Closed deepthi closed 8 months ago
From CNCF:
added the secret as
FOSSA_API_KEY
to the Org (All Repos)
So we can go ahead and add the workflow back using this secret.
Noting that I will re-enable it along with adding codecov: https://github.com/vitessio/vitess/issues/14326
In https://github.com/vitessio/vitess/pull/14119, we removed the FOSSA check because it was exposing an API key (which has since been revoked). This needs to be re-implemented with the API key being stored in a secure way - i.e. as a secret in GH, preferably at the org level.