Skip to content

Baseline FOSSA Scan - Do Not Merge #4

Baseline FOSSA Scan - Do Not Merge

Baseline FOSSA Scan - Do Not Merge #4

name: FOSSA CLI Analysis
on:
push:
branches: [ $default-branch ]
pull_request:
branches: [ $default-branch ]
workflow_dispatch:
jobs:
fossa:
runs-on: ubuntu-latest
env:
FOSSA_API_KEY: ${{secrets.FOSSA_API_KEY}}
ORG: ${{ github.repository_owner }}
REPO: ${{ github.repository }}
ORG_ADMIN_PAT: ${{ secrets.ELAGUERTA_PAT }}
strategy:
fail-fast: false
steps:
- uses: actions/checkout@v3
- id: fossa-list-targets
name: Run fossa list-targets
run: |
curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash
list_targets_output=$(fossa list-targets 2>&1)
echo "::notice::$list_targets_output"
if [[ $(echo $list_targets_output | grep "Error" | wc -l) -gt 0 ]]
then
echo "::error::fossa list-targets ran with errors."
echo "HAS_FOSSA_TARGETS=Error" >> "$GITHUB_OUTPUT"
elif [[ $(echo $list_targets_output | grep "Found target" | wc -l) -gt 0 ]]
then
echo "::notice::Fossa found analysis targets."
echo "HAS_FOSSA_TARGETS=True" >> "$GITHUB_OUTPUT"
else
echo "::warning::Fossa did not find any analysis targets."
echo "HAS_FOSSA_TARGETS=False" >> "$GITHUB_OUTPUT"
fi
- name: Set hasFossaTargets custom property
run: |
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer $ORG_ADMIN_PAT" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/$ORG/properties/values \
-d '{"repository_names":["'"${REPO##*/}"'"],"properties":[{"property_name":"hasFossaTargets","value":"'"${{ steps.fossa-list-targets.outputs.HAS_FOSSA_TARGETS }}"'"}]}'
- id: fossa-analyze
name: Run fossa analyze
if: ${{ steps.fossa-list-targets.outputs.HAS_FOSSA_TARGETS == 'True'}}
run: |
fossa_analyze_output=$(fossa analyze --policy='New Relic Public Github' 2>&1)
echo "::notice::$fossa_analyze_output"
if [[ $(echo $fossa_analyze_output | grep "Error" | wc -l) -gt 0 ]]
then
echo "::error::fossa analyze ran with errors."
echo "FOSSA_ANALYZE_RESULT=Error" >> "$GITHUB_OUTPUT"
else
echo "FOSSA_ANALYZE_RESULT=Success" >> "$GITHUB_OUTPUT"
fi
- name: Set fossaAnalyzeResult custom property
run: |
curl -L \
-X PATCH \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer $ORG_ADMIN_PAT" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/orgs/$ORG/properties/values \
-d '{"repository_names":["'"${REPO##*/}"'"],"properties":[{"property_name":"fossaAnalyzeResult","value":"'"${{ steps.fossa-analyze.outputs.FOSSA_ANALYZE_RESULT }}"'"}]}'
- name: Exit
if: ${{ steps.fossa-list-targets.outputs.HAS_FOSSA_TARGETS == 'Error' || steps.fossa-analyze.outputs.FOSSA_ANALYZE_RESULT == 'Error' }}
run: exit 1