License compliance
- Krzysztof Opasiak
Owned by Krzysztof Opasiak
As of 19.06.2020 ONAP contains below docker images:
ONAP containers
alpine:3.6
ansible/awx_rabbitmq:3.7.4
ansible/awx_task:9.0.1
ansible/awx_web:9.0.1
busybox
busybox:latest
crunchydata/crunchy-postgres:centos7-10.11-4.2.1
crunchydata/crunchy-postgres:centos7-10.3-1.8.2
curlimages/curl:7.68.0
dibi/envsubst
docker.elastic.co/beats/filebeat:5.5.0
docker.elastic.co/elasticsearch/elasticsearch:6.1.2
docker.io/aaionap/haproxy:1.4.0
docker.io/bitnami/elasticsearch:6.8.6-debian-9-r23
docker.io/bitnami/nginx:1.16-debian-9
docker.io/busybox:1.30
docker.io/curlimages/curl:7.69.1
docker.io/library/busybox:latest
docker.io/library/consul:1.4.3
docker.io/xmartlabs/htpasswd
k8s.gcr.io/etcd-amd64:3.2.24
library/mariadb:10
memcached:1.5.20
netboxcommunity/netbox:v2.5.8
nexus3.onap.org:10001/adfinissygroup/k8s-mariadb-galera-centos:v002
nexus3.onap.org:10001/apache/nifi-registry:0.5.0
nexus3.onap.org:10001/busybox
nexus3.onap.org:10001/consul:1.0.6
nexus3.onap.org:10001/library/cassandra:3.11.4
nexus3.onap.org:10001/library/consul:1.7.1
nexus3.onap.org:10001/library/vault:1.3.3
nexus3.onap.org:10001/mariadb:10.1.38
nexus3.onap.org:10001/mariadb:10.3.12
nexus3.onap.org:10001/nginx:1.15-alpine
nexus3.onap.org:10001/onap/aaf/aaf_agent:2.1.20
nexus3.onap.org:10001/onap/aaf/aaf_cass:2.1.23
nexus3.onap.org:10001/onap/aaf/aaf_config:2.1.23
nexus3.onap.org:10001/onap/aaf/aaf_core:2.1.23
nexus3.onap.org:10001/onap/aaf/distcenter:4.0.0
nexus3.onap.org:10001/onap/aaf/sms:4.0.2
nexus3.onap.org:10001/onap/aaf/smsquorumclient:4.0.2
nexus3.onap.org:10001/onap/aaf/testcaservice:4.0.0
nexus3.onap.org:10001/onap/aai/esr-gui:1.4.0
nexus3.onap.org:10001/onap/aai/esr-server:1.5.2
nexus3.onap.org:10001/onap/aai-graphadmin:1.6.3
nexus3.onap.org:10001/onap/aai-resources:1.6.6
nexus3.onap.org:10001/onap/aai-schema-service:1.6.9
nexus3.onap.org:10001/onap/aai-traversal:1.6.3
nexus3.onap.org:10001/onap/appc-cdt-image:1.7.2
nexus3.onap.org:10001/onap/appc-image:1.7.2
nexus3.onap.org:10001/onap/babel:1.6.2
nexus3.onap.org:10001/onap/ccsdk-ansible-server-image:0.4.4
nexus3.onap.org:10001/onap/ccsdk-apps-ms-neng:0.7.1
nexus3.onap.org:10001/onap/ccsdk-blueprintsprocessor:0.7.3
nexus3.onap.org:10001/onap/ccsdk-cds-ui-server:0.7.3
nexus3.onap.org:10001/onap/ccsdk-commandexecutor:0.7.3
nexus3.onap.org:10001/onap/ccsdk-dgbuilder-image:0.7.4
nexus3.onap.org:10001/onap/ccsdk-py-executor:0.7.3
nexus3.onap.org:10001/onap/ccsdk-sdclistener:0.7.3
nexus3.onap.org:10001/onap/clamp-backend:5.0.6
nexus3.onap.org:10001/onap/clamp-dashboard-elasticsearch:5.0.3
nexus3.onap.org:10001/onap/clamp-dashboard-kibana:5.0.3
nexus3.onap.org:10001/onap/clamp-dashboard-logstash:5.0.3
nexus3.onap.org:10001/onap/clamp-frontend:5.0.6
nexus3.onap.org:10001/onap/cli:5.0.4
nexus3.onap.org:10001/onap/data-router:1.6.2
