From c71935a6e1e618a018184e8a1bd704c9dca966ae Mon Sep 17 00:00:00 2001
From: dustincrogers <dustinrogers@netlify.com>
Date: Fri, 20 Aug 2021 12:41:30 -0700
Subject: [PATCH] update github actions workflow files for fossa scans to use
 install users home directory

---
 .github/workflows/fossa.yml | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)
 create mode 100644 .github/workflows/fossa.yml

diff --git a/.github/workflows/fossa.yml b/.github/workflows/fossa.yml
new file mode 100644
index 00000000..653d7dab
--- /dev/null
+++ b/.github/workflows/fossa.yml
@@ -0,0 +1,36 @@
+name: Dependency License Scanning
+
+on:
+  push:
+    branches:
+      - master
+      - chore/fossa-workflow
+
+defaults:
+  run:
+    shell: bash
+
+jobs:
+  fossa:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Download fossa cli
+        run: |-
+          mkdir -p $HOME/.local/bin
+          curl https://raw.githubusercontent.com/fossas/fossa-cli/master/install.sh | bash -s -- -b $HOME/.local/bin
+          echo "$HOME/.local/bin" >> $GITHUB_PATH
+
+      - name: Fossa init
+        run: fossa init
+      - name: Set env
+        run: echo "line_number=$(grep -n "project" .fossa.yml | cut -f1 -d:)" >> $GITHUB_ENV
+      - name: Configuration
+        run: |-
+          sed -i "${line_number}s|.*|  project: git@github.com:${GITHUB_REPOSITORY}.git|" .fossa.yml
+          cat .fossa.yml
+      - name: Upload dependencies
+        run: fossa analyze --debug
+        env:
+          FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}