From a2febb533391771f9e81109ca0ccb712ec34befb Mon Sep 17 00:00:00 2001 From: Sarah Oloumi Date: Fri, 29 Nov 2024 10:44:10 -0500 Subject: [PATCH 1/3] Create fossa-scan.yaml --- .github/workflows/fossa-scan.yaml | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 .github/workflows/fossa-scan.yaml diff --git a/.github/workflows/fossa-scan.yaml b/.github/workflows/fossa-scan.yaml new file mode 100644 index 0000000000..4707600c81 --- /dev/null +++ b/.github/workflows/fossa-scan.yaml @@ -0,0 +1,30 @@ +name: FOSSA Scan +on: + pull_request: + +permissions: + repository-projects: read + contents: write + id-token: write + packages: write + actions: write + +jobs: + fossa_scan: + runs-on: ubuntu-latest + + steps: + - name: Install LFS Dependencies + run: sudo apt update && sudo apt install git git-lfs -y + + - name: Checkout code + uses: actions/checkout@v4 + with: + ref: ${{ github.event.pull_request.head.sha }} + lfs: true + + - name: Install FOSSA CLI + run: | + curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash ; + export FOSSA_API_KEY=${{ secrets.FOSSA_API_KEY }}; + fossa analyze --debug --revision 1.0 --branch fossa-test --unpack-archives From 80fcce3e1f73f9f796f9feabdd0f9b7d86ff9445 Mon Sep 17 00:00:00 2001 From: Sarah Oloumi Date: Fri, 29 Nov 2024 10:44:39 -0500 Subject: [PATCH 2/3] Create .fossa.yml --- .fossa.yml | 1 + 1 file changed, 1 insertion(+) create mode 100644 .fossa.yml diff --git a/.fossa.yml b/.fossa.yml new file mode 100644 index 0000000000..0a70affa4b --- /dev/null +++ b/.fossa.yml @@ -0,0 +1 @@ +version: 3 From 5e262e0bc24114f6ebaaf8547f1ec5ef4970ca5a Mon Sep 17 00:00:00 2001 From: Sarah Oloumi Date: Fri, 29 Nov 2024 11:05:06 -0500 Subject: [PATCH 3/3] Update fossa-scan.yaml --- .github/workflows/fossa-scan.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/fossa-scan.yaml b/.github/workflows/fossa-scan.yaml index 4707600c81..652385bbba 100644 --- a/.github/workflows/fossa-scan.yaml +++ b/.github/workflows/fossa-scan.yaml @@ -27,4 +27,4 @@ jobs: run: | curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash ; export FOSSA_API_KEY=${{ secrets.FOSSA_API_KEY }}; - fossa analyze --debug --revision 1.0 --branch fossa-test --unpack-archives + fossa analyze --experimental-force-first-party-scans --debug --revision 1.0 --branch fossa-test --unpack-archives