1# Example of automated license policy definitions. 2 3load("@rules_license//examples/policy_checker:license_policy.bzl", "license_policy") 4load("@rules_license//examples/policy_checker:license_policy_check.bzl", "license_policy_check") 5 6package(default_package_metadata = ["//:license", "//:package_info"]) 7 8# license_policy rules generally appear in a central location per workspace. That 9# should be access controlled by the policy team. 10 11# A production service can use licenses with most conditions 12license_policy( 13 name = "production_service", 14 conditions = [ 15 "notice", 16 "restricted_if_statically_linked", 17 ], 18) 19 20# A mobile application usually can not allow end-user replacable libraries. 21# So LGPL code (which is restricted_if_statically_linked) can not be used. 22license_policy( 23 name = "mobile_application", 24 conditions = [ 25 "notice", 26 ], 27) 28 29license_policy( 30 name = "special_allowlisted_app", 31 # There could be a allowlist of targets here. 32 conditions = [ 33 "notice", 34 "allowlist:acme_corp_paid", 35 ], 36) 37 38# Now we might build checks of critical applications against policies 39# 40# Questions to consider? 41# - Your organization migth want to fold these kinds of checks into 42# wrapper macros around the rules which generate services and apps 43# - You might want to distribute checks to rules alongside the products 44# - Or, you might want to consolidate them in a single place where your 45# compliance team owns them, as this example does 46 47license_policy_check( 48 name = "check_server", 49 policy = ":production_service", 50 target = "//examples/src:my_server", 51) 52 53 54# This is marked manual, so bazel test ... does not fail. Try it yourself with 55# bazel build :check_violating_server 56license_policy_check( 57 name = "check_violating_server", 58 policy = ":production_service", 59 tags = [ 60 "manual", 61 ], 62 target = "//examples/src:my_violating_server", 63) 64