Merge pull request #48 from newrelic-csec/main

Move FOSSA workflows to newrelic org

.github/workflows/fossa-caos.yml

@@ -0,0 +1,87 @@
+name: FOSSA CLI Analysis
+on:
+  push:
+    branches: [ $default-branch ]
+  pull_request:
+    branches: [ $default-branch ]
+  workflow_dispatch:
+
+jobs:
+  fossa:
+    runs-on: ubuntu-latest
+    env:
+      FOSSA_API_KEY: ${{secrets.FOSSA_API_KEY}}
+      ORG: ${{ github.repository_owner }}
+      REPO: ${{ github.repository }}
+      ORG_ADMIN_PAT: ${{ secrets.ELAGUERTA_PAT }}
+
+    strategy:
+      fail-fast: false
+
+    steps:
+      - uses: actions/checkout@v3
+      - name: Give GitHub Actions access to private crates
+        uses: webfactory/[email protected]
+        with:
+          ssh-private-key: ${{ secrets.CAOS_RUST_CRATE_FOSSA }}
+      - id: fossa-list-targets
+        name: Run fossa list-targets
+        run: |
+          curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash
+          export LIST_TARGETS_OUT_FILE=${{ runner.temp }}/list-targets_out.txt
+          export LIST_TARGETS_ERR_FILE=${{ runner.temp }}/list-targets_err.txt
+
+          fossa list-targets --format text 1>$LIST_TARGETS_OUT_FILE 2>$LIST_TARGETS_ERR_FILE || true
+
+          if [[ $(grep -i "error" $LIST_TARGETS_ERR_FILE | wc -l) -gt 0 ]]
+          then
+              echo "::error::fossa list-targets ran with errors."
+              cat $LIST_TARGETS_ERR_FILE
+              echo "HAS_FOSSA_TARGETS=Error" >> "$GITHUB_OUTPUT"
+          elif [[ $(cat $LIST_TARGETS_OUT_FILE | wc -l) -gt 0 ]]
+          then
+              echo "::notice::Fossa found analysis targets."
+              cat $LIST_TARGETS_OUT_FILE
+              echo "HAS_FOSSA_TARGETS=True" >> "$GITHUB_OUTPUT"
+          else
+              echo "::warning::Fossa did not find any analysis targets."
+              echo "HAS_FOSSA_TARGETS=False" >> "$GITHUB_OUTPUT"
+          fi
+      - name: Set hasFossaTargets custom property
+        run: |
+          curl -L \
+            -X PATCH \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer $ORG_ADMIN_PAT" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            https://api.github.com/orgs/$ORG/properties/values \
+            -d '{"repository_names":["'"${REPO##*/}"'"],"properties":[{"property_name":"hasFossaTargets","value":"'"${{ steps.fossa-list-targets.outputs.HAS_FOSSA_TARGETS }}"'"}]}'
+      - id: fossa-analyze
+        name: Run fossa analyze
+        if: ${{ steps.fossa-list-targets.outputs.HAS_FOSSA_TARGETS == 'True'}}
+        run: |
+          export ANALYZE_OUT_FILE=${{ runner.temp }}/analyze_out.txt
+          export ANALYZE_ERR_FILE=${{ runner.temp }}/analyze_err.txt
+          fossa analyze --policy='New Relic Public Github' 1>$ANALYZE_OUT_FILE 2>$ANALYZE_ERR_FILE || true
+          if [[ $(grep "ERROR" $ANALYZE_ERR_FILE | wc -l) -gt 0 ]]
+          then
+              echo "::error::fossa analyze ran with errors."
+              cat $ANALYZE_ERR_FILE
+              echo "FOSSA_ANALYZE_RESULT=Error" >> "$GITHUB_OUTPUT"
+          else
+              cat $ANALYZE_OUT_FILE
+              echo "FOSSA_ANALYZE_RESULT=Success" >> "$GITHUB_OUTPUT"
+          fi
+      - name: Set fossaAnalyzeResult custom property
+        run: |
+          curl -L \
+            -X PATCH \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer $ORG_ADMIN_PAT" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            https://api.github.com/orgs/$ORG/properties/values \
+            -d '{"repository_names":["'"${REPO##*/}"'"],"properties":[{"property_name":"fossaAnalyzeResult","value":"'"${{ steps.fossa-analyze.outputs.FOSSA_ANALYZE_RESULT }}"'"}]}'
+      - name: Exit
+        if: ${{ steps.fossa-list-targets.outputs.HAS_FOSSA_TARGETS == 'Error' || steps.fossa-analyze.outputs.FOSSA_ANALYZE_RESULT == 'Error' }}
+        run: exit 1
+

