Skip to content

Bump step-security/harden-runner from 2.9.0 to 2.9.1 #371

Bump step-security/harden-runner from 2.9.0 to 2.9.1

Bump step-security/harden-runner from 2.9.0 to 2.9.1 #371

Workflow file for this run

name: Fossology check
on: [pull_request, push]
permissions:
contents: read
jobs:
check-license:
name: Check license, copyright, keyword
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- run: |
docker run --rm --name "fossologyscanner" -w "/opt/repo" -v ${PWD}:/opt/repo \
-e GITHUB_TOKEN=${{ github.token }} \
-e GITHUB_PULL_REQUEST=${{ github.event.number }} \
-e GITHUB_REPOSITORY=${{ github.repository }} \
-e GITHUB_REPO_URL=${{ github.repositoryUrl }} \
-e GITHUB_REPO_OWNER=${{ github.repository_owner }} \
-e GITHUB_API=${{ github.api_url }} \
-e GITHUB_ACTIONS=true \
fossology/fossology:scanner "/bin/fossologyscanner" --report TEXT repo nomos ojo copyright keyword
# Upload artifact
- uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b
with:
name: scan-fossology-report
path: ./results
# Artifact download
- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
with:
name: scan-fossology-report