nexus3.onap.org:10001/onap/dcae-be:1.3.4
nexus3.onap.org:10001/onap/dcae-dt:1.3.4
nexus3.onap.org:10001/onap/dcae-fe:1.3.4
nexus3.onap.org:10001/onap/dcae-tools:1.3.4
nexus3.onap.org:10001/onap/dcae-tosca-app:1.3.3
nexus3.onap.org:10001/onap/dmaap/datarouter-node:2.1.6
nexus3.onap.org:10001/onap/dmaap/datarouter-prov:2.1.6
nexus3.onap.org:10001/onap/dmaap/dbc-client:1.0.9
nexus3.onap.org:10001/onap/dmaap/dmaap-bc:2.0.4
nexus3.onap.org:10001/onap/dmaap/dmaap-mr:1.1.18
nexus3.onap.org:10001/onap/dmaap/kafka111:1.0.4
nexus3.onap.org:10001/onap/dmaap/zookeeper:6.0.3
nexus3.onap.org:10001/onap/externalapi/nbi:6.0.3
nexus3.onap.org:10001/onap/holmes/engine-management:1.2.6
nexus3.onap.org:10001/onap/holmes/rule-management:1.2.7
nexus3.onap.org:10001/onap/modeling/etsicatalog:1.0.6
nexus3.onap.org:10001/onap/model-loader:1.6.2
nexus3.onap.org:10001/onap/msb/msb_apigateway:1.2.7
nexus3.onap.org:10001/onap/msb/msb_discovery:1.2.6
nexus3.onap.org:10001/onap/multicloud/azure:1.2.4
nexus3.onap.org:10001/onap/multicloud/framework:1.5.1
nexus3.onap.org:10001/onap/multicloud/framework-artifactbroker:1.5.1
nexus3.onap.org:10001/onap/multicloud/k8s:0.6.0
nexus3.onap.org:10001/onap/multicloud/openstack-fcaps:1.5.5
nexus3.onap.org:10001/onap/multicloud/openstack-pike:1.5.5
nexus3.onap.org:10001/onap/multicloud/openstack-starlingx:1.5.5
nexus3.onap.org:10001/onap/multicloud/openstack-windriver:1.5.5
nexus3.onap.org:10001/onap/multicloud/vio:1.4.1
nexus3.onap.org:10001/onap/music/cassandra_3_11:3.0.24
nexus3.onap.org:10001/onap/music/cassandra_job:3.0.24
nexus3.onap.org:10001/onap/music/cassandra_music:3.0.0
nexus3.onap.org:10001/onap/music/music_sb:3.2.40
nexus3.onap.org:10001/onap/oom/kube2msb:1.2.6
nexus3.onap.org:10001/onap/optf-cmso-dbinit:2.2.0
nexus3.onap.org:10001/onap/optf-cmso-optimizer:2.2.0
nexus3.onap.org:10001/onap/optf-cmso-robot:2.2.0
nexus3.onap.org:10001/onap/optf-cmso-service:2.2.0
nexus3.onap.org:10001/onap/optf-cmso-ticketmgt:2.2.0
nexus3.onap.org:10001/onap/optf-cmso-topology:2.2.0
nexus3.onap.org:10001/onap/optf-has:2.0.4
nexus3.onap.org:10001/onap/optf-osdf:2.0.4
nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-api:1.0.0
nexus3.onap.org:10001/onap/org.onap.ccsdk.dashboard.ccsdk-app-os:1.3.2
nexus3.onap.org:10001/onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.0.1
nexus3.onap.org:10001/onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.4.0
nexus3.onap.org:10001/onap/org.onap.dcaegen2.collectors.ves.vescollector:1.5.4
nexus3.onap.org:10001/onap/org.onap.dcaegen2.deployments.cm-container:2.1.0
nexus3.onap.org:10001/onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0
nexus3.onap.org:10001/onap/org.onap.dcaegen2.deployments.healthcheck-container:1.3.1
nexus3.onap.org:10001/onap/org.onap.dcaegen2.deployments.k8s-bootstrap-container:1.12.6
