Baseline FOSSA Scan - Do Not Merge #20

Summary
Jobs
- check_env
- fossa
Run details
- Usage
- Workflow file

Workflow file for this run

newrelic/.github/.github/workflows/fossa-default.yml at d5a9043

	name: FOSSA CLI Analysis
	on:
	push:
	branches: [ $default-branch ]
	pull_request:
	branches: [ $default-branch ]
	workflow_dispatch:

	jobs:
	check_env:
	runs-on: ubuntu-latest
	env:
	HAS_FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY != '' }}
	steps:
	- id: check-fossa-api-key
	run: echo "check=$HAS_FOSSA_API_KEY" >> "$GITHUB_OUTPUT"
	outputs:
	HAS_FOSSA_API_KEY: ${{ steps.check-fossa-api-key.outputs.check }}

	fossa:
	needs: check_env
	if: ${{ needs.check_env.outputs.HAS_FOSSA_API_KEY }}
	runs-on: ubuntu-latest
	env:
	FOSSA_API_KEY: ${{secrets.FOSSA_API_KEY}}
	ORG: ${{ github.repository_owner }}
	REPO: ${{ github.repository }}
	CUSTOM_PROPS_PAT: ${{ secrets.FOSSA_PAT }}

	steps:
	- uses: actions/checkout@v3
	- id: fossa-list-targets
	name: Run fossa list-targets
	run: \|
	curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh \| bash
	export LIST_TARGETS_OUT_FILE=${{ runner.temp }}/list-targets_out.txt
	export LIST_TARGETS_ERR_FILE=${{ runner.temp }}/list-targets_err.txt

	fossa list-targets --format text 1>$LIST_TARGETS_OUT_FILE 2>$LIST_TARGETS_ERR_FILE \|\| true

	if [[ $(grep -i "error" $LIST_TARGETS_ERR_FILE \| wc -l) -gt 0 ]]
	then
	echo "::error::fossa list-targets ran with errors."
	cat $LIST_TARGETS_ERR_FILE
	echo "HAS_FOSSA_TARGETS=Error" >> "$GITHUB_OUTPUT"
	elif [[ $(cat $LIST_TARGETS_OUT_FILE \| wc -l) -gt 0 ]]
	then
	echo "::notice::Fossa found analysis targets."
	cat $LIST_TARGETS_OUT_FILE
	echo "HAS_FOSSA_TARGETS=True" >> "$GITHUB_OUTPUT"
	else
	echo "::warning::Fossa did not find any analysis targets."
	echo "HAS_FOSSA_TARGETS=False" >> "$GITHUB_OUTPUT"
	fi
	- name: Set fossaHasTargets custom property
	run: \|
	curl -L \
	-X PATCH \
	-H "Accept: application/vnd.github+json" \
	-H "Authorization: Bearer $CUSTOM_PROPS_PAT" \
	-H "X-GitHub-Api-Version: 2022-11-28" \
	https://api.github.com/orgs/$ORG/properties/values \
	-d '{"repository_names":["'"${REPO##*/}"'"],"properties":[{"property_name":"fossaHasTargets","value":"'"${{ steps.fossa-list-targets.outputs.HAS_FOSSA_TARGETS }}"'"}]}'
	- id: fossa-analyze
	name: Run fossa analyze
	if: ${{ steps.fossa-list-targets.outputs.HAS_FOSSA_TARGETS == 'True'}}
	run: \|
	export ANALYZE_OUT_FILE=${{ runner.temp }}/analyze_out.txt
	export ANALYZE_ERR_FILE=${{ runner.temp }}/analyze_err.txt
	fossa analyze --team='Service Accounts' --policy='New Relic Public Github' 1>$ANALYZE_OUT_FILE 2>$ANALYZE_ERR_FILE \|\| true
	if [[ $(grep "ERROR" $ANALYZE_ERR_FILE \| wc -l) -gt 0 ]]
	then
	echo "::error::fossa analyze ran with errors."
	cat $ANALYZE_ERR_FILE
	echo "FOSSA_ANALYZE_RESULT=Error" >> "$GITHUB_OUTPUT"
	else
	cat $ANALYZE_OUT_FILE
	echo "FOSSA_ANALYZE_RESULT=Success" >> "$GITHUB_OUTPUT"
	fi
	- name: Set fossaAnalyzeResult custom property
	run: \|
	curl -L \
	-X PATCH \
	-H "Accept: application/vnd.github+json" \
	-H "Authorization: Bearer $CUSTOM_PROPS_PAT" \
	-H "X-GitHub-Api-Version: 2022-11-28" \
	https://api.github.com/orgs/$ORG/properties/values \
	-d '{"repository_names":["'"${REPO##*/}"'"],"properties":[{"property_name":"fossaAnalyzeResult","value":"'"${{ steps.fossa-analyze.outputs.FOSSA_ANALYZE_RESULT }}"'"}]}'
	- name: Exit
	if: ${{ steps.fossa-list-targets.outputs.HAS_FOSSA_TARGETS == 'Error' \|\| steps.fossa-analyze.outputs.FOSSA_ANALYZE_RESULT == 'Error' }}
	run: exit 1

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Baseline FOSSA Scan - Do Not Merge #20

Workflow file

Baseline FOSSA Scan - Do Not Merge #20

Jobs

Run details

Workflow file for this run