License file is not being added to deb #847
Assignees
Labels
bug
Something isn't working
Comments
|
hey! yeah, I think currently you have to copy the license file into the package, something like: contents:
- src: ./LICENSE.md
dst: /usr/share/doc/my-package/copyright
file_info:
mode: 0644 |
|
Oh, I see, thanks for the info! With fpm we weren't doing that, just specifying the metadata a!d that was it. Thanks, I'll give it a try! |
|
Hmmm, that still hasn't worked 🤔 If I run but it's still not reported by Any more ideas? 😕 Thanks for the help! |
|
I was doing a bit more spelunking, and AFAICT, the
Line 252 in 52e0c63 The template for the debian control file has no such field: Line 716 in 52e0c63 Compared to fpm which does include it: Interestingly though, I don't see a specific mention of the License field in the debian control file spec, so I guess fpm is adding it as a "user-defined field"? 🤔 Based on the documentation about copyright information here, your suggestion of just adding the file seems correct, although it also says:
So I think the license file should look something like this (based on examples I found): and there shouldn't be a license control field value? In which case, I think there's probably nothing to do here, though I guess it would be really nice if nfpm could handle this automatically based on the |
3 tasks
caarlos0
added a commit
that referenced
this issue
Aug 18, 2024
closes #847 Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
|
ah, so, I think at least the about formatting a license in the specific format needed, maybe that can be left to whoever is packaging it |
|
Ah cool, thank you! 😊 |
andrewlock
added a commit
to DataDog/dd-trace-dotnet
that referenced
this issue
Aug 28, 2024
## Summary of changes Replaces the ruby tool `fpm` with `nfpm` and `tar` ## Reason for change `fpm` is a ruby tool, which means we have to install ruby. This has historically caused a bunch of issues at various points when dependencies change (e.g. we add/update anything or change dockerfiles). [`nfpm` is a go tool](https://github.com/goreleaser/nfpm) created specifically to do pretty much the same thing as `fpm`, but without requiring ruby. The only slightly annoying thing is that it doesn't support raw "tar" so we have to use the built-in `tar` for that (although that's not a big hardship). ## Implementation details - Install `nfpm` in the docker images and remove the `fpm` install (and removing all the other ruby-related code) - Call `tar` to pack the `tar` images, and `nfpm` to pack the `deb/rpm` packages - `nfpm` is a "config" based tool, so we dump the yaml config to a file, and pass that to the execution - I have validated the nfpm and fpm deb output are essentially identical, there are just a few nuances - `fpm` adds a `License` field to the `.deb` header, but that's non standard. [The correct approach](https://www.debian.org/doc/debian-policy/ch-docs.html#copyright-information) is to include a specific license file. See [this issue](goreleaser/nfpm#847) for more details. - Similarly, `fpm` adds a `Vendor` field that is non standard (but `Maintainer` is standard and is added). - `fpm` adds `Relocations: /var/datadog` to the `.rpm` header, so I have replicated that for nfpm, but I don't know that we actually _want_ that... If we let people relocate the headers, then the documentation is wrong for the profiler env vars etc. Left it as-is anyway, to reduce chance of breaking people, just something I spotted. - The `"Apache License 2.0"` license string used for `.rpm` previously is not a valid value, as defined by fedora, so switched it to the supported moniker [here](https://docs.fedoraproject.org/en-US/legal/allowed-licenses/). - The `tar` files were "accidentally" including the before/after scripts, so I've made sure to still include them, incase anyone was relying on those (they run the `createLogPath.sh` file, and create a symlink to dd-dotnet in `/usr/bin`) ## Test coverage [Ran a full test with all installers here](https://dev.azure.com/datadoghq/dd-trace-dotnet/_build/results?buildId=162539&view=results) - ignore the couple of failures in the dotnet tool smoke tests, those are failures on `master` I need to fix 😅 Will manually compare the output of this run too: - [x] tar (`tar -tzvf *.tar.gz`) - The same, except the before/after scripts weren't being made executable. Fixed - [x] deb (`dpkg --info *.deb` and `dpkg -c *.deb`) - Minor differences: - nfpm adds the directories as entries - nfpm doesn't have the non-standard License field (unlike fpm) - nfpm adds the license in the required copyright path - nfpm doesn't include a dummy changelog.gz file (unlike fpm) - [x] rpm (`rpm -qipl --scripts *.rpm`) - Minor differences, nfpm adds the directories as entries, nothing significant though ## Other details Stacked on - #5770 because we need to change the dockerfiles, and we need the Centos7 fixes in there at the very least. We'll need to update the VMSS images though after making these changes so I've been delaying until that makes sense up to this point.
