From c50bbe9d9d00f10f4bf653a1a0cee272769dc676 Mon Sep 17 00:00:00 2001
From: Adam Ryznar <73100931+aryznar-splunk@users.noreply.github.com>
Date: Tue, 28 Jun 2022 16:14:20 +0200
Subject: [PATCH 1/2] Add Fossa and Semgrep

---
 .github/workflows/ci_build_test.yaml | 33 ++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

diff --git a/.github/workflows/ci_build_test.yaml b/.github/workflows/ci_build_test.yaml
index 5e1e94f..67be8fb 100644
--- a/.github/workflows/ci_build_test.yaml
+++ b/.github/workflows/ci_build_test.yaml
@@ -194,3 +194,36 @@ jobs:
           	--splunk-password $CI_SPLUNK_PASSWORD \
             --nodes-count $MINIKUBE_NODE_COUNTS\
           	-p no:warnings -s -n auto
+  fossa-scan:
+    continue-on-error: true
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: run fossa anlyze and create report
+        run: |
+          curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash
+          fossa analyze  --include-unused-deps --debug
+          fossa report attribution --format text > /tmp/THIRDPARTY
+        env:
+          FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
+      - name: upload THIRDPARTY file
+        uses: actions/upload-artifact@v2
+        with:
+          name: THIRDPARTY
+          path: /tmp/THIRDPARTY
+      - name: run fossa test
+        run: |
+          fossa test --debug
+        env:
+          FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }}
+  semgrep:
+    runs-on: ubuntu-latest
+    name: security-sast-semgrep
+    if: github.actor != 'dependabot[bot]'
+    steps:
+      - uses: actions/checkout@v3
+      - name: Semgrep
+        id: semgrep
+        uses: returntocorp/semgrep-action@v1
+        with:
+          publishToken: ${{ secrets.SEMGREP_PUBLISH_TOKEN }}

From 4e0cde33fea17a123c1a9512427ded2383cf5720 Mon Sep 17 00:00:00 2001
From: Adam Ryznar <73100931+aryznar-splunk@users.noreply.github.com>
Date: Tue, 28 Jun 2022 16:16:15 +0200
Subject: [PATCH 2/2] Create .fossa.yml

---
 .fossa.yml | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 .fossa.yml

diff --git a/.fossa.yml b/.fossa.yml
new file mode 100644
index 0000000..6ad77b5
--- /dev/null
+++ b/.fossa.yml
@@ -0,0 +1,5 @@
+version: 3
+server: https://app.fossa.com
+project:
+  id: "fluent-plugin-splunk-hec"
+  team: "TA-Automation"