1. fossa/cli@0.0.3

fossa/cli@0.0.3

Partner
Sections
This orb integrates open source licensing compliance and vulnerability checks into your CI/CD workflow. Source - https://github.com/fossas/fossa-cli-orb Docs - https://github.com/fossas/fossa-cli/blob/master/docs/user-guide.md/#cli-reference
Created: July 16, 2019Version Published: August 9, 2019Releases: 3
Org Usage:
< 25

Orb Quick Start Guide

Use CircleCI version 2.1 at the top of your .circleci/config.yml file.

1 version: 2.1

Add the orbs stanza below your version, invoking the orb:

1 2 orbs: cli: fossa/cli@0.0.3

Use cli elements in your existing workflows and jobs.

Opt-in to use of uncertified orbs on your organization’s Security settings page.

Usage Examples

analyze_job

Analyze a project from within your workflow automatically.

1 2 3 4 5 6 7 8 9 version: 2.1 orbs: fossa-cli: fossa/cli@0.0.3 workflows: fossa-integration: jobs: - fossa-cli/analyze: post-steps: - run: null

custom_commands

Install and configure the Fossa CLI in your custom jobs.

1 2 3 4 5 6 7 8 9 10 version: 2.1 orbs: fossa-cli: fossa/cli@0.0.3 jobs: my-job: executor: fossa-cli/default steps: - checkout - fossa-cli/setup - run: echo "Run more commands here"

Jobs

analyze

Analyze a project

Show job Source
PARAMETER
DESCRIPTION
REQUIRED
DEFAULT
TYPE
fossa-api-key
The fossa-cli will check for the existence of a FOSSA_API_KEY environment variable. Users will need to obtain a FOSSA_API_KEY prior to running a FOSSA analysis. Please refer to https://docs.fossa.com/docs/api-reference for more details.
No
FOSSA_API_KEY
env_var_name
save_artifact
Saves an artifact with the results of the analysis.
No
true
boolean
debug
Include the boolean flag.
No
false
boolean

Commands

setup

Executes all the commands necessary to integrate fossa-cli into your CI/CD workflow. Note that the fossa-cli will check for the existence of a FOSSA_API_KEY environment variable. Please refer to https://docs.fossa.com/docs/api-reference for more details regarding the FOSSA_API_KEY.

Show command Source

Executors

default

A basic linux environment. Override with your own Docker image if needed.

Show executor Source
PARAMETER
DESCRIPTION
REQUIRED
DEFAULT
TYPE
image
Select a custom Docker image. https://hub.docker.com/r/circleci/
No
cimg/base@2019.08-node
string

Orb Source

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 # This code is licensed from CircleCI to the user under the MIT license. # See here for details: https://circleci.com/developer/orbs/licensing # This code is licensed from CircleCI to the user under the MIT license. See # https://circleci.com/orbs/registry/licensing for details. version: 2.1 description: | This orb integrates open source licensing compliance and vulnerability checks into your CI/CD workflow. Source - https://github.com/fossas/fossa-cli-orb Docs - https://github.com/fossas/fossa-cli/blob/master/docs/user-guide.md/#cli-reference examples: analyze_job: description: | Analyze a project from within your workflow automatically. usage: version: 2.1 orbs: fossa-cli: fossa/cli@0.0.3 workflows: fossa-integration: jobs: - fossa-cli/analyze: post-steps: - run: # run more commands if desired custom_commands: description: Install and configure the Fossa CLI in your custom jobs. usage: version: 2.1 orbs: fossa-cli: fossa/cli@0.0.3 jobs: my-job: executor: fossa-cli/default # or your own custom executor steps: - checkout - fossa-cli/setup - run: echo "Run more commands here" executors: default: description: | A basic linux environment. Override with your own Docker image if needed. docker: - image: <<parameters.image>> parameters: image: default: cimg/base@2019.08-node description: | Select a custom Docker image. https://hub.docker.com/r/circleci/ type: string jobs: analyze: description: | Analyze a project executor: default parameters: fossa-api-key: type: env_var_name default: FOSSA_API_KEY description: | The fossa-cli will check for the existence of a FOSSA_API_KEY environment variable. Users will need to obtain a FOSSA_API_KEY prior to running a FOSSA analysis. Please refer to https://docs.fossa.com/docs/api-reference for more details. save_artifact: type: boolean default: true description: Saves an artifact with the results of the analysis. debug: type: boolean default: false description: Include the boolean flag. steps: - checkout - setup - run: name: Fossa Analyze command: | mkdir -p /tmp/fossa/analyze FOSSA_API_KEY=<<parameters.fossa-api-key>> fossa analyze <<# parameters.debug >>--debug <</ parameters.debug >><<# parameters.save_artifact >>-o /tmp/fossa/analyze/fossa_results.txt<</ parameters.save_artifact >> - when: condition: << parameters.save_artifact >> steps: - store_artifacts: path: /tmp/fossa/analyze commands: setup: description: | Executes all the commands necessary to integrate fossa-cli into your CI/CD workflow. Note that the fossa-cli will check for the existence of a FOSSA_API_KEY environment variable. Please refer to https://docs.fossa.com/docs/api-reference for more details regarding the FOSSA_API_KEY. steps: - run: name: Imports fossa-cli command: | curl https://raw.githubusercontent.com/fossas/fossa-cli/master/install.sh | bash - run: name: Initialize fossa-cli by generating a .fossa.yml configuration file command: fossa init - run: name: Analyze the project with fossa-cli and generate a dependency graph command: fossa analyze
Developer Updates
Get tips to optimize your builds
Or join our research panel and give feedback
By submitting this form, you are agreeing to ourTerms of UseandPrivacy Policy.