From ae4b9cad36c8792be78aac7379884b786799374f Mon Sep 17 00:00:00 2001
From: julgircast <133015764+julgircast@users.noreply.github.com>
Date: Thu, 27 Jul 2023 15:09:25 +0300
Subject: [PATCH] Add fossa scan for image (#40)

---
 .github/workflows/build.yaml | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index d431177..2d7f8a2 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -102,4 +102,16 @@ jobs:
           platforms: linux/arm64,linux/amd64
           tags: |
             us-docker.pkg.dev/castai-hub/library/audit-logs-receiver:${{ env.RELEASE_TAG }}
-            us-docker.pkg.dev/castai-hub/library/audit-logs-receiver:latest
\ No newline at end of file
+            us-docker.pkg.dev/castai-hub/library/audit-logs-receiver:latest
+
+      - name: Docker pull for fossa main
+        if: github.event_name == 'release'
+        run: docker pull us-docker.pkg.dev/castai-hub/library/audit-logs-receiver:${{ env.RELEASE_TAG }}
+
+      - name: FOSSA scan docker image
+        if: github.event_name == 'release'
+        continue-on-error: true
+        uses: fossas/fossa-action@v1
+        with:
+          api-key: ${{ secrets.FOSSA_API_KEY }}
+          container: us-docker.pkg.dev/castai-hub/library/audit-logs-receiver:${{ env.RELEASE_TAG }}
\ No newline at end of file