Created CNCF Fossa (markdown)

2025-10-21 15:31:13 +00:00 · 2022-04-27 22:15:19 +01:00
parent 32b5826c4e
commit c485393e92
1 changed files with 31 additions and 0 deletions
--- a/CNCF-Fossa.md
+++ b/CNCF-Fossa.md
@@ -0,0 +1,31 @@
+Work in Progress to record using CNCF Fossa to fulfil our license scanning requirement for onboarding
+
+- Request from @jeefy in CNCF access to Fossa for Confidential Containers
+- Accept invite to https://app.fossa.com/projects
+
+## Setup connection between Fossa and Github Organisation
+
+- [Integrating FOSSA with GitHub instructions](https://docs.fossa.com/docs/github)
+- Add Projects
+
+<img width="240" alt="FossaAddProject" src="https://user-images.githubusercontent.com/8748661/165549435-54f7f1f0-461f-474a-9647-d85e711d80ca.png">
+
+
+- Quick Import from Github
+
+From https://github.com/organizations/confidential-containers/settings/oauth_application_policy
+- Connect with Service (Choosing Proceed without linking)
+<img width="180" alt="Screenshot 2022-04-27 at 16 25 48" src="https://user-images.githubusercontent.com/8748661/165554293-ddbdd490-f324-44a4-8398-b5c76d6891ab.png">
+
+- Ensure Fossa is an approved third party application for confidential containers
+
+Fossa View
+
+<img width="250" alt="Screenshot 2022-04-27 at 22 02 14" src="https://user-images.githubusercontent.com/8748661/165630729-096bca5f-b06f-4e94-9f52-e7f8341f61fc.png">
+
+Github View
+
+<img width="1477" alt="Screenshot 2022-04-27 at 22 02 24" src="https://user-images.githubusercontent.com/8748661/165630765-785984a1-0fc7-4361-a56b-a3ea55ec665b.png">
+
+- Finally Authorise Fossa using your Github Account (??Should we eventually setup a service account for this??)
+