URL#*/}
+    - git checkout -b licenses-${CI_JOB_ID}
+    - cat ../.licenses_header.md > ${LICENSE_REMOTE_FILE}
+    - cat ../backend/licenses.md >> ${LICENSE_REMOTE_FILE}
+    - cat ../frontend/licenses.md >> ${LICENSE_REMOTE_FILE}
+    - git add ${LICENSE_REMOTE_FILE}
+    - |
+      git commit -s -m "chore: add mender-server open source licenses"
+    - git push origin licenses-${CI_JOB_ID}
+    - gh pr create --title "${CI_COMMIT_TAG} Release - update Mender Server licenses" --body "Automated change to the Mender Server Licenses during ${CI_COMMIT_TAG} release" --base master --head licenses-${CI_JOB_ID}
+  after_script:
+    - git remote remove licenses-${CI_JOB_ID}
+
 coveralls:done:
   image: ${CI_DEPENDENCY_PROXY_DIRECT_GROUP_IMAGE_PREFIX}/curlimages/curl
   stage: .post
@@ -418,7 +461,6 @@ coveralls:done:
   tags:
     - hetzner-amd-beefy
 
-
 lint:commit:
   stage: lint
   needs: []
@@ -437,10 +479,11 @@ changelog:
   image: "registry.gitlab.com/northern.tech/mender/mender-test-containers:release-please-v1-master"
   stage: changelog
   variables:
-    GIT_DEPTH: 0  # Always get the full history
-    GIT_STRATEGY: clone  # Always get the full history
-    GIT_CLIFF__BUMP__INITIAL_TAG: "4.0.0"  # TODO: after the new tag is created,
-                                           # remove this variable
+    GIT_DEPTH: 0 # Always get the full history
+    GIT_STRATEGY: clone # Always get the full history
+    GIT_CLIFF__BUMP__INITIAL_TAG:
+      "4.0.0" # TODO: after the new tag is created,
+      # remove this variable
   tags:
     - hetzner-amd-beefy
   rules:
@@ -456,12 +499,12 @@ changelog:
     - export GITHUB_TOKEN=${GITHUB_CLI_TOKEN}
   script:
     - release-please release-pr
-        --token=${GITHUB_BOT_TOKEN_REPO_FULL}
-        --repo-url=${GITHUB_REPO_URL}
-        --target-branch=${CI_COMMIT_REF_NAME} || echo "INFO - release already exists" # workaround because we shifted to prerelease versioning strategy and there's already a PR open
+      --token=${GITHUB_BOT_TOKEN_REPO_FULL}
+      --repo-url=${GITHUB_REPO_URL}
+      --target-branch=${CI_COMMIT_REF_NAME} || echo "INFO - release already exists" # workaround because we shifted to prerelease versioning strategy and there's already a PR open
     # git cliff: override the changelog
     - test $GIT_CLIFF == "false" && echo "INFO - Skipping git-cliff" && exit 0
-    - git remote add github-${CI_JOB_ID} https://${GITHUB_USER_NAME}:${GITHUB_BOT_TOKEN_REPO_FULL}@github.com/${GITHUB_REPO_URL} || true  # Ignore already existing remote
+    - git remote add github-${CI_JOB_ID} https://${GITHUB_USER_NAME}:${GITHUB_BOT_TOKEN_REPO_FULL}@github.com/${GITHUB_REPO_URL} || true # Ignore already existing remote
     - gh repo set-default https://${GITHUB_USER_NAME}:${GITHUB_BOT_TOKEN_REPO_FULL}@github.com/${GITHUB_REPO_URL}
     - RELEASE_PLEASE_PR=$(gh pr list --author "${GITHUB_USER_NAME}" --head "release-please--branches--${CI_COMMIT_REF_NAME}" --json number | jq -r '.[0].number // empty')
     - test -z "$RELEASE_PLEASE_PR" && echo "No release-please PR found" && exit 0
@@ -494,9 +537,9 @@ release:github:
     - job: changelog
   script:
     - release-please github-release
-        --token=${GITHUB_BOT_TOKEN_REPO_FULL}
-        --repo-url=${GITHUB_REPO_URL}
-        --target-branch=${CI_COMMIT_REF_NAME}
+      --token=${GITHUB_BOT_TOKEN_REPO_FULL}
+      --repo-url=${GITHUB_REPO_URL}
+      --target-branch=${CI_COMMIT_REF_NAME}
 
 release:mender-docs-changelog:
   image: "registry.gitlab.com/northern.tech/mender/mender-test-containers:release-please-v1-master"
@@ -623,7 +666,6 @@ release:mender-docs-changelog:
     - cd ${PROJECT_FOLDER}
     - rm -rf /tmp/helm
 
-
 #
 # Mender Helm Rolling release
 #

diff --git a/.licenses_header.md b/.licenses_header.md
@@ -0,0 +1,14 @@
+---
+title: Mender Server
+taxonomy:
+    category: docs
+shortcode-core:
+    active: false
+---
+
+All open source licenses used in Mender Server with the default build are shown below.
+
+Where copyright holder is missing, please refer to the repository of the software to identify the copyright holder(s).
+
+Third party licenses used in Mender Server: this file is autogenerated with `go list`.
+
diff --git a/frontend/pipeline.yml b/frontend/pipeline.yml
@@ -145,6 +145,11 @@ build:frontend:docker:
       --provenance false
       --push
       .
+    - docker run --rm --entrypoint "/bin/sh" -v $(pwd):/extract ${MENDER_IMAGE_GUI} -c "cp licenses.json /extract/"
+  artifacts:
+    expire_in: 1w
+    paths:
+      - frontend/licenses.json
 
 .template:test:frontend:acceptance:
   stage: test
@@ -289,3 +294,25 @@ publish:frontend:docker:
     expire_in: 1w
     paths:
       - .digests
+
+publish:frontend:licenses:
+  stage: publish
+  tags:
+    - hetzner-amd-beefy
+  rules:
+    - changes:
+        paths: ['frontend/**/*']
+        compare_to: '${RULES_CHANGES_COMPARE_TO_REF}'
+    - if: '$CI_COMMIT_REF_PROTECTED == "true"'
+      when: on_success
+  image: ${CI_DEPENDENCY_PROXY_DIRECT_GROUP_IMAGE_PREFIX}/denoland/deno:debian-2.0.2
+  needs:
+    - job: build:frontend:docker
+      artifacts: true
+  script:
+    - deno task --cwd frontend/scripts licenseFormatting --rootDir $(pwd)
+  artifacts:
+    when: on_success
+    expire_in: 1w
+    paths:
+      - frontend/licenses.md
diff --git a/frontend/scripts/deno.json b/frontend/scripts/deno.json
@@ -2,6 +2,7 @@
   "nodeModulesDir": "auto",
   "tasks": {
     "licenseCheck": "deno run --allow-read --allow-write --allow-run addLicense.js",
+    "licenseFormatting": "deno run --allow-read --allow-write formatLicenses.ts",
     "typeGeneration": "deno run --allow-env --allow-net --allow-read --allow-write typeGeneration/convert.js"
   }
 }
diff --git a/frontend/scripts/formatLicenses.ts b/frontend/scripts/formatLicenses.ts
@@ -0,0 +1,33 @@
+import { join } from 'jsr:@std/path';
+
+import { rootDir } from './common.js';
+
+type License = {
+  name: string;
+  version: string;
+  author?: string;
+  repository: string;
+  source: string;
+  license: string;
+  licenseText: string;
+};
+
+const formatLicenseEntry = (licenseRecord: License) => {
+  const { name, version, repository, license, licenseText } = licenseRecord;
+  return `## ${name}\n
+* Name: ${name}
+* Version: ${version}
+* License: [${license}](${repository})\n
+\`\`\`\n${licenseText}\`\`\`\n`;
+};
+
+const processLicenseFile = async () => {
+  const root = rootDir ?? '.';
+  const { default: licenses } = await import(join(root, 'frontend', 'licenses.json'), {
+    with: { type: 'json' }
+  });
+  const licenseEntries = licenses.map(formatLicenseEntry).join('\n');
+  await Deno.writeTextFile(join(root, 'frontend', 'licenses.md'), `# Licenses\n\n\n${licenseEntries}`);
+};
+
+await processLicenseFile();