nexus3.onap.org:10001/onap/org.onap.dcaegen2.deployments.multisite-init-container:1.0.0
nexus3.onap.org:10001/onap/org.onap.dcaegen2.deployments.redis-cluster-container:1.0.0
nexus3.onap.org:10001/onap/org.onap.dcaegen2.deployments.tca-cdap-container:1.2.2
nexus3.onap.org:10001/onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
nexus3.onap.org:10001/onap/org.onap.dcaegen2.platform.configbinding:2.5.2
nexus3.onap.org:10001/onap/org.onap.dcaegen2.platform.deployment-handler:4.3.0
nexus3.onap.org:10001/onap/org.onap.dcaegen2.platform.inventory-api:3.4.1
nexus3.onap.org:10001/onap/org.onap.dcaegen2.platform.mod.designtool-web:1.0.2
nexus3.onap.org:10001/onap/org.onap.dcaegen2.platform.mod.distributorapi:1.0.1
nexus3.onap.org:10001/onap/org.onap.dcaegen2.platform.mod.genprocessor-http:1.0.1
nexus3.onap.org:10001/onap/org.onap.dcaegen2.platform.mod.genprocessor-job:1.0.1
nexus3.onap.org:10001/onap/org.onap.dcaegen2.platform.mod.onboardingapi:2.12.1
nexus3.onap.org:10001/onap/org.onap.dcaegen2.platform.mod.runtime-web:1.0.3
nexus3.onap.org:10001/onap/org.onap.dcaegen2.platform.policy-handler:5.1.0
nexus3.onap.org:10001/onap/org.onap.dcaegen2.platform.servicechange-handler:1.3.2
nexus3.onap.org:10001/onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.2
nexus3.onap.org:10001/onap/policy-apex-pdp:2.3.2
nexus3.onap.org:10001/onap/policy-api:2.2.4
nexus3.onap.org:10001/onap/policy-distribution:2.3.2
nexus3.onap.org:10001/onap/policy-pap:2.2.3
nexus3.onap.org:10001/onap/policy-pdpd-cl:1.6.4
nexus3.onap.org:10001/onap/policy-pe:1.6.4
nexus3.onap.org:10001/onap/policy-xacml-pdp:2.2.2
nexus3.onap.org:10001/onap/portal-app:3.2.3
nexus3.onap.org:10001/onap/portal-db:3.2.3
nexus3.onap.org:10001/onap/portal-sdk:3.2.0
nexus3.onap.org:10001/onap/portal-wms:3.2.3
nexus3.onap.org:10001/onap/sdc-backend:1.6.6
nexus3.onap.org:10001/onap/sdc-backend-init:1.6.6
nexus3.onap.org:10001/onap/sdc-cassandra-init:1.6.6
nexus3.onap.org:10001/onap/sdc-frontend:1.6.6
nexus3.onap.org:10001/onap/sdc-onboard-backend:1.6.6
nexus3.onap.org:10001/onap/sdc-onboard-cassandra-init:1.6.6
nexus3.onap.org:10001/onap/sdc-workflow-backend:1.7.0
nexus3.onap.org:10001/onap/sdc-workflow-frontend:1.7.0
nexus3.onap.org:10001/onap/sdc-workflow-init:1.7.0
nexus3.onap.org:10001/onap/sdnc-ansible-server-image:1.8.3
nexus3.onap.org:10001/onap/sdnc-dmaap-listener-image:1.8.3
nexus3.onap.org:10001/onap/sdnc-image:1.8.3
nexus3.onap.org:10001/onap/sdnc-ueb-listener-image:1.8.3
nexus3.onap.org:10001/onap/search-data-service:1.6.2
nexus3.onap.org:10001/onap/so/api-handler-infra:1.6.3
nexus3.onap.org:10001/onap/so/base-image:1.0
nexus3.onap.org:10001/onap/so/bpmn-infra:1.6.3
nexus3.onap.org:10001/onap/so/catalog-db-adapter:1.6.3
nexus3.onap.org:10001/onap/so/nssmf-adapter:1.6.3
nexus3.onap.org:10001/onap/so/openstack-adapter:1.6.3
nexus3.onap.org:10001/onap/so/request-db-adapter:1.6.3
