File tree Expand file tree Collapse file tree 2 files changed +49
-18
lines changed Expand file tree Collapse file tree 2 files changed +49
-18
lines changed Original file line number Diff line number Diff line change 1+ name : FOSSA license scan
2+
3+ on :
4+ pull_request_target : # this is safe as these scans do not execute provided code
5+ branches :
6+ - main
7+ paths :
8+ - go.sum
9+
10+ push :
11+ branches :
12+ - main
13+
14+ jobs :
15+ fossa-scan-pr :
16+ runs-on : ubuntu-latest
17+ if : github.event_name == 'pull_request'
18+ steps :
19+ - uses : actions/checkout@v3
20+ with :
21+ ref : refs/pull/${{ github.event.number }}/merge
22+ - name : " Install FOSSA"
23+ uses : replicatedhq/action-fossa/install@main
24+ - name : " Run FOSSA Scan"
25+ uses : replicatedhq/action-fossa/scan@main
26+ with :
27+ api-key : ${{ secrets.FOSSA_API_KEY }}
28+ diff : true
29+ diff-ref : ${{ github.event.pull_request.base.sha }}
30+ debug : true
31+
32+ fossa-scan-merge :
33+ runs-on : ubuntu-latest
34+ if : github.event_name == 'push'
35+ steps :
36+ - uses : actions/checkout@v3
37+ with :
38+ fetch-depth : 2
39+ - id : previous
40+ run : echo "sha=$(git rev-parse HEAD~1)" >> "${GITHUB_OUTPUT}"
41+ - name : " Install FOSSA"
42+ uses : replicatedhq/action-fossa/install@main
43+ - name : " Run FOSSA Scan"
44+ uses : replicatedhq/action-fossa/scan@main
45+ with :
46+ api-key : ${{ secrets.FOSSA_API_KEY }}
47+ diff : true
48+ diff-ref : ${{ steps.previous.outputs.sha }}
49+ debug : true
Load Diff This file was deleted.
You can’t perform that action at this time.
0 commit comments