diff --git a/.copywrite.hcl b/.copywrite.hcl new file mode 100644 index 0000000..ed2142c --- /dev/null +++ b/.copywrite.hcl @@ -0,0 +1,17 @@ +schema_version = 1 + +project { + license = "BUSL-1.1" + copyright_holder = "Mondoo, Inc." + copyright_year = 2023 + + # (OPTIONAL) A list of globs that should not have copyright/license headers. + # Supports doublestar glob patterns for more flexibility in defining which + # files or folders should be ignored + header_ignore = [ + "**/*.tf", + "**/testdata/**", + "**/*.pb.go", + "**/*_string.go", + ] +} \ No newline at end of file diff --git a/.github/workflows/cla.yaml b/.github/workflows/cla.yaml new file mode 100644 index 0000000..665bac9 --- /dev/null +++ b/.github/workflows/cla.yaml @@ -0,0 +1,38 @@ +name: "CLA Assistant & License Check" +on: + issue_comment: + types: [created] + pull_request_target: + types: [opened,closed,synchronize] + +jobs: + CLAssistant: + runs-on: ubuntu-latest + steps: + - name: "CLA Assistant" + if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the Mondoo CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target' + uses: contributor-assistant/github-action@v2.2.0 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + PERSONAL_ACCESS_TOKEN : ${{ secrets.CLA_ACCESS_TOKEN }} + with: + path-to-signatures: 'signatures/version1/cla.json' + path-to-document: 'https://github.com/mondoohq/.github/blob/master/CLA.md' + custom-pr-sign-comment: 'I have read the Mondoo CLA Document and I hereby sign the CLA' + custom-notsigned-prcomment: 'Thank you for your submission, we really appreciate it. Before we can accept your contribution, we ask that you sign the [Mondoo Contributor License Agreement](https://github.com/mondoohq/.github/blob/master/CLA.md). You can sign the CLA by adding a new comment to this pull request and pasting exactly the following text.' + remote-repository-name: cla + remote-organization-name: mondoohq + branch: 'main' + allowlist: mondoo-tools,github-actions[bot],dependabot[bot] + + license-check: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Setup Copywrite + uses: hashicorp/setup-copywrite@v1.1.2 + + - name: Check Header Compliance + run: copywrite headers --plan diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..e13cd52 --- /dev/null +++ b/LICENSE @@ -0,0 +1,40 @@ +License text copyright (c) 2020 MariaDB Corporation Ab, All Rights Reserved. +“Business Source License” is a trademark of MariaDB Corporation Ab. + +Parameters + +Licensor: Mondoo, Inc. (“Mondoo”) +Licensed Work(s): cnquery & cnspec choco package builder. The Licensed Work is (c) 2023 Mondoo, Inc. +Additional Use Grant: You may use, distribute or host the Licensed Work in + your own or your direct customers’ production + environment, provided that such use, distribution or + hosting does not include offering the Licensed Work to + third parties as part of or in connection with an + offering that is competitive with any of Mondoo’s + products. +Change Date: Four years from the date the Licensed Work is published +Change License: MPL 2.0 + +For information about alternative licensing arrangements for the Licensed Work, please contact licensing@mondoo.com. + +Notice + +Business Source License 1.1 + +Terms + +The Licensor hereby grants you the right to copy, modify, create derivative works, redistribute, and make non-production use of the Licensed Work. The Licensor may make an Additional Use Grant, above, permitting limited production use. + +Effective on the Change Date, or the fourth anniversary of the first publicly available distribution of a specific version of the Licensed Work under this License, whichever comes first, the Licensor hereby grants you rights under the terms of the Change License, and the rights granted in the paragraph above terminate. + +If your use of the Licensed Work does not comply with the requirements currently in effect as described in this License, you must purchase a commercial license from the Licensor, its affiliated entities, or authorized resellers, or you must refrain from using the Licensed Work. + +All copies of the original and modified Licensed Work, and derivative works of the Licensed Work, are subject to this License. This License applies separately for each version of the Licensed Work and the Change Date may vary for each version of the Licensed Work released by Licensor. + +You must conspicuously display this License on each original or modified copy of the Licensed Work. If you receive the Licensed Work in original or modified form from a third party, the terms and conditions set forth in this License apply to your use of that work. + +Any use of the Licensed Work in violation of this License will automatically terminate your rights under this License for the current and all other versions of the Licensed Work. + +This License does not grant you any right in any trademark or logo of Licensor or its affiliates (provided that you may use a trademark or logo of Licensor as expressly required by this License). + +TO THE EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSED WORK IS PROVIDED ON AN “AS IS” BASIS. LICENSOR HEREBY DISCLAIMS ALL WARRANTIES AND CONDITIONS, EXPRESS OR IMPLIED, INCLUDING (WITHOUT LIMITATION) WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, AND TITLE. diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..f0f7413 --- /dev/null +++ b/Makefile @@ -0,0 +1,9 @@ + +# Copywrite Check Tool: https://github.com/hashicorp/copywrite +license: license/headers/check + +license/headers/check: + copywrite headers --plan + +license/headers/apply: + copywrite headers diff --git a/scripts/mac/build-pkg.sh b/scripts/mac/build-pkg.sh index a2522ce..0670489 100755 --- a/scripts/mac/build-pkg.sh +++ b/scripts/mac/build-pkg.sh @@ -1,4 +1,7 @@ #!/bin/bash +# Copyright (c) Mondoo, Inc. +# SPDX-License-Identifier: BUSL-1.1 + if [ ! -f /usr/bin/lipo ]; then echo "ERROR: This script requires the lipo tool from the XCode utilities; please install XCode." diff --git a/scripts/mac/packager/build-package.sh b/scripts/mac/packager/build-package.sh index efe4001..f914274 100755 --- a/scripts/mac/packager/build-package.sh +++ b/scripts/mac/packager/build-package.sh @@ -1,4 +1,7 @@ #!/bin/bash +# Copyright (c) Mondoo, Inc. +# SPDX-License-Identifier: BUSL-1.1 + #Configuration Variables and Parameters diff --git a/scripts/mac/packager/darwin/Resources/conclusion.html b/scripts/mac/packager/darwin/Resources/conclusion.html index ae51077..168a79d 100644 --- a/scripts/mac/packager/darwin/Resources/conclusion.html +++ b/scripts/mac/packager/darwin/Resources/conclusion.html @@ -1,3 +1,8 @@ + + diff --git a/scripts/mac/packager/darwin/Resources/uninstall.sh b/scripts/mac/packager/darwin/Resources/uninstall.sh index 9b6c636..38288fa 100644 --- a/scripts/mac/packager/darwin/Resources/uninstall.sh +++ b/scripts/mac/packager/darwin/Resources/uninstall.sh @@ -1,4 +1,7 @@ #!/bin/bash +# Copyright (c) Mondoo, Inc. +# SPDX-License-Identifier: BUSL-1.1 + # Mondoo Client Uninstaller #Parameters diff --git a/scripts/mac/packager/darwin/Resources/welcome.html b/scripts/mac/packager/darwin/Resources/welcome.html index 3d681c0..0486e08 100644 --- a/scripts/mac/packager/darwin/Resources/welcome.html +++ b/scripts/mac/packager/darwin/Resources/welcome.html @@ -1,4 +1,9 @@ + +