sdadfadas

1
name: Generate FOSSA report
2

3
on:
4
  push:
5
    branches:
6
      - "master"
7
      - "[0-9].[0-9]*"
8

9
jobs:
10
  config:
11
    runs-on: "ubuntu-22.04"
12
    outputs:
13
      has-secrets: ${{ steps.check.outputs.has-secrets }}
14
    steps:
15
      - name: "Check for secrets"
16
        id: check
17
        shell: bash
18
        run: |
19
          if [ -n "${{ (secrets.FOSSA_API_KEY != '' ) || '' }}" ]; then
20
            echo "has-secrets=1" >> "$GITHUB_OUTPUT"
21
          fi
22

23
  license_check:
24
    needs: config
25
    if: needs.config.outputs.has-secrets
26
    name: Generate Report
27
    runs-on: ubuntu-22.04
28
    steps:
29
      - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
30
        uses: actions/checkout@v4
31
        with:
32
          persist-credentials: false
33
          submodules: recursive
34
      - name: Setup Java
35
        uses: actions/setup-java@v4
36
        with:
37
          distribution: "temurin"
38
          java-version: "11"
39
      - name: Generate fossa report
40
        env:
41
          FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
42
        run: |
43
          set -eo pipefail
44
          if [[ "${{github.event_name}}" != "pull_request" ]]; then
45
            ./scripts/fossa.sh
46
            exit 0
47
          fi
48

49
          URL="https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/files"
50
          FILES=$(curl -s -X GET -G $URL | jq -r '.[] | .filename')
51

52
          cat<<EOF
53
          CHANGED FILES:
54
          $FILES
55

56
          EOF
57

58
          if [[ "${FILES}" =~ (.*package*\.json|requirements\/[a-z_-]+\.txt|setup\.py) ]]; then
59
            echo "Detected dependency changes... running fossa check"
60

61
            ./scripts/fossa.sh
62
          else
63
            echo "No dependency changes... skiping fossa check"
64
          fi
65
        shell: bash
66