Adding fossa anaylze/test drone step

Signed-off-by: Luther Monson <luther.monson@gmail.com>
This commit is contained in:
Luther Monson 2021-09-17 18:08:11 -07:00 committed by Brad Davidson
parent 73e21e739f
commit 4ec71b360c
3 changed files with 29 additions and 1 deletions

View File

@ -22,6 +22,28 @@ steps:
- name: docker
path: /var/run/docker.sock
- name: fossa
image: rancher/dapper:v0.5.4
failure: ignore
environment:
FOSSA_API_KEY:
from_secret: FOSSA_API_KEY
commands:
- dapper fossa
volumes:
- name: docker
path: /var/run/docker.sock
when:
instance:
- drone-publish.k3s.io
ref:
include:
- "refs/heads/master"
- "refs/heads/release-*"
event:
- push
- tag
- name: github_binary_release
image: ibuildthecloud/github-release:v0.0.1
settings:

View File

@ -31,6 +31,7 @@ RUN rm -rf /go/src /go/pkg
RUN if [ "$(go env GOARCH)" = "amd64" ]; then \
curl -sL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s v1.41.1; \
curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/spectrometer/master/install.sh | sh; \
fi
ENV YQ_URL=https://github.com/mikefarah/yq/releases/download/v4.6.2/yq_linux
@ -41,7 +42,7 @@ ENV SELINUX $SELINUX
ENV GO111MODULE off
ENV DAPPER_RUN_ARGS --privileged -v k3s-cache:/go/src/github.com/rancher/k3s/.cache -v trivy-cache:/root/.cache/trivy
ENV DAPPER_ENV REPO TAG DRONE_TAG IMAGE_NAME SKIP_VALIDATE GCLOUD_AUTH GITHUB_TOKEN GOLANG
ENV DAPPER_ENV REPO TAG DRONE_TAG IMAGE_NAME SKIP_VALIDATE GCLOUD_AUTH GITHUB_TOKEN GOLANG FOSSA_API_KEY
ENV DAPPER_SOURCE /go/src/github.com/rancher/k3s/
ENV DAPPER_OUTPUT ./bin ./dist ./build/out
ENV DAPPER_DOCKER_SOCKET true

5
scripts/fossa.sh Executable file
View File

@ -0,0 +1,5 @@
#!/bin/bash
set -e
fossa analyze
fossa test