In our work wih license compliance we often need some basic tools. Sometimes you are allowed to install the tools you need and sometimes you’re not. Sometimes you’re allowed to use docker, so we decided to create a docker image that contains the tools we use on a daily basis and to create a little script to manage the image.

We call the project Compliance Tool collection

Programs on the image

Do you want more tools in the image? Create an issue at compliance-tool-collection


Check out the README over at the project page.

Program versions

You can check which programs are included in the image and what versions these have by issuing the flag --versions.

$ compliance-tool --versions
Compliance tools collections: eb78c50
 * Compliance utils:          ef25ff0
 * Flict:                     c7acb64
 * License detector:          unknown
 * Ninka:                     v1.3.2
 * Ort:                       79a687c
 * Reuse:                     0.12.1
 * Scancode:                  21.3.31

Starting the programs in the docker image

You can start the program (in the docker image) directly from the command line. Let’s say you want to get the version for flict:

docker run --rm -i -t -v $(pwd):/compliance-tools sandklef/compliance-tools:0.1 flict --version

A bit too much to get it right? Use the script compliance-tool instead:

$ compliance-tool flict --version

Easier, but still a bit too much. If you read the manual you can add the wrappers directory to your PATH. With this “trick” you can invoke the programs in the docker image by using the program name directly. So for the author of this manual the help text (compliance-tool --help) says I should add the following to my .bashrc or simply issue it every time you want to use the direct names:


Now you should be able to get the version from flict by simply typing:

$ flict --version

Sharing the files with the docker image

Just running the programs and not being able to have them read and write to your file system would be pretty useless, unless you’re satisfied with getting the version from a program.

When running the docker image (container) we’re mounting the current directory to the /compliance-tools inside docker. We’ve set the WORKDIR variable to the same directory so if you for example want to run scancode on a directory called src you can issue the following command:

scancode -clipe src --json src-scan.json"

This will scan your local directory src and store the resulting scan (in JSON format) in a file src-scan.json in the current directory.

About the cover image

Street shopping, Palermo from flickr, (c) 2018 Henrik Sandklef released under Attribution-ShareAlike 2.0 Generic (CC BY-SA 2.0)

Well, it is a collections of tools.