evaluator-rules: Pull in all missing rules from ORT's example rules

The evaluator rules in this repository have been created based on ORT's example policy rules, meanwhile they deviated, but are quite redundant. Reduce the deviation use-case-wise by copying all rules from ORT's examples which are missing in this repository using ORT revision [1]. This is the first step towards making the 'ort-config' repository the single dedicated place to examplify policy rules. In the following ORT's example rules will be deleted, or rather minimized and turned into functional test assets, see also [2]. Note: The copied rules have been created as part of [3]. [1] 63e002ba57e7d49c96017fac2ff679de8a5b76df [2] oss-review-toolkit/ort#5701 [3] oss-review-toolkit/ort#5621 Signed-off-by: Frank Viernau <frank_viernau@epam.com>
oss-review-toolkit · Sep 16, 2022 · 6411fa7 · 6411fa7
1 parent 50ba7d5
commit 6411fa7
Showing 1 changed file with 76 additions and 0 deletions.
diff --git a/evaluator-rules/src/main/resources/example.rules.kts b/evaluator-rules/src/main/resources/example.rules.kts
@@ -1081,6 +1081,26 @@ fun RuleSet.copyleftLimitedInSourceRule() = packageRule("COPYLEFT_LIMITED_IN_SOU
     }
 }
 
+fun RuleSet.dependencyInProjectSourceRule() = projectSourceRule("DEPENDENCY_IN_PROJECT_SOURCE_RULE") {
+    val denyDirPatterns = listOf(
+        "**/node_modules" to setOf("NPM", "Yarn", "PNPM"),
+        "**/vendor" to setOf("GoMod", "GoDep")
+    )
+
+    denyDirPatterns.forEach { (pattern, packageManagers) ->
+        val offendingDirs = projectSourceFindDirectories(pattern)
+
+        if (offendingDirs.isNotEmpty()) {
+            issue(
+                Severity.ERROR,
+                "The directories ${offendingDirs.joinToString()} belong to the package manager(s) " +
+                        "${packageManagers.joinToString()} and must not be committed.",
+                "Please delete the directories: ${offendingDirs.joinToString()}."
+            )
+        }
+    }
+}
+
 fun RuleSet.deprecatedScopeExludeInOrtYmlRule() = ortResultRule("DEPRECATED_SCOPE_EXCLUDE_REASON_IN_ORT_YML") {
     val reasons = ortResult.repository.config.excludes.scopes.mapTo(mutableSetOf()) { it.reason }
     val deprecatedReasons = setOf(ScopeExcludeReason.TEST_TOOL_OF)
@@ -1095,6 +1115,55 @@ fun RuleSet.deprecatedScopeExludeInOrtYmlRule() = ortResultRule("DEPRECATED_SCOP
     }
 }
 
+fun RuleSet.missingCiConfigurationRule() = projectSourceRule("MISSING_CI_CONFIGURATION") {
+    require {
+        -AnyOf(
+            projectSourceHasFile(
+                ".appveyor.yml",
+                ".bitbucket-pipelines.yml",
+                ".gitlab-ci.yml",
+                ".travis.yml"
+            ),
+            projectSourceHasDirectory(
+                ".circleci",
+                ".github/workflows"
+            )
+        )
+    }
+
+    error(
+        message = "This project does not have any known CI configuration files.",
+        howToFix = "Please setup a CI. If you already have setup a CI and the error persists, please contact support."
+    )
+}
+
+fun RuleSet.missingContributingFileRule() = projectSourceRule("MISSING_CONTRIBUTING_FILE") {
+    require {
+        -projectSourceHasFile("CONTRIBUTING.md")
+    }
+
+    error("The project's code repository does not contain the file 'CONTRIBUTING.md'.")
+}
+
+fun RuleSet.missingReadmeFileRule() = projectSourceRule("MISSING_README_FILE") {
+    require {
+        -projectSourceHasFile("README.md")
+    }
+
+    error("The project's code repository does not contain the file 'README.md'.")
+}
+
+fun RuleSet.missingReadmeFileLicenseSectionRule() = projectSourceRule("MISSING_README_FILE_LICENSE_SECTION") {
+    require {
+        +projectSourceHasFile("README.md")
+        -projectSourceHasFileWithContent(".*^#{1,2} License$.*", "README.md")
+    }
+
+    error(
+        message = "The file 'README.md' is missing a \"License\" section.",
+        howToFix = "Please add a \"License\" section to the file 'README.md'."
+    )
+}
 
 fun RuleSet.packageConfigurationInOrtYmlRule() = ortResultRule("PACKAGE_CONFIGURATION_IN_ORT_YML") {
     if (ortResult.repository.config.packageConfigurations.isNotEmpty()) {
@@ -1214,6 +1283,13 @@ fun RuleSet.commonRules() {
 
     vulnerabilityInPackageRule()
     vulnerabilityWithHighSeverityInPackageRule()
+
+    // Prior to open sourcing use case rules (which get executed once):
+    dependencyInProjectSourceRule()
+    missingCiConfigurationRule()
+    missingContributingFileRule()
+    missingReadmeFileRule()
+    missingReadmeFileLicenseSectionRule()
 }
 
 fun RuleSet.ossProjectRules() {