andrewlock
added a commit
to DataDog/dd-trace-dotnet
that referenced
this issue
Aug 30, 2024
## Summary of changes Replaces the ruby tool `fpm` with `nfpm` and `tar` ## Reason for change `fpm` is a ruby tool, which means we have to install ruby. This has historically caused a bunch of issues at various points when dependencies change (e.g. we add/update anything or change dockerfiles). [`nfpm` is a go tool](https://github.com/goreleaser/nfpm) created specifically to do pretty much the same thing as `fpm`, but without requiring ruby. The only slightly annoying thing is that it doesn't support raw "tar" so we have to use the built-in `tar` for that (although that's not a big hardship). ## Implementation details - Install `nfpm` in the docker images and remove the `fpm` install (and removing all the other ruby-related code) - Call `tar` to pack the `tar` images, and `nfpm` to pack the `deb/rpm` packages - `nfpm` is a "config" based tool, so we dump the yaml config to a file, and pass that to the execution - I have validated the nfpm and fpm deb output are essentially identical, there are just a few nuances - `fpm` adds a `License` field to the `.deb` header, but that's non standard. [The correct approach](https://www.debian.org/doc/debian-policy/ch-docs.html#copyright-information) is to include a specific license file. See [this issue](goreleaser/nfpm#847) for more details. - Similarly, `fpm` adds a `Vendor` field that is non standard (but `Maintainer` is standard and is added). - `fpm` adds `Relocations: /var/datadog` to the `.rpm` header, so I have replicated that for nfpm, but I don't know that we actually _want_ that... If we let people relocate the headers, then the documentation is wrong for the profiler env vars etc. Left it as-is anyway, to reduce chance of breaking people, just something I spotted. - The `"Apache License 2.0"` license string used for `.rpm` previously is not a valid value, as defined by fedora, so switched it to the supported moniker [here](https://docs.fedoraproject.org/en-US/legal/allowed-licenses/). - The `tar` files were "accidentally" including the before/after scripts, so I've made sure to still include them, incase anyone was relying on those (they run the `createLogPath.sh` file, and create a symlink to dd-dotnet in `/usr/bin`) ## Test coverage [Ran a full test with all installers here](https://dev.azure.com/datadoghq/dd-trace-dotnet/_build/results?buildId=162539&view=results) - ignore the couple of failures in the dotnet tool smoke tests, those are failures on `master` I need to fix 😅 Will manually compare the output of this run too: - [x] tar (`tar -tzvf *.tar.gz`) - The same, except the before/after scripts weren't being made executable. Fixed - [x] deb (`dpkg --info *.deb` and `dpkg -c *.deb`) - Minor differences: - nfpm adds the directories as entries - nfpm doesn't have the non-standard License field (unlike fpm) - nfpm adds the license in the required copyright path - nfpm doesn't include a dummy changelog.gz file (unlike fpm) - [x] rpm (`rpm -qipl --scripts *.rpm`) - Minor differences, nfpm adds the directories as entries, nothing significant though ## Other details Stacked on - #5770 because we need to change the dockerfiles, and we need the Centos7 fixes in there at the very least. We'll need to update the VMSS images though after making these changes so I've been delaying until that makes sense up to this point.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What happened?
I'm trying to migrate from fpm to nfpm, and AFAICT, the license field is being ignored.
How can we reproduce this?
configfile:
Then if I run
dpkg-deb --infoon the output I get:Note that there is no license field. And running
dpkg-deb --field licensesimilarly shows it's not set.nfpm version
Search
Code of Conduct
Additional context
Thanks for this project, I would love to remove our ruby dependency! 😅 I expect I'm just doing something wrong, but I've looked all through the code and can't figure it out. Thanks for your help!
The text was updated successfully, but these errors were encountered: