🐛 Licenses: Get License SPDXId from GitLab API (ossf#3413)

* Fix licenses check

* Update repoclient
* Get SPDXId from `key` field in GitLab Projects API
* Update e2etest repos

Signed-off-by: Raghav Kaul <raghavkaul@google.com>

* add test

Signed-off-by: Raghav Kaul <raghavkaul@google.com>

* stricter regex

Signed-off-by: Raghav Kaul <raghavkaul@google.com>

---------

Signed-off-by: Raghav Kaul <raghavkaul@google.com>
Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>

Author: raghavkaul

clients/gitlabrepo/client.go

@@ -81,7 +81,8 @@ func (client *Client) InitRepo(inputRepo clients.Repo, commitSHA string, commitD
 
 	// Sanity check.
 	proj := fmt.Sprintf("%s/%s", glRepo.owner, glRepo.project)
-	repo, _, err := client.glClient.Projects.GetProject(proj, &gitlab.GetProjectOptions{})
+	license := true // Get project license information. Used for licenses client.
+	repo, _, err := client.glClient.Projects.GetProject(proj, &gitlab.GetProjectOptions{License: &license})
 	if err != nil {
 		return sce.WithMessage(sce.ErrRepoUnreachable, proj+"\t"+err.Error())
 	}
@@ -107,7 +108,7 @@ func (client *Client) InitRepo(inputRepo clients.Repo, commitSHA string, commitD
 	}
 
 	if repo.Owner != nil {
-		client.repourl.owner = repo.Owner.Name
+		client.repourl.owner = repo.Owner.Username
 	}
 
 	// Init contributorsHandler

clients/gitlabrepo/licenses.go

@@ -44,18 +44,11 @@ var errLicenseURLParse = errors.New("couldn't parse gitlab repo license url")
 
 func (handler *licensesHandler) setup() error {
 	handler.once.Do(func() {
-		licenseMap := []clients.License{}
-		if len(licenseMap) == 0 {
-			// TODO: handler.errSetup = fmt.Errorf("request for repo licenses failed with %w", err)
-			handler.errSetup = fmt.Errorf("%w: ListLicenses not yet supported for gitlab", clients.ErrUnsupportedFeature)
-			return
-		}
-
 		l := handler.glProject.License
 
-		ptn, err := regexp.Compile(fmt.Sprintf("%s/~/blob/master/(.*)", handler.repourl.URI()))
+		ptn, err := regexp.Compile(fmt.Sprintf("%s/-/blob/(?:\\w+)/(.*)", handler.repourl.URI()))
 		if err != nil {
-			handler.errSetup = fmt.Errorf("couldn't parse License URL: %w", err)
+			handler.errSetup = fmt.Errorf("couldn't parse license url: %w", err)
 			return
 		}
 
@@ -68,9 +61,10 @@ func (handler *licensesHandler) setup() error {
 
 		handler.licenses = append(handler.licenses,
 			clients.License{
-				Key:  l.Key,
-				Name: l.Name,
-				Path: path,
+				Key:    l.Key,
+				Name:   l.Name,
+				Path:   path,
+				SPDXId: l.Key,
 			},
 		)
 

e2e/license_test.go

@@ -123,7 +123,33 @@ var _ = Describe("E2E TEST:"+checks.CheckLicense, func() {
 			skipIfTokenIsNot(gitlabPATTokenType, "GitLab only")
 
 			dl := scut.TestDetailLogger{}
-			repo, err := gitlabrepo.MakeGitlabRepo("gitlab.com/N8BWert/scorecard-check-license-e2e")
+			repo, err := gitlabrepo.MakeGitlabRepo("gitlab.com/ossf-test/scorecard-check-license-e2e")
+			Expect(err).Should(BeNil())
+			repoClient, err := gitlabrepo.CreateGitlabClient(context.Background(), repo.Host())
+			Expect(err).Should(BeNil())
+			err = repoClient.InitRepo(repo, clients.HeadSHA, 0)
+			Expect(err).Should(BeNil())
+			req := checker.CheckRequest{
+				Ctx:        context.Background(),
+				RepoClient: repoClient,
+				Repo:       repo,
+				Dlogger:    &dl,
+			}
+			expected := scut.TestReturn{
+				Error:        nil,
+				Score:        10,
+				NumberOfInfo: 2,
+			}
+			result := checks.License(&req)
+
+			Expect(scut.ValidateTestReturn(nil, "license found", &expected, &result,
+				&dl)).Should(BeTrue())
+		})
+		It("Should return license check works for unrecognized license type - GitLab", func() {
+			skipIfTokenIsNot(gitlabPATTokenType, "GitLab only")
+
+			dl := scut.TestDetailLogger{}
+			repo, err := gitlabrepo.MakeGitlabRepo("gitlab.com/ossf-test/scorecard-check-license-e2e-unrecognized-license-type")
 			Expect(err).Should(BeNil())
 			repoClient, err := gitlabrepo.CreateGitlabClient(context.Background(), repo.Host())
 			Expect(err).Should(BeNil())
@@ -151,7 +177,7 @@ var _ = Describe("E2E TEST:"+checks.CheckLicense, func() {
 			skipIfTokenIsNot(gitlabPATTokenType, "GitLab only")
 
 			dl := scut.TestDetailLogger{}
-			repo, err := gitlabrepo.MakeGitlabRepo("gitlab.com/N8BWert/scorecard-check-license-e2e")
+			repo, err := gitlabrepo.MakeGitlabRepo("gitlab.com/ossf-test/scorecard-check-license-e2e")
 			Expect(err).Should(BeNil())
 			repoClient, err := gitlabrepo.CreateGitlabClient(context.Background(), repo.Host())
 			Expect(err).Should(BeNil())
@@ -164,11 +190,9 @@ var _ = Describe("E2E TEST:"+checks.CheckLicense, func() {
 				Dlogger:    &dl,
 			}
 			expected := scut.TestReturn{
-				Error:         nil,
-				Score:         9,
-				NumberOfWarn:  1,
-				NumberOfInfo:  1,
-				NumberOfDebug: 0,
+				Error:        nil,
+				Score:        10,
+				NumberOfInfo: 2,
 			}
 			result := checks.License(&req)