.github/workflows/generate-FOSSA-report.yml - superset - Git at Google

 name: Generate FOSSA report

 on:
   push:
     branches:
       - "master"
       - "[0-9].[0-9]*"

 jobs:
   config:
     runs-on: "ubuntu-22.04"
     outputs:
       has-secrets: ${{ steps.check.outputs.has-secrets }}
     steps:
       - name: "Check for secrets"
         id: check
         shell: bash
         run: |
           if [ -n "${{ (secrets.FOSSA_API_KEY != '' ) || '' }}" ]; then
             echo "has-secrets=1" >> "$GITHUB_OUTPUT"
           fi

   license_check:
     needs: config
     if: needs.config.outputs.has-secrets
     name: Generate Report
     runs-on: ubuntu-22.04
     steps:
       - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
         uses: actions/checkout@v4
         with:
           persist-credentials: false
           submodules: recursive
       - name: Setup Java
         uses: actions/setup-java@v4
         with:
           distribution: "temurin"
           java-version: "11"
       - name: Generate fossa report
         env:
           FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
         run: |
           set -eo pipefail
           if [[ "${{github.event_name}}" != "pull_request" ]]; then
             ./scripts/fossa.sh
             exit 0
           fi

           URL="https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/files"
           FILES=$(curl -s -X GET -G $URL | jq -r '.[] | .filename')

           cat<<EOF
           CHANGED FILES:
           $FILES

           EOF

           if [[ "${FILES}" =~ (.*package*\.json|requirements\/[a-z_-]+\.txt|setup\.py) ]]; then
             echo "Detected dependency changes... running fossa check"

             ./scripts/fossa.sh
           else
             echo "No dependency changes... skiping fossa check"
           fi
         shell: bash
	name: Generate FOSSA report

	on:
	push:
	branches:
	- "master"
	- "[0-9].[0-9]*"

	jobs:
	config:
	runs-on: "ubuntu-22.04"
	outputs:
	has-secrets: ${{ steps.check.outputs.has-secrets }}
	steps:
	- name: "Check for secrets"
	id: check
	shell: bash
	run: \|
	if [ -n "${{ (secrets.FOSSA_API_KEY != '' ) \|\| '' }}" ]; then
	echo "has-secrets=1" >> "$GITHUB_OUTPUT"
	fi

	license_check:
	needs: config
	if: needs.config.outputs.has-secrets
	name: Generate Report
	runs-on: ubuntu-22.04
	steps:
	- name: "Checkout ${{ github.ref }} ( ${{ github.sha }} )"
	uses: actions/checkout@v4
	with:
	persist-credentials: false
	submodules: recursive
	- name: Setup Java
	uses: actions/setup-java@v4
	with:
	distribution: "temurin"
	java-version: "11"
	- name: Generate fossa report
	env:
	FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
	run: \|
	set -eo pipefail
	if [[ "${{github.event_name}}" != "pull_request" ]]; then
	./scripts/fossa.sh
	exit 0
	fi

	URL="https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/files"
	FILES=$(curl -s -X GET -G $URL \| jq -r '.[] \| .filename')

	cat<<EOF
	CHANGED FILES:
	$FILES

	EOF

	if [[ "${FILES}" =~ (.package\.json\|requirements\/[a-z_-]+\.txt\|setup\.py) ]]; then
	echo "Detected dependency changes... running fossa check"

	./scripts/fossa.sh
	else
	echo "No dependency changes... skiping fossa check"
	fi
	shell: bash