Skip to content

Latest commit

 

History

History
31 lines (18 loc) · 1.44 KB

fossa.md

File metadata and controls

31 lines (18 loc) · 1.44 KB

FOSSA license check

Background

FOSSA license scanning was introduced when the KubeVirt project entered the CNCF sandbox. It scans all relevant project dependencies for licensing issues. CNCF offers FOSSA usage free of charge for all CNCF projects.

Scans performed

Currently, FOSSA license scanning happens in two situations: on every push to a PR branch and on every push to the kubevirt/kubevirt default branch.

Job definitions are located in kubevirt/project-infra:

To view the scan results, you need to look at the job log file, where near the bottom of the file you'll find a direct link to the check results.

Running the FOSSA license scanning locally

To run the license scan you need a FOSSA API key stored in a file. Please have a look at the FOSSA CLI quick start guide.

This token you put into a file and start the analysis like this:

export FOSSA_TOKEN_FILE=<path to your token file>
./hack/fossa.sh

Configuration

Configuration of FOSSA license scan for KubeVirt project is allowed for KubeVirt FOSSA team members. Please ask one of the maintainers for access in case you need it.