From 035b6e5429781f213f924f25f4fa226e572fc5df Mon Sep 17 00:00:00 2001
From: Matteo Mara <matteo.mara@sonarsource.com>
Date: Wed, 16 Oct 2024 11:49:19 +0200
Subject: [PATCH] SONAR-23408 Run FOSSA analysis

---
 .cirrus/tasks.yml | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/.cirrus/tasks.yml b/.cirrus/tasks.yml
index e53d3a367..09118bbeb 100644
--- a/.cirrus/tasks.yml
+++ b/.cirrus/tasks.yml
@@ -27,6 +27,8 @@ build_server_hw_template: &BUILD_SERVER_HW_TEMPLATE
 vm_instance_template: &VM_TEMPLATE
   image: docker-builder-v*
   <<: *BUILD_SERVER_HW_TEMPLATE
+  cpu: 1
+  memory: 2Gb
 
 ci_instance_scanner: &CI_SCANNER
   image: platform-sq-mend-scanner-linux-v*
@@ -153,6 +155,26 @@ public_scan_task:
     - .cirrus/pull.sh ${PUBLIC_IMAGE_NAME} ${tag} ${platform}
     - java -jar /usr/local/bin/wss-unified-agent.jar -c .cirrus/wss-unified-agent.config -apiKey $MEND_API_KEY -product ${WS_PRODUCTNAME} -project ${PUBLIC_IMAGE_NAME}:${tag} -wss.url ${WS_WSS_URL} -docker.scanImages true
 
+public_fossa_scan_task:
+  env:
+    platform: amd64
+    FOSSA_API_KEY: VAULT[development/team/sonarqube/kv/data/fossa data.api-key]
+    matrix:
+      - tag: $CURRENT_LTA_VERSION-datacenter-app
+      - tag: $CURRENT_VERSION-datacenter-app
+  timeout_in: 30m
+  ec2_instance:
+    <<: *VM_TEMPLATE
+    cpu: 4
+    memory: 8Gb
+  setup_script:
+    - curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash
+  scan_script:
+    - echo "Scan the ${PUBLIC_IMAGE_NAME}:${tag} image"
+    - docker pull "${PUBLIC_IMAGE_NAME}:${tag}"
+    - .cirrus/pull.sh ${PUBLIC_IMAGE_NAME} ${tag} ${platform}
+    - fossa container analyze -p "docker-sonarqube" -b "${tag}" ${PUBLIC_IMAGE_NAME}:${tag}
+
 multi_arch_test_task:
   matrix:
     - env: