/action-fossa

Composite action for FOSSA scans at Replicated

Apache License 2.0Apache-2.0

action-fossa

Composite actions for FOSSA operations at Replicated

install

Installs the FOSSA CLI.

Usage

jobs:
  fossa-scan:
    runs-on: ubuntu-latest
    steps:
      - uses: replicatedhq/action-fossa/install@v1

inputs

version

The version of the FOSSA CLI to install, e.g. '3.6.0'. Default is set to latest tested version

sha256sum

The SHA256 checksum for the archive file for the selected version. Used to verify the archive.

scan

Runs the FOSSA CLI to analyze dependencies and check for license violations. FOSSA CLI must already be installed.

Usage

jobs:
  fossa-scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - uses: replicatedhq/action-fossa/install@v1
      - uses: replicatedhq/action-fossa/scan@v1
        with:
          api-key: ${{ secrets.FOSSA_API_KEY }}

inputs

api-key

The FOSSA API key to use. Push-only tokens are not recommended.

run-tests

Whether or not to run the test step. Defaults to true.

diff

Use the diff mode of fossa test to only check against changes to a branch. Defaults to true.

diff-ref

Set the branch or ref against which to diff. Defaults to main.