.github/workflows/fossa-default.yml

@@ -0,0 +1,82 @@
+name: FOSSA CLI Analysis
+on:
+  push:
+    branches: [ $default-branch ]
+  pull_request:
+    branches: [ $default-branch ]
+  workflow_dispatch:
+
+jobs:
+  fossa:
+    runs-on: ubuntu-latest
+    env:
+      FOSSA_API_KEY: ${{secrets.FOSSA_API_KEY}}
+      ORG: ${{ github.repository_owner }}
+      REPO: ${{ github.repository }}
+      ORG_ADMIN_PAT: ${{ secrets.ELAGUERTA_PAT }}
+
+    strategy:
+      fail-fast: false
+
+    steps:
+      - uses: actions/checkout@v3
+      - id: fossa-list-targets
+        name: Run fossa list-targets
+        run: |
+          curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash
+          export LIST_TARGETS_OUT_FILE=${{ runner.temp }}/list-targets_out.txt
+          export LIST_TARGETS_ERR_FILE=${{ runner.temp }}/list-targets_err.txt
+
+          fossa list-targets --format text 1>$LIST_TARGETS_OUT_FILE 2>$LIST_TARGETS_ERR_FILE || true
+
+          if [[ $(grep -i "error" $LIST_TARGETS_ERR_FILE | wc -l) -gt 0 ]]
+          then
+              echo "::error::fossa list-targets ran with errors."
+              cat $LIST_TARGETS_ERR_FILE
+              echo "HAS_FOSSA_TARGETS=Error" >> "$GITHUB_OUTPUT"
+          elif [[ $(cat $LIST_TARGETS_OUT_FILE | wc -l) -gt 0 ]]
+          then
+              echo "::notice::Fossa found analysis targets."
+              cat $LIST_TARGETS_OUT_FILE
+              echo "HAS_FOSSA_TARGETS=True" >> "$GITHUB_OUTPUT"
+          else
+              echo "::warning::Fossa did not find any analysis targets."
+              echo "HAS_FOSSA_TARGETS=False" >> "$GITHUB_OUTPUT"
+          fi
+      - name: Set hasFossaTargets custom property
+        run: |
+          curl -L \
+            -X PATCH \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer $ORG_ADMIN_PAT" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            https://api.github.com/orgs/$ORG/properties/values \
+            -d '{"repository_names":["'"${REPO##*/}"'"],"properties":[{"property_name":"hasFossaTargets","value":"'"${{ steps.fossa-list-targets.outputs.HAS_FOSSA_TARGETS }}"'"}]}'
+      - id: fossa-analyze
+        name: Run fossa analyze
+        if: ${{ steps.fossa-list-targets.outputs.HAS_FOSSA_TARGETS == 'True'}}
+        run: |
+          export ANALYZE_OUT_FILE=${{ runner.temp }}/analyze_out.txt
+          export ANALYZE_ERR_FILE=${{ runner.temp }}/analyze_err.txt
+          fossa analyze --policy='New Relic Public Github' 1>$ANALYZE_OUT_FILE 2>$ANALYZE_ERR_FILE || true
+          if [[ $(grep "ERROR" $ANALYZE_ERR_FILE | wc -l) -gt 0 ]]
+          then
+              echo "::error::fossa analyze ran with errors."
+              cat $ANALYZE_ERR_FILE
+              echo "FOSSA_ANALYZE_RESULT=Error" >> "$GITHUB_OUTPUT"
+          else
+              cat $ANALYZE_OUT_FILE
+              echo "FOSSA_ANALYZE_RESULT=Success" >> "$GITHUB_OUTPUT"
+          fi
+      - name: Set fossaAnalyzeResult custom property
+        run: |
+          curl -L \
+            -X PATCH \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer $ORG_ADMIN_PAT" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            https://api.github.com/orgs/$ORG/properties/values \
+            -d '{"repository_names":["'"${REPO##*/}"'"],"properties":[{"property_name":"fossaAnalyzeResult","value":"'"${{ steps.fossa-analyze.outputs.FOSSA_ANALYZE_RESULT }}"'"}]}'
+      - name: Exit
+        if: ${{ steps.fossa-list-targets.outputs.HAS_FOSSA_TARGETS == 'Error' || steps.fossa-analyze.outputs.FOSSA_ANALYZE_RESULT == 'Error' }}
+        run: exit 1

