License report & automatic LICENSE content check

[snazy]

Adds a Gradle plugin to generate license reports, which is then used for two purposes:

1. Generate a license report
2. Verify that dependencies that have to be mentioned in LICENSE are mentioned there

The Gradle check task depends on the "dependencies to mention in LICENSE" - so CI will fail if a dependency isn't mentioned there. Those are dependencies that are not licensed as Apache and are either MIT, BSD, Go, ISC or "Universal Permissive".

The licence report is generated as HTML and packed as a ZIP file for each Gradle project that is considered a distribution (currently only :polaris-service).

A new project aggregated-license-report is there to collect the NOTICE + LICENSE files and all individual projects' license reports and add those to a single ZIP file.

This PR is a port of the same functionality that Nessie used for quite a while now.

Depends on #10 and #53

[snazy]

Only the last two commits actually belong to this PR:

• one that adds the build code
• one that updates the LICENSE file

[snazy]

/cc @jbonofre

[RussellSpitzer]

Could do Set: NeedsMentionLicenses.contains(license) instead of || chain

[RussellSpitzer]

Comment from another project I think, shouldn't apply here

[snazy]

yup - copy-paste left-over

[RussellSpitzer]

I'm not sure these excludes are relevant to Polaris (yet)

[snazy]

true

[RussellSpitzer]

Not relevant to this project as well

[snazy]

also true

[RussellSpitzer]

I have a few questions on this related to why we aren't including some elements in our license file.

There are also a few comments/ exclusions that I think are particular to Nessie where this was I think copied from that need to be cleaned up.

[RussellSpitzer]

"Used to generate reference license reports"

[RussellSpitzer]

Shouldn't this be the Apache license here?

[jbonofre]

Yes correct

[RussellSpitzer]

Comment is no longer accurate

[RussellSpitzer]

Couldn't we just automatically check whether or not our license file matches our dependencies ? We could always do this in a future PR

[RussellSpitzer]

This is probably a feature for the plugin and not our build, but it would be great if this json could include the rules for license reproduction rather than us coding it ourselves. (IE. Apache needs x type license, MIT needs full repro, etc ...)

[RussellSpitzer]

I think we just need to fix the Copyright notice on LicenseFileValidation.kt and the comment in the same file and we are good to merge here.

[jbonofre]

We can update the header here.

[jbonofre]

Yes correct

[RussellSpitzer]

@snazy There are still some Snowflake headers in there, could you please tidy them up?

[snazy]

Ping @RussellSpitzer

[RussellSpitzer]

Thanks @snazy!