Skip to content

Baseline FOSSA Scan - Do Not Merge #3

Baseline FOSSA Scan - Do Not Merge

Baseline FOSSA Scan - Do Not Merge #3

name: FOSSA CLI Analysis
on:
push:
branches: [ $default-branch ]
pull_request:
branches: [ $default-branch ]
workflow_dispatch:
jobs:
fossa:
runs-on: ubuntu-latest
env:
FOSSA_API_KEY: ${{secrets.FOSSA_API_KEY}}
ORG: ${{ github.repository_owner }}
REPO: ${{ github.repository }}
ORG_ADMIN_PAT: ${{ secrets.ELAGUERTA_PAT }}
strategy:
fail-fast: false
steps:
- uses: actions/checkout@v3
- name: Run fossa
run: |
curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash
output="$(fossa list-targets --format=text)"
if [[ -n $output ]]
then
printf -- "%s\n" "$output"
fossa analyze
export HAS_FOSSA_TARGETS="True"
else
printf -- "Fossa did not find any analysis targets.\n"
export HAS_FOSSA_TARGETS="False"
fi
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer $ORG_ADMIN_PAT" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/$ORG/properties/values \
-d '{"repository_names":["'"${REPO##*/}"'"],"properties":[{"property_name":"hasFossaTargets","value":"'"${HAS_FOSSA_TARGETS}"'"}]}'