diff --git a/.github/workflows/fossa.yml b/.github/workflows/fossa.yml
new file mode 100644
index 00000000000..bbb010a40d0
--- /dev/null
+++ b/.github/workflows/fossa.yml
@@ -0,0 +1,27 @@
+name: FOSSA
+on:
+  push:
+    branches: [master]
+  pull_request:
+    branches: [master]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    # build-tools is built from ../../tools/build-tools.Dockerfile
+    container: kedacore/build-tools:latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-go@v2
+        with:
+          go-version: "^1.13.1"
+      - run: go version
+      # Runs a set of commands to initialize and analyze with FOSSA
+      - name: run FOSSA analysis
+        env:
+          FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
+        run: |
+          export GOPATH=$HOME/go
+          export PATH=$PATH:$(go env GOPATH)/bin
+          fossa init
+          fossa analyze
\ No newline at end of file
diff --git a/tools/build-tools.Dockerfile b/tools/build-tools.Dockerfile
index f07be7a4d05..1334b9d0ed3 100644
--- a/tools/build-tools.Dockerfile
+++ b/tools/build-tools.Dockerfile
@@ -66,3 +66,6 @@ RUN RELEASE_VERSION=v0.12.0 && \
 ENV PATH=${PATH}:/usr/local/go/bin \
     GOROOT=/usr/local/go \
     GOPATH=/go
+
+# Install FOSSA tooling
+RUN curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install.sh | bash