Update FOSSA configuration for new requirements layout

[robdiciuccio]

SUMMARY

FOSSA is not accurately checking or failing on license issues with modules in the base requirements. This PR updates the FOSSA config to test base and docker requirements for license issues, and fails the build if any are found.

I've also made the FOSSA report public, so anyone should be able to view.

NOTE: there are currently dependencies in base.txt that do not meet Apache licensing requirements (e.g. mysqlclient and psycopg2-binary), so the check is expected to fail.

TEST PLAN

• FOSSA should run in CI and should fail on incompatible licenses

ADDITIONAL INFORMATION

• Has associated issue:
• Changes UI
• Requires DB Migration.
• Confirm DB Migration upgrade and downgrade tested.
• Introduces new feature or API
• Removes existing feature or API

[willbarrett]

LGTM after rebase

[codecov-commenter]

Codecov Report

Merging #10848 into master will decrease coverage by 0.22%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##           master   #10848      +/-   ##
==========================================
- Coverage   61.34%   61.12%   -0.23%     
==========================================
  Files         380      380              
  Lines       24068    24083      +15     
==========================================
- Hits        14765    14720      -45     
- Misses       9303     9363      +60     

Flag	Coverage Δ
#python	61.12% <ø> (-0.23%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
superset/db_engine_specs/mysql.py	79.16% <0.00%> (-12.50%)	⬇️
superset/db_engine_specs/presto.py	73.54% <0.00%> (-8.75%)	⬇️
superset/examples/world_bank.py	97.10% <0.00%> (-2.90%)	⬇️
superset/examples/birth_names.py	97.36% <0.00%> (-2.64%)	⬇️
superset/models/core.py	87.29% <0.00%> (-1.05%)	⬇️
superset/db_engine_specs/base.py	87.26% <0.00%> (-0.42%)	⬇️
superset/views/core.py	74.22% <0.00%> (-0.25%)	⬇️
superset/connectors/sqla/models.py	89.61% <0.00%> (-0.14%)	⬇️
superset/databases/utils.py	78.94% <0.00%> (+0.56%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 4502690...d1a95ca. Read the comment docs.

[robdiciuccio]

Example public FOSSA report:
https://app.fossa.com/projects/custom+11342%2Fgithub.com%2Fapache%2Fincubator-superset/refs/branch/HEAD/c1b5d64859540a08ba74a41bfc3c9a54d506b2e4

[craig-rueda]

We don't need this check, as the Docker requirements are only used for the "dev" image (which is used in docker-compose)

[robdiciuccio]

So, it looks like the "lean" Docker image is using requirements/local.txt? This is confusing.

[craig-rueda]

Yep, lean gets "local" and dev gets "docker". When I did this, "local" already existed, so I reused it. I added "docker.txt" in order to append a few more deps for docker-compose.

[robdiciuccio]

Ok, removed it for now. May need some reworking after #10875 settles.

[robdiciuccio]

We should probably run the license check each time code is merged to master, as well as when the requirements files change.