sdadfadas
1name: Generate FOSSA report
2
3on:
4push:
5branches:
6- "master"
7- "[0-9].[0-9]*"
8
9jobs:
10config:
11runs-on: "ubuntu-22.04"
12outputs:
13has-secrets: ${{ steps.check.outputs.has-secrets }}
14steps:
15- name: "Check for secrets"
16id: check
17shell: bash
18run: |
19if [ -n "${{ (secrets.FOSSA_API_KEY != '' ) || '' }}" ]; then
20echo "has-secrets=1" >> "$GITHUB_OUTPUT"
21fi
22
23license_check:
24needs: config
25if: needs.config.outputs.has-secrets
26name: Generate Report
27runs-on: ubuntu-22.04
28steps:
29- name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
30uses: actions/checkout@v4
31with:
32persist-credentials: false
33submodules: recursive
34- name: Setup Java
35uses: actions/setup-java@v4
36with:
37distribution: "temurin"
38java-version: "11"
39- name: Generate fossa report
40env:
41FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
42run: |
43set -eo pipefail
44if [[ "${{github.event_name}}" != "pull_request" ]]; then
45./scripts/fossa.sh
46exit 0
47fi
48
49URL="https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/files"
50FILES=$(curl -s -X GET -G $URL | jq -r '.[] | .filename')
51
52cat<<EOF
53CHANGED FILES:
54$FILES
55
56EOF
57
58if [[ "${FILES}" =~ (.*package*\.json|requirements\/[a-z_-]+\.txt|setup\.py) ]]; then
59echo "Detected dependency changes... running fossa check"
60
61./scripts/fossa.sh
62else
63echo "No dependency changes... skiping fossa check"
64fi
65shell: bash
66