Task: reimplement FOSSA check in CI

vitessio / vitess

Vitess is a database clustering system for horizontal scaling of MySQL.

http://vitess.io

Apache License 2.0

18.42k stars 2.08k forks source link

Task: reimplement FOSSA check in CI #14216

Closed deepthi closed 8 months ago

deepthi commented 11 months ago

In https://github.com/vitessio/vitess/pull/14119, we removed the FOSSA check because it was exposing an API key (which has since been revoked). This needs to be re-implemented with the API key being stored in a secure way - i.e. as a secret in GH, preferably at the org level.

deepthi commented 11 months ago

From CNCF:

added the secret as FOSSA_API_KEY to the Org (All Repos)

So we can go ahead and add the workflow back using this secret.

mattlord commented 10 months ago

Noting that I will re-enable it along with adding codecov: https://github.com/vitessio/vitess/issues/14326