ci: add FOSSA license scan workflow

Signed-off-by: Hidde Beydals <hidde@hhh.computer>
2026-02-05 12:45:21 +01:00 · 2023-09-29 09:04:31 +02:00
parent aa61d03acc
commit a6833e8323
1 changed files with 23 additions and 0 deletions
--- a/.github/workflows/fossa.yml
+++ b/.github/workflows/fossa.yml
@@ -0,0 +1,23 @@
+name: FOSSA License Scan
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+
+permissions:
+  contents: read # for actions/checkout to fetch code
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+
+      - name: Run FOSSA scan and upload build data
+        uses: fossa-contrib/fossa-action@6728dc6fe9a068c648d080c33829ffbe56565023 # v2.0.0
+        with:
+          # FOSSA Push-Only API Token
+          fossa-api-key: 8135a2e556de91096707c7b37504b353
+          github-token: ${{ github.token }}