mirror of
https://github.com/replicatedhq/troubleshoot.git
synced 2026-04-15 07:16:34 +00:00
50 lines
1.3 KiB
YAML
50 lines
1.3 KiB
YAML
name: FOSSA license scan
|
|
|
|
on:
|
|
pull_request_target: # this is safe as these scans do not execute provided code
|
|
branches:
|
|
- main
|
|
paths:
|
|
- go.sum
|
|
|
|
push:
|
|
branches:
|
|
- main
|
|
|
|
jobs:
|
|
fossa-scan-pr:
|
|
runs-on: ubuntu-latest
|
|
if: github.event_name == 'pull_request'
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
with:
|
|
ref: refs/pull/${{ github.event.number }}/merge
|
|
- name: "Install FOSSA"
|
|
uses: replicatedhq/action-fossa/install@main
|
|
- name: "Run FOSSA Scan"
|
|
uses: replicatedhq/action-fossa/scan@main
|
|
with:
|
|
api-key: ${{ secrets.FOSSA_API_KEY }}
|
|
diff: true
|
|
diff-ref: ${{ github.event.pull_request.base.sha }}
|
|
debug: true
|
|
|
|
fossa-scan-merge:
|
|
runs-on: ubuntu-latest
|
|
if: github.event_name == 'push'
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
with:
|
|
fetch-depth: 2
|
|
- id: previous
|
|
run: echo "sha=$(git rev-parse HEAD~1)" >> "${GITHUB_OUTPUT}"
|
|
- name: "Install FOSSA"
|
|
uses: replicatedhq/action-fossa/install@main
|
|
- name: "Run FOSSA Scan"
|
|
uses: replicatedhq/action-fossa/scan@main
|
|
with:
|
|
api-key: ${{ secrets.FOSSA_API_KEY }}
|
|
diff: true
|
|
diff-ref: ${{ steps.previous.outputs.sha }}
|
|
debug: true
|