.github/workflows/fossa-elixir.yml

@@ -0,0 +1,87 @@
+name: FOSSA CLI Analysis
+on:
+  push:
+    branches: [ $default-branch ]
+  pull_request:
+    branches: [ $default-branch ]
+  workflow_dispatch:
+
+jobs:
+  fossa:
+    runs-on: ubuntu-latest
+    env:
+      FOSSA_API_KEY: ${{secrets.FOSSA_API_KEY}}
+      ORG: ${{ github.repository_owner }}
+      REPO: ${{ github.repository }}
+      ORG_ADMIN_PAT: ${{ secrets.ELAGUERTA_PAT }}
+
+    strategy:
+      fail-fast: false
+
+    steps:
+      - uses: actions/checkout@v3
+      - uses: erlef/setup-beam@v1
+        with:
+            otp-version: '26'
+            elixir: '1.15'
+      - id: fossa-list-targets
+        name: Run fossa list-targets
+        run: |
+          curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash
+          export LIST_TARGETS_OUT_FILE=${{ runner.temp }}/list-targets_out.txt
+          export LIST_TARGETS_ERR_FILE=${{ runner.temp }}/list-targets_err.txt
+
+          fossa list-targets --format text 1>$LIST_TARGETS_OUT_FILE 2>$LIST_TARGETS_ERR_FILE || true
+
+          if [[ $(grep -i "error" $LIST_TARGETS_ERR_FILE | wc -l) -gt 0 ]]
+          then
+              echo "::error::fossa list-targets ran with errors."
+              cat $LIST_TARGETS_ERR_FILE
+              echo "HAS_FOSSA_TARGETS=Error" >> "$GITHUB_OUTPUT"
+          elif [[ $(cat $LIST_TARGETS_OUT_FILE | wc -l) -gt 0 ]]
+          then
+              echo "::notice::Fossa found analysis targets."
+              cat $LIST_TARGETS_OUT_FILE
+              echo "HAS_FOSSA_TARGETS=True" >> "$GITHUB_OUTPUT"
+          else
+              echo "::warning::Fossa did not find any analysis targets."
+              echo "HAS_FOSSA_TARGETS=False" >> "$GITHUB_OUTPUT"
+          fi
+      - name: Set hasFossaTargets custom property
+        run: |
+          curl -L \
+            -X PATCH \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer $ORG_ADMIN_PAT" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            https://api.github.com/orgs/$ORG/properties/values \
+            -d '{"repository_names":["'"${REPO##*/}"'"],"properties":[{"property_name":"hasFossaTargets","value":"'"${{ steps.fossa-list-targets.outputs.HAS_FOSSA_TARGETS }}"'"}]}'
+      - id: fossa-analyze
+        name: Run fossa analyze
+        if: ${{ steps.fossa-list-targets.outputs.HAS_FOSSA_TARGETS == 'True'}}
+        run: |
+          export ANALYZE_OUT_FILE=${{ runner.temp }}/analyze_out.txt
+          export ANALZYE_ERR_FILE=${{ runner.temp }}/analyze_err.txt
+          fossa analyze --policy='New Relic Public Github' 1>$ANALYZE_OUT_FILE 2>$ANALZYE_ERR_FILE || true
+          if [[ $(grep -i "error" $ANALYZE_ERR_FILE | wc -l) -gt 0 ]]
+          then
+              echo "::error::fossa analyze ran with errors."
+              cat $ANALYZE_ERR_FILE
+              echo "FOSSA_ANALYZE_RESULT=Error" >> "$GITHUB_OUTPUT"
+          else
+              cat $ANALYZE_OUT_FILE
+              echo "FOSSA_ANALYZE_RESULT=Success" >> "$GITHUB_OUTPUT"
+          fi
+      - name: Set fossaAnalyzeResult custom property
+        run: |
+          curl -L \
+            -X PATCH \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer $ORG_ADMIN_PAT" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            https://api.github.com/orgs/$ORG/properties/values \
+            -d '{"repository_names":["'"${REPO##*/}"'"],"properties":[{"property_name":"fossaAnalyzeResult","value":"'"${{ steps.fossa-analyze.outputs.FOSSA_ANALYZE_RESULT }}"'"}]}'
+      - name: Exit
+        if: ${{ steps.fossa-list-targets.outputs.HAS_FOSSA_TARGETS == 'Error' || steps.fossa-analyze.outputs.FOSSA_ANALYZE_RESULT == 'Error' }}
+        run: exit 1
+

