From 9bcbc7264da02f42de46d30afdcf1b3451377918 Mon Sep 17 00:00:00 2001
From: Nick <NickLarsenNZ@users.noreply.github.com>
Date: Thu, 6 Oct 2022 18:05:54 +0200
Subject: [PATCH] chore(ci): add fossa workflow and badge (#72) (#79)

Signed-off-by: NickLarsenNZ <nick@aptiv.co.nz>

Signed-off-by: NickLarsenNZ <nick@aptiv.co.nz>
---
 .github/workflows/fossa.yml | 46 +++++++++++++++++++++++++++++++++++++
 README.md                   |  5 +++-
 2 files changed, 50 insertions(+), 1 deletion(-)
 create mode 100644 .github/workflows/fossa.yml

diff --git a/.github/workflows/fossa.yml b/.github/workflows/fossa.yml
new file mode 100644
index 0000000..e1fc57a
--- /dev/null
+++ b/.github/workflows/fossa.yml
@@ -0,0 +1,46 @@
+#
+# Copyright 2021 The Dapr Authors
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#     http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+name: fossa
+on:
+  push:
+    branches:
+      - master
+      - release-*
+    tags:
+      - v*
+  pull_request:
+    branches:
+      - master
+      - release-*
+  workflow_dispatch: {}
+jobs:
+  fossa-scan:
+    if: github.repository_owner == 'dapr' # FOSSA is not intended to run on forks.
+    runs-on: ubuntu-latest
+    env:
+      FOSSA_API_KEY: b88e1f4287c3108c8751bf106fb46db6 # This is a push-only token that is safe to be exposed.
+    steps:
+      - name: "Checkout code"
+        uses: actions/checkout@v2
+
+      - name: "Run FOSSA Scan"
+        uses: fossas/fossa-action@main # Use a specific version if locking is preferred
+        with:
+          api-key: ${{ env.FOSSA_API_KEY }}
+
+      - name: "Run FOSSA Test"
+        uses: fossas/fossa-action@main # Use a specific version if locking is preferred
+        with:
+          api-key: ${{ env.FOSSA_API_KEY }}
+          run-tests: true
diff --git a/README.md b/README.md
index 3f41542..9600261 100644
--- a/README.md
+++ b/README.md
@@ -3,6 +3,7 @@
 [![Crates.io][crates-badge]][crates-url]
 [![Build Status][actions-badge]][actions-url]
 [![License: Apache 2.0][apache-badge]][apache-url]
+[![FOSSA Status][fossa-badge]][fossa-url]
 
 [crates-badge]: https://img.shields.io/crates/v/dapr.svg
 [crates-url]: https://crates.io/crates/dapr
@@ -10,6 +11,8 @@
 [apache-url]: https://github.com/dapr/rust-sdk/blob/master/LICENSE
 [actions-badge]: https://github.com/dapr/rust-sdk/workflows/dapr-rust-sdk/badge.svg
 [actions-url]: https://github.com/dapr/rust-sdk/actions?query=workflow%3Adapr-rust-sdk
+[fossa-badge]: https://app.fossa.com/api/projects/custom%2B162%2Fgithub.com%2Fdapr%2Frust-sdk.svg?type=shield
+[fossa-url]: https://app.fossa.com/projects/custom%2B162%2Fgithub.com%2Fdapr%2Frust-sdk?ref=badge_shield
 
 ⚠ Work in Progress ⚠
 
@@ -64,4 +67,4 @@ cargo build
 
 ```bash
 ./update-protos.sh -v v1.7.0-rc.2
-```
\ No newline at end of file
+```