You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+25-3Lines changed: 25 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -109,15 +109,17 @@ fossa-scan
109
109
110
110
**Description:**
111
111
112
-
- This action scans a project for third party components and reports the results. This action checks license compliance and vulnerabilities. This file uses `.fossa.yml` configuration file
112
+
- This action scans a project for third party components and creates report the with the results. This file job uses `.fossa.yml` configuration file
113
+
114
+
- Detected issues can be found in FOSSA app site https://app.fossa.com/. Link to direct report is generated per job and printed in logs
113
115
114
116
**Pass/fail behaviour:**
115
117
116
-
- This stage fails if FOSSA finds any license or security issues. Detected issues can be found in FOSSA app site https://app.fossa.com/. Link to direct report is generated per job and printed in logs. License issues should be checked by legal team, vulnerabilities should be solved by TA-dev or TA-qa team with assist of prodsec team if needed (some issues with critical status for example).
118
+
- This stage fails if FOSSA cannot create report - for example some internal FOSSA error
117
119
118
120
**Troubleshooting steps for failures if any:**
119
121
120
-
- The error log is present in the stage as well user should be able to reproduce that in local environment with FOSSA CLI tool https://github.com/fossas/fossa-cli
122
+
- The error log is present in the stage as well user should be able to run FOSSA in local environment with FOSSA CLI tool https://github.com/fossas/fossa-cli
121
123
122
124
123
125
**Artifacts:**
@@ -126,6 +128,26 @@ fossa-scan
126
128
THIRDPARTY
127
129
```
128
130
131
+
fossa-test
132
+
=======================
133
+
134
+
**Description:**
135
+
136
+
- This action checks report created in fossa-scan job. This action checks license compliance and vulnerabilities. This job uses `.fossa.yml` configuration file
137
+
138
+
**Pass/fail behaviour:**
139
+
140
+
- This stage fails if FOSSA finds any license or security issues. Detected issues can be found in FOSSA app site https://app.fossa.com/. Link to direct report is generated in fossa-scan job. License issues should be checked by legal team, vulnerabilities should be solved by TA-dev or TA-qa team with assist of prodsec team if needed (some issues with critical status for example).
141
+
142
+
**Troubleshooting steps for failures if any:**
143
+
144
+
- The error log is present in the stage as well user should be able to reproduce that in local environment with FOSSA CLI tool https://github.com/fossas/fossa-cli
0 commit comments