Include dependency license data in distributed packages

[jonabc]

resolves #155

This updates the packaging scripts to include dependency data in built distributable packages. Unfortunately the resulting script is somewhat fragile due to needing the environment just right for both the docker and non-docker build environments. I've attempted to comment the script for some of the pitfalls but it's hard to describe all the ways that things just wont work using the prebuilt ruby docker image. Sadly things work even less when using a custom docker image that installs ruby in a different manner.

In a short-ish description, the script works by

• creating a copy of the local repo in its current state without Gemfile.lock, existing bundled gems, existing dependency metadata and tests.
  • removing any installed state allows later bootstrapping and licensed execution to find the latest gems available, which is what is used in the executable.
• checking out the copied repo to the desired version if needed and building the executable
• restoring back to the current repo version, licensed is bootstrapped and run on itself
  • the environment needs to be just right here, with at least a >= 2.0 version of bundler available at GEM_HOME, no Gemfile.lock, and no BUNDLER_VERSION env var set
• lastly remaining metadata is pulled together from licensed's own LICENSE and README.md as well as ruby's license.txt

All of the dependency data is put under a meta folder in the package, with a resulting structure like

./licensed
./meta/
./meta/LICENSE
./meta/README.md
./meta/.licenses/
./meta/ruby/
./meta/ruby/license.txt
./meta/.licenses/bundler/
./meta/.licenses/bundler/public_suffix.dep.yml
./meta/.licenses/bundler/dotenv.dep.yml
./meta/.licenses/bundler/addressable.dep.yml
./meta/.licenses/bundler/thor.dep.yml
./meta/.licenses/bundler/octokit.dep.yml
./meta/.licenses/bundler/licensee.dep.yml
./meta/.licenses/bundler/multipart-post.dep.yml
./meta/.licenses/bundler/faraday.dep.yml
./meta/.licenses/bundler/pathname-common_prefix.dep.yml
./meta/.licenses/bundler/rugged.dep.yml
./meta/.licenses/bundler/sawyer.dep.yml
./meta/.licenses/bundler/tomlrb.dep.yml
./meta/.licenses/bundler/bundler.dep.yml

/cc @mlinksva for 👍 on the resulting structure and overall process.

[mlinksva]

The resulting structure looks good.

If I understand script correctly, rubyc and licensed are each running in clean environments (no gems installed yet) so can be expected to get the same gems/versions as long as there's nothing platform specific. I don't need to understand for it to work, just recording here. 😄

[jonabc]

If I understand script correctly, rubyc and licensed are each running in clean environments (no gems installed yet) so can be expected to get the same gems/versions as long as there's nothing platform specific.

👍 that's my expectation and observation. I think we're ok for platform specific gems with this approach as well.