Skip to content

Commit 207767a

Browse files
saumassaumas
authored
Add code and image security and licencing scan (#26)
1 parent 755dae7 commit 207767a

File tree

2 files changed

+22
-0
lines changed

2 files changed

+22
-0
lines changed

.github/workflows/build.yaml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -75,3 +75,10 @@ jobs:
7575
tags: |
7676
castai/cluster-controller:${{ env.RELEASE_TAG }}
7777
castai/cluster-controller:latest
78+
79+
- name: FOSSA scan docker image
80+
if: github.event_name == 'release'
81+
uses: fossas/fossa-action@v1
82+
with:
83+
api-key: ${{ secrets.FOSSA_API_KEY }}
84+
container: castai/cluster-controller:${{ env.RELEASE_TAG }}

.github/workflows/fossa.yaml

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
name: FOSSA
2+
3+
on:
4+
push:
5+
branches:
6+
- main
7+
8+
jobs:
9+
fossa-scan:
10+
runs-on: ubuntu-latest
11+
steps:
12+
- uses: actions/checkout@v2
13+
- uses: fossas/fossa-action@v1
14+
with:
15+
api-key: ${{ secrets.FOSSA_API_KEY }}

0 commit comments

Comments
 (0)