nexus3.onap.org:10001/onap/so/sdc-controller:1.6.3
nexus3.onap.org:10001/onap/so/sdnc-adapter:1.6.3
nexus3.onap.org:10001/onap/so/so-appc-orchestrator:1.6.0
nexus3.onap.org:10001/onap/so/so-monitoring:1.6.3
nexus3.onap.org:10001/onap/so/ve-vnfm-adapter:1.6.3
nexus3.onap.org:10001/onap/so/vfc-adapter:1.6.3
nexus3.onap.org:10001/onap/so/vnfm-adapter:1.6.3
nexus3.onap.org:10001/onap/sparky-be:1.6.2
nexus3.onap.org:10001/onap/testsuite:1.6.3
nexus3.onap.org:10001/onap/usecase-ui:3.0.4
nexus3.onap.org:10001/onap/usecase-ui-server:3.0.4
nexus3.onap.org:10001/onap/vfc/db:1.3.3
nexus3.onap.org:10001/onap/vfc/emsdriver:1.3.1
nexus3.onap.org:10001/onap/vfc/gvnfmdriver:1.3.9
nexus3.onap.org:10001/onap/vfc/jujudriver:1.3.8
nexus3.onap.org:10001/onap/vfc/multivimproxy:1.3.1
nexus3.onap.org:10001/onap/vfc/nfvo/svnfm/huawei:1.3.6
nexus3.onap.org:10001/onap/vfc/nfvo/svnfm/nokiav2:1.3.6
nexus3.onap.org:10001/onap/vfc/nslcm:1.3.9
nexus3.onap.org:10001/onap/vfc/resmanagement:1.3.1
nexus3.onap.org:10001/onap/vfc/vnflcm:1.3.9
nexus3.onap.org:10001/onap/vfc/vnfmgr:1.3.8
nexus3.onap.org:10001/onap/vfc/vnfres:1.3.7
nexus3.onap.org:10001/onap/vfc/wfengine-activiti:1.3.3
nexus3.onap.org:10001/onap/vfc/wfengine-mgrservice:1.3.3
nexus3.onap.org:10001/onap/vfc/ztesdncdriver:1.3.1
nexus3.onap.org:10001/onap/vfc/ztevnfmdriver:1.3.6
nexus3.onap.org:10001/onap/vid:6.0.4
nexus3.onap.org:10001/onap/vnfsdk/refrepo:1.5.2
nexus3.onap.org:10001/oomk8s/consul:1.0.0
nexus3.onap.org:10001/postgres:10.4-alpine
nexus3.onap.org:10001/sonatype/nexus:2.14.13-01
nexus3.onap.org:10001/zookeeper:3.4
oomk8s/mariadb-client-init:3.0.0
oomk8s/readiness-check:2.2.1
oomk8s/ubuntu-init:1.0.0
primekey/ejbca-ce:6.15.2.5
rabbitmq:alpine
registry.gitlab.com/orange-opensource/lfn/onap/integration/xtesting/healthcheck:latest
registry.gitlab.com/orange-opensource/lfn/onap/integration/xtesting/smoke-usecases-robot:latest
registry.hub.docker.com/library/mongo:4.0.8
registry.hub.docker.com/oomk8s/ubuntu-init:2.0.0Upstream dockers in ONAP Nexus server
Below is the list of upstream images that are hosted in nexus and should be removed as soon as possible:
Upstream dockers in Nexus
nexus3.onap.org:10001/adfinissygroup/k8s-mariadb-galera-centos:v002
nexus3.onap.org:10001/apache/nifi-registry:0.5.0
nexus3.onap.org:10001/busybox
nexus3.onap.org:10001/consul:1.0.6
nexus3.onap.org:10001/library/cassandra:3.11.4
nexus3.onap.org:10001/library/consul:1.7.1
nexus3.onap.org:10001/library/vault:1.3.3
nexus3.onap.org:10001/mariadb:10.1.38
nexus3.onap.org:10001/mariadb:10.3.12
nexus3.onap.org:10001/nginx:1.15-alpine
nexus3.onap.org:10001/onap/babel:1.6.2 # Unsure about this one
nexus3.onap.org:10001/onap/ccsdk-ansible-server-image:0.4.4 # Unsure about this one
nexus3.onap.org:10001/onap/clamp-dashboard-elasticsearch:5.0.3 # Unsure what are the changes compared to upstream?
