Skip to content

Commit

Permalink
Dependency scanning workflow (#3355)
Browse files Browse the repository at this point in the history
  • Loading branch information
@ennru
ennru committed Jun 22, 2023
1 parent e189905 commit 13a857a
Showing 1 changed file with 107 additions and 0 deletions.
107 changes: 107 additions & 0 deletions .github/workflows/dependency-scanning.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,107 @@
name: Dependency Scanning

on:
workflow_dispatch:

permissions:
contents: read

jobs:
fossa:
name: Scanning
runs-on: ubuntu-22.04
if: github.event.repository.fork == false
steps:
- name: Checkout
# https://github.com/actions/checkout/releases
# v3.5.3
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9

- name: Cache Coursier cache
# https://github.com/coursier/cache-action/releases
# v6.4.3
uses: coursier/cache-action@566e01fea33492e5a89706b43fb0d3fc884154f9

- name: Set up JDK 11 and sbt
# https://github.com/coursier/setup-action/releases
# v1.3.3
uses: coursier/setup-action@6a582d7f7292a865e72c497ca64c3ef447cdb6c7
with:
jvm: adopt:11

- name: FOSSA policy check
run: |-
curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash
echo '--- List targets ---'
fossa list-targets
echo '--- Run Fossa on the maven-plugin ---'
fossa analyze --only-path dev/maven-plugin -p lagom-maven-plugin
echo '--- Run Fossa on the sbt-plugin ---'
fossa analyze --only-path dev/sbt-plugin -p lagom-sbt-plugin
echo '--- Run Fossa on the sbt-scripted-library ---'
fossa analyze --only-path dev/sbt-scripted-library -p lagom-sbt-scripted-library
echo '--- Run Fossa on the sbt-scripted-tools ---'
fossa analyze --only-path dev/sbt-scripted-tools -p lagom-sbt-scripted-tools
echo '--- Run Fossa on the build-tool-support ---'
fossa analyze --only-path dev/build-tool-support -p lagom-build-tool-support
echo '--- Run Fossa on the cluster module ---'
fossa analyze --only-path cluster -p lagom-cluster
echo '--- Run Fossa on the akka-management module ---'
fossa analyze --only-path akka-management -p lagom-akka-management
echo '--- Run Fossa on the akka-service-locator module ---'
fossa analyze --only-path akka-service-locator -p lagom-akka-service-locator
echo '--- Run Fossa on the cassandra-server module ---'
fossa analyze --only-path dev/cassandra-server -p lagom-cassandra-server
echo '--- Run Fossa on the kafka-server module ---'
fossa analyze --only-path dev/kafka-server -p lagom-kafka-server
echo '--- Run Fossa on the reloadable-server module ---'
fossa analyze --only-path dev/reloadable-server -p lagom-reloadable-server
echo '--- Run Fossa on the dev-mode-ssl-support module ---'
fossa analyze --only-path dev/dev-mode-ssl-support -p lagom-dev-mode-ssl-support
echo '--- Run Fossa on the service-registry module ---'
fossa analyze --only-path dev/service-registry -p lagom-service-registry
echo '--- Run Fossa on the persistence module ---'
fossa analyze --only-path persistence -p lagom-persistence
echo '--- Run Fossa on the persistence-cassandra module ---'
fossa analyze --only-path persistence-cassandra -p lagom-persistence-cassandra
echo '--- Run Fossa on the persistence-jdbc module ---'
fossa analyze --only-path persistence-jdbc -p lagom-persistence-jdbc
echo '--- Run Fossa on the persistence-jpa module ---'
fossa analyze --only-path persistence-jpa -p lagom-persistence-jpa
echo '--- Run Fossa on the pubsub module ---'
fossa analyze --only-path pubsub -p lagom-pubsub
echo '--- Run Fossa on the projection module ---'
fossa analyze --only-path projection -p lagom-projection
echo '--- Run Fossa on the service module ---'
fossa analyze --only-path service -p lagom-service
echo '--- Run Fossa on the testkit module ---'
fossa analyze --only-path testkit -p lagom-testkit
echo '--- Run Fossa on all of Lagom ---'
fossa analyze -p lagom-all
env:
FOSSA_API_KEY: "${{secrets.FOSSA_API_KEY}}"
FOSSA_TELEMETRY_SCOPE: off

0 comments on commit 13a857a

Please sign in to comment.