ci: Fix FOSSA scans by generating Gemfile.lock files before scanning

Shell script will loop through all the available Gemfiles in this repository and create Gemfile.lock files without actually installing these gems.
Some folders like */examples/* and release/ have been vomited.
FOSSA is intelligent enough to read nested directories and generate the report based on lock files.

Signed-off-by: Arjun Rajappa <[email protected]>

Author: arjun-rajappa

.github/workflows/fossa.yml

@@ -15,6 +15,33 @@ jobs:
     steps:
       - uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v4.2.2
 
+      - name: Install Ruby 3.4
+        uses: ruby/[email protected]
+        with:
+          ruby-version: 3.4
+      - name: Generate Gemfile.lock
+        run: |
+          echo "Finding all Gemfiles in the project..."
+          echo "======================================="
+          ORIGINAL_DIR=$(pwd)
+
+          find . -type f -name "Gemfile" -not -path "*/example/*" -not -path "*/releases/*" | sort | while read gemfile; do
+              gemfile_dir=$(dirname "$gemfile")
+              
+              # Change to the Gemfile's directory
+              echo "Changing to directory: $gemfile_dir"
+              
+              cd "$gemfile_dir" || continue
+
+              echo "Current directory: $(pwd)"
+              echo "Creating lock file for: $gemfile"
+              
+              # Generate the gemlock files
+              bundle lock || echo "Warning: Failed to generate lock file for $gemfile, continuing..."
+
+              cd "$ORIGINAL_DIR" || exit 1
+          done
+
       - uses: fossas/fossa-action@3ebcea1862c6ffbd5cf1b4d0bd6b3fe7bd6f2cac # v1.7.0
         with:
           api-key: ${{secrets.FOSSA_API_KEY}}