Inconsistent output from the license analysis service on prod-preview

[tisnik]

Problem description

The license analysis service returns incorrect data with the status set to failure. The output is different from one used in documentation for the dependency editor - so either the service has a bug or the documentation is not consistent w.r.o. the request/expected response.

Documentation

https://docs.google.com/document/d/1PIbir8p6IE1fLYpEpP9EoHRpjZ1MwR4j8luHFKar8XI/edit

Input

Post the following payload taken from the Request and Response doc for dependency editor to the analytics_license service on prod-preview:

  "_resolved": [
          {
              "package": "com.googlecode.xmemcached:xmemcached",
              "version": "2.3.2"
          }, 
          {
              "package": "commons-fileupload:commons-fileupload",
              "version": "1.3"
          }, 
          {
              "package": "org.springframework.boot:spring-boot-starter-web",
              "version": "1.4.1.RELEASE"
          },
          {
              "package": "com.h2database:h2",
              "version": "1.4.192"
          },
          {
              "package": "org.springframework.boot:spring-boot-starter-data-jpa",
              "version": "1.4.1.RELEASE"
          }
      ],
    "ecosystem": "maven"
}

Output from the service

{
  "conflict_packages": [], 
  "distinct_licenses": [
    "apache 2.0"
  ], 
  "message": "No declared licenses found for 3 component(s).", 
  "outlier_packages": [], 
  "packages": [
    {
      "license_analysis": {
        "_message": "Representative license found", 
        "_representative_licenses": "apache 2.0", 
        "conflict_licenses": [], 
        "outlier_licenses": [], 
        "status": "Successful", 
        "synonyms": {
          "Apache License, Version 2.0": "apache 2.0"
        }, 
        "unknown_licenses": []
      }, 
      "licenses": [
        "Apache License, Version 2.0"
      ], 
      "package": "com.googlecode.xmemcached:xmemcached", 
      "version": "2.3.2"
    }, 
    {
      "license_analysis": {
        "_message": "Representative license found", 
        "_representative_licenses": "apache 2.0", 
        "conflict_licenses": [], 
        "outlier_licenses": [], 
        "status": "Successful", 
        "synonyms": {
          "Apache 2.0": "apache 2.0"
        }, 
        "unknown_licenses": []
      }, 
      "licenses": [
        "Apache 2.0"
      ], 
      "package": "commons-fileupload:commons-fileupload", 
      "version": "1.3"
    }, 
    {
      "license_analysis": {
        "_message": "Input is invalid", 
        "_representative_licenses": null, 
        "conflict_licenses": [], 
        "outlier_licenses": [], 
        "status": "Failure", 
        "synonyms": {}, 
        "unknown_licenses": []
      }, 
      "licenses": [], 
      "package": "org.springframework.boot:spring-boot-starter-web", 
      "version": "1.4.1.RELEASE"
    }, 
    {
      "license_analysis": {
        "_message": "Input is invalid", 
        "_representative_licenses": null, 
        "conflict_licenses": [], 
        "outlier_licenses": [], 
        "status": "Failure", 
        "synonyms": {}, 
        "unknown_licenses": []
      }, 
      "licenses": [], 
      "package": "com.h2database:h2", 
      "version": "1.4.192"
    }, 
    {
      "license_analysis": {
        "_message": "Input is invalid", 
        "_representative_licenses": null, 
        "conflict_licenses": [], 
        "outlier_licenses": [], 
        "status": "Failure", 
        "synonyms": {}, 
        "unknown_licenses": []
      }, 
      "licenses": [], 
      "package": "org.springframework.boot:spring-boot-starter-data-jpa", 
      "version": "1.4.1.RELEASE"
    }
  ], 
  "stack_license": null, 
  "status": "Failure", 
  "unknown_licenses": {
    "component_conflict": [], 
    "really_unknown": []
  }
}

Expected output

{
    "conflict_packages": [],
    "license_filter": {
        "alternate_packages": {
            "compatible_packages": [],
            "conflict_packages": [],
            "unknown_license_packages": []
        },
        "companion_packages": {
            "compatible_packages": [],
            "conflict_packages": [],
            "unknown_license_packages": []
        }
    },
    "outlier_packages": {},
    "packages": [
        {
            "license_analysis": {
                "_message": "Representative license found",
                "_representative_licenses": "epl 1.0",
                "conflict_licenses": [],
                "outlier_licenses": [],
                "status": "Successful",
                "synonyms": {
                    "APACHE": "apache 2.0",
                    "Eclipse Public License": "epl 1.0"
                },
                "unknown_licenses": []
            },
            "licenses": [
                "APACHE",
                "Eclipse Public License"
            ],
            "package": "p1",
            "version": "1.1"
        },
        {
            "license_analysis": {
                "_message": "Representative license found",
                "_representative_licenses": "gplv2",
                "conflict_licenses": [],
                "outlier_licenses": [],
                "status": "Successful",
                "synonyms": {
                    "BSD": "bsd-new",
                    "GPL V2": "gplv2"
                },
                "unknown_licenses": []
            },
            "licenses": [
                "BSD",
                "GPL V2"
            ],
            "package": "p2",
            "version": "1.1"
        }
    ],
    "stack_license": "gplv2",
    "status": "Successful"
}

[sunilk747]

@tisnik Are you trying it on prod-preview?

[sunilk747]

@tisnik The documentation was not correct. I added the correct response. PTAL. Still you might encounter difference in results for prod and prod-preview because of unavailability of data at staging.

[tisnik]

@sunilk747 yes, I'm trying it on prod-preview. And thanks for updating the documentation. If everything's ok, I'll close this issue. Stay tuned please :)

[tisnik]

@sunilk747 do we have any checked input that returns 'success' status?

[sunilk747]

@tisnik

{
  "_resolved": [
    {
      "package": "org.wildfly.swarm:monitor",
      "version": "2018.3.3"
    },
    {
      "package": "org.wildfly.swarm:cdi",
      "version": "2018.3.3"
    },
    {
      "package": "org.wildfly.swarm:jaxrs",
      "version": "2018.3.3"
    },
    {
      "package": "org.wildfly.core:wildfly-controller-client",
      "version": "2.2.1.Final"
    }
  ],
  "ecosystem": "maven",
  "request_id": "4bcd3113e30d436da17dced85edb6e9e"
}

[tisnik]

Thanks @sunilk747,

unfortunately I got one error:

    {
      "license_analysis": {
        "_message": "Input is invalid", 
        "_representative_licenses": null, 
        "conflict_licenses": [], 
        "outlier_licenses": [], 
        "status": "Failure", 
        "synonyms": {}, 
        "unknown_licenses": []
      }, 
      "licenses": [], 
      "package": "org.wildfly.core:wildfly-controller-client", 
      "version": "2.2.1.Final"
    }

I guess we don't have all the data on pre-prod.

[sunilk747]

@tisnik Yes. You will get the correct response if you will try it on prod.

[sunilk747]

Hey @tisnik If you are clear on this can you close this one.

[tisnik]

@sunilk747 is it possible pls to update the documentation so it will be usable on prod-preview as well?

[sunilk747]

Actually it's possible for same stack you may or may not get result on prod-preview but you will get a result on prod. So should I change my documentation as per prod-preview results. WDYT?

[sunilk747]

@tisnik I have updated the document with correct request and response. PTAL and close this one if you are clear on this.

[tisnik]

LGTM, thanks a lot @sunilk747