Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FOSSA scan added #7862

Merged
merged 2 commits into from
Apr 20, 2021
Merged

FOSSA scan added #7862

merged 2 commits into from
Apr 20, 2021

Conversation

idvoretskyi
Copy link
Member

Signed-off-by: Ihor Dvoretskyi ihor@linux.com

@idvoretskyi
FOSSA scan added
c448d0d 
Signed-off-by: Ihor Dvoretskyi <ihor@linux.com>
@systay
Copy link
Collaborator

systay commented Apr 14, 2021

Hi @idvoretskyi 👋

The build errors are because of infrastructure problems we are facing with github actions. We'll make sure they go green once the issue has been fixed.

In the mean time, would you mind adding a description to the PR?

@idvoretskyi
Copy link
Member Author

@systay sorry, the reference issue is here - cncf/foundation#109; also we had a direct request by @askdba to the CNCF ServiceDesk to enable the FOSSA scanning.

askdba
askdba approved these changes Apr 15, 2021
View reviewed changes
Copy link
Contributor

@askdba askdba left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@deepthi
Copy link
Member

deepthi commented Apr 15, 2021
edited

It doesn't look like the scan covers all the code (excluding tests):

INFO Analyzing module (31/45): vitess.io/vitess/go/vt/sqlparser/goyacc
INFO Analyzing module (32/45): vitess.io/vitess/go/vt/throttler/demo
INFO Analyzing module (33/45): vitess.io/vitess/go/vt/vtctl/grpcvtctldclient/codegen

There are a lot more sub-directories under go/vt/ and that is where the bulk of the code lives.

@idvoretskyi
FOSSA GHA workflow file rewritten
453a247 
Signed-off-by: Ihor Dvoretskyi <ihor@linux.com>
@idvoretskyi
Copy link
Member Author

@deepthi I made a significant update of the workflow file - now it uses the official FOSSA GitHub Action; let's see how it works.

@deepthi
Copy link
Member

deepthi commented Apr 20, 2021
edited

I assume the license scan is recursive? Then this is probably ok. The rest of the go/vt/... packages are probably covered by inclusion from the go/cmd/... packages.

@deepthi deepthi merged commit 904a9e2 into vitessio:master Apr 20, 2021
@idvoretskyi idvoretskyi deleted the idvoretskyi-fossa branch July 2, 2021 17:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@askdba askdba askdba approved these changes

Assignees
No one assigned
Labels
Component: Build/CI Type: Testing
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@idvoretskyi @systay @deepthi @askdba