From 8ce90e18144ae5203d04e9eb44fea8f6cd887187 Mon Sep 17 00:00:00 2001
From: Stefan Prodan <stefan.prodan@gmail.com>
Date: Tue, 19 Jan 2021 11:57:22 +0200
Subject: [PATCH] Add CNCF's FOSSA scanning to CI

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
---
 .github/workflows/fossa.yml | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 .github/workflows/fossa.yml

diff --git a/.github/workflows/fossa.yml b/.github/workflows/fossa.yml
new file mode 100644
index 00000000..5019ee58
--- /dev/null
+++ b/.github/workflows/fossa.yml
@@ -0,0 +1,25 @@
+name: FOSSA
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-go@v2
+        with:
+          go-version: "^1.15.x"
+      - name: Add GOPATH to GITHUB_ENV
+        run: echo "GOPATH=$(go env GOPATH)" >>"$GITHUB_ENV"
+      - name: Add GOPATH to GITHUB_PATH
+        run: echo "$GOPATH/bin" >>"$GITHUB_PATH"
+      - name: Run FOSSA scan and upload build data
+        uses: fossa-contrib/fossa-action@v1
+        with:
+          # FOSSA Push-Only API Token
+          fossa-api-key: 5ee8bf422db1471e0bcf2bcb289185de
+          github-token: ${{ github.token }}