.github/workflows/fossa-gradle.yml

@@ -0,0 +1,106 @@
+name: FOSSA CLI Analysis
+on:
+  push:
+    branches: [ $default-branch ]
+  pull_request:
+    branches: [ $default-branch ]
+  workflow_dispatch:
+
+jobs:
+  fossa:
+    runs-on: ubuntu-latest
+    env:
+      FOSSA_API_KEY: ${{secrets.FOSSA_API_KEY}}
+      ORG: ${{ github.repository_owner }}
+      REPO: ${{ github.repository }}
+      ORG_ADMIN_PAT: ${{ secrets.ELAGUERTA_PAT }}
+
+    strategy:
+      fail-fast: false
+
+    steps:
+      - name: Checkout this repo
+        uses: actions/checkout@v4
+      - name: Setup javas
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'temurin'
+          java-version: |
+            21
+            17
+            11
+            8
+      - name: Set gradle.properties
+        run: |
+          export GRADLE_PROPERTIES_PATH="./gradle.properties"
+          echo "jdk8=${JAVA_HOME_8_X64}" >> $GRADLE_PROPERTIES_PATH
+          echo "jdk11=${JAVA_HOME_11_X64}" >> $GRADLE_PROPERTIES_PATH
+          echo "jdk17=${JAVA_HOME_17_X64}" >> $GRADLE_PROPERTIES_PATH
+          echo "jdk21=${JAVA_HOME_21_X64}" >> $GRADLE_PROPERTIES_PATH
+      - name: Setup Gradle
+        uses: gradle/gradle-build-action@v2
+        with:
+          cache-read-only: true
+      - name: Setup Gradle options
+        run: echo "GRADLE_OPTIONS=--console=plain --parallel -Porg.gradle.java.installations.auto-detect=false -Porg.gradle.java.installations.fromEnv=JAVA_HOME_8_X64,JAVA_HOME_11_X64,JAVA_HOME_17_X64,JAVA_HOME_21_X64" >> $GITHUB_ENV
+      - id: fossa-list-targets
+        name: Run fossa list-targets
+        run: |
+          curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash
+          export LIST_TARGETS_OUT_FILE=${{ runner.temp }}/list-targets_out.txt
+          export LIST_TARGETS_ERR_FILE=${{ runner.temp }}/list-targets_err.txt
+
+          fossa list-targets --format text 1>$LIST_TARGETS_OUT_FILE 2>$LIST_TARGETS_ERR_FILE || true
+
+          if [[ $(grep -i "error" $LIST_TARGETS_ERR_FILE | wc -l) -gt 0 ]]
+          then
+              echo "::error::fossa list-targets ran with errors."
+              cat $LIST_TARGETS_ERR_FILE
+              echo "HAS_FOSSA_TARGETS=Error" >> "$GITHUB_OUTPUT"
+          elif [[ $(cat $LIST_TARGETS_OUT_FILE | wc -l) -gt 0 ]]
+          then
+              echo "::notice::Fossa found analysis targets."
+              cat $LIST_TARGETS_OUT_FILE
+              echo "HAS_FOSSA_TARGETS=True" >> "$GITHUB_OUTPUT"
+          else
+              echo "::warning::Fossa did not find any analysis targets."
+              echo "HAS_FOSSA_TARGETS=False" >> "$GITHUB_OUTPUT"
+          fi
+      - name: Set hasFossaTargets custom property
+        run: |
+          curl -L \
+            -X PATCH \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer $ORG_ADMIN_PAT" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            https://api.github.com/orgs/$ORG/properties/values \
+            -d '{"repository_names":["'"${REPO##*/}"'"],"properties":[{"property_name":"hasFossaTargets","value":"'"${{ steps.fossa-list-targets.outputs.HAS_FOSSA_TARGETS }}"'"}]}'
+      - id: fossa-analyze
+        name: Run fossa analyze
+        if: ${{ steps.fossa-list-targets.outputs.HAS_FOSSA_TARGETS == 'True'}}
+        run: |
+          export ANALYZE_OUT_FILE=${{ runner.temp }}/analyze_out.txt
+          export ANALZYE_ERR_FILE=${{ runner.temp }}/analyze_err.txt
+          fossa analyze --policy='New Relic Public Github' 1>$ANALYZE_OUT_FILE 2>$ANALZYE_ERR_FILE || true
+          if [[ $(grep -i "error" $ANALYZE_ERR_FILE | wc -l) -gt 0 ]]
+          then
+              echo "::error::fossa analyze ran with errors."
+              cat $ANALYZE_ERR_FILE
+              echo "FOSSA_ANALYZE_RESULT=Error" >> "$GITHUB_OUTPUT"
+          else
+              cat $ANALYZE_OUT_FILE
+              echo "FOSSA_ANALYZE_RESULT=Success" >> "$GITHUB_OUTPUT"
+          fi
+      - name: Set fossaAnalyzeResult custom property
+        run: |
+          curl -L \
+            -X PATCH \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer $ORG_ADMIN_PAT" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            https://api.github.com/orgs/$ORG/properties/values \
+            -d '{"repository_names":["'"${REPO##*/}"'"],"properties":[{"property_name":"fossaAnalyzeResult","value":"'"${{ steps.fossa-analyze.outputs.FOSSA_ANALYZE_RESULT }}"'"}]}'
+      - name: Exit
+        if: ${{ steps.fossa-list-targets.outputs.HAS_FOSSA_TARGETS == 'Error' || steps.fossa-analyze.outputs.FOSSA_ANALYZE_RESULT == 'Error' }}
+        run: exit 1
+