moved fossa in its own workflow

rancher · Apr 30, 2024 · 3672f7c · 3672f7c
1 parent 8aa9052
commit 3672f7c
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 30 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -56,27 +56,3 @@ jobs:
         push: false
         context: package
         tags: rancher/cli2:${{ env.VERSION }}
-
-  fossa:
-    # do not run on pull_request
-    if: github.event_name != 'pull_request'
-    runs-on: ubuntu-latest
-
-    permissions:
-      contents: read
-      id-token: write # needed for the Vault authentication
-
-    steps:
-      - name: Checkout Repo
-        uses: actions/checkout@v3
-
-      - name: Load Secrets from Vault
-        uses: rancher-eio/read-vault-secrets@main
-        with:
-          secrets: |
-            secret/data/github/repo/${{ github.repository }}/fossa/credentials token | FOSSA
-
-      - name: Check FOSSA compliance
-        uses: fossas/fossa-action@main
-        with:
-          api-key: ${{ env.FOSSA }}
diff --git a/.github/workflows/fossa.yml b/.github/workflows/fossa.yml
@@ -0,0 +1,32 @@
+name: FOSSA
+
+on:
+  workflow_dispatch:
+  push:
+    tags:
+      - v*
+    branches:
+      - v*
+
+jobs:
+  fossa:
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: read
+      id-token: write # needed for the Vault authentication
+
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v3
+
+      - name: Load Secrets from Vault
+        uses: rancher-eio/read-vault-secrets@main
+        with:
+          secrets: |
+            secret/data/github/repo/${{ github.repository }}/fossa/credentials token | FOSSA
+
+      - name: Check FOSSA compliance
+        uses: fossas/fossa-action@main
+        with:
+          api-key: ${{ env.FOSSA }}
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -23,7 +23,6 @@ jobs:
         secrets: |
           secret/data/github/repo/${{ github.repository }}/dockerhub/rancher/credentials username | DOCKER_USERNAME ;
           secret/data/github/repo/${{ github.repository }}/dockerhub/rancher/credentials password | DOCKER_PASSWORD ;
-          secret/data/github/repo/${{ github.repository }}/fossa/credentials token | FOSSA ;
 
     - name: Login to Docker Hub
       uses: docker/login-action@v3
@@ -50,11 +49,6 @@ jobs:
     - name: Test
       run: ./scripts/test
 
-    - name: Check FOSSA compliance
-      uses: fossas/fossa-action@main
-      with:
-        api-key: ${{ env.FOSSA }}
-
     - name: Get Tag
       if: startsWith(github.ref, 'refs/tags/v')
       run: echo "GITHUB_TAG=$GITHUB_REF_NAME" >> $GITHUB_ENV