nexus3.onap.org:10001/onap/clamp-dashboard-kibana:5.0.3 # Unsure what are the changes compared to upstream?
nexus3.onap.org:10001/onap/clamp-dashboard-logstash:5.0.3 # Unsure what are the changes compared to upstream?
nexus3.onap.org:10001/onap/dmaap/kafka111:1.0.4 # Unsure is it pure upstream upstream?
nexus3.onap.org:10001/onap/dmaap/zookeeper:6.0.3 # Unsure is it pure upstream upstream?
nexus3.onap.org:10001/onap/music/cassandra_3_11:3.0.24
nexus3.onap.org:10001/onap/music/cassandra_job:3.0.24
nexus3.onap.org:10001/onap/music/cassandra_music:3.0.0
nexus3.onap.org:10001/onap/portal-db:3.2.3 # Unsure what are the changes compared to upstream?
nexus3.onap.org:10001/onap/search-data-service:1.6.2 # Unsure what this actually is?
nexus3.onap.org:10001/onap/sparky-be:1.6.2 # Unsure what this actually is?
nexus3.onap.org:10001/oomk8s/consul:1.0.0 # Unsure is it pure upstream upstream?
nexus3.onap.org:10001/postgres:10.4-alpine
nexus3.onap.org:10001/sonatype/nexus:2.14.13-01
nexus3.onap.org:10001/zookeeper:3.4
Definition of upstream container: Container that don't contain ONAP specific code apart from containers that are build to incorporate a suitable versions of software in case when proper upstream image is unavailable in dockerhub
Base Image statistics
Those are not exact results but only some overview. Stats took only single container from every pod. Additionally those stats includes also upstream containers.
Distro | N pods | Image size on disk | Number of packages | Licenses within base image |
|---|---|---|---|---|
Debian | 47 | 123 MB/80 MB if slim/50 MB if minideb | 97 | Apache-2.0 Artistic BSD CC0-1.0 GFDL GFDL-1.2 GFDL-1.3 GPL GPL-1 GPL-2 GPL-3 LGPL LGPL-2 LGPL-2.1 LGPL-3 MPL-1.1 MPL-2.0 |
CentOS | 50 | 193 MB | 173 | GPL v2, GPLv3, zlib, boost, MPLv2.0, OpenLDAP, OpenSSL, Public Domain, Python, SISSL and BSD, Vim, MIT, LGPL v2, LGPL v3, ISC, |
Ubuntu | 21 | 118 MB | 93 | Apache-2.0 Artistic BSD CC0-1.0 GFDL GFDL-1.2 GFDL-1.3 GPL GPL-1 GPL-2 GPL-3 LGPL LGPL-2 LGPL-2.1 LGPL-3 MPL-1.1 MPL-2.0 |
Alpine | 107 | 4.8 MB | 14 | MIT, GPL-2.0-only, OpenSSL, MPL-2.0, ISC, Zlib, BSD |
Compliance in distros
Based on dockerhub:
debian dockerhub
View license information for the software contained in this image.
As with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained).
Some additional license information which was able to be auto-detected might be found in the repo-info repository's debian/ directory.
As for any pre-built image usage, it is the image user's responsibility to ensure that any use of this image complies with any relevant licenses for all software contained within.Same story with all other distros.
Proposal to move forward
Organize a TSC vote on the list of licenses that can be used within ONAP containers
Remove all upstream docker container from ONAP Nexus
Prepare license compliance to Alpine base image & helper ONAP images prepared by the integration
Switch all components to use Alpine (or anny derrievative image like onap-base-jave that is based on alpine) as a base image
Make sure that every container updates compliance docummentation when it adds a new system package (tested in the gate)