From 4fc24bb27495cece2275368cccf2ea7a3399758b Mon Sep 17 00:00:00 2001
From: jcheng-splunk <jeffreyc@splunk.com>
Date: Mon, 22 Aug 2022 11:41:05 -0400
Subject: [PATCH] Enable fossa scan

---
 .fossa.yml     | 16 ++++++++++++++++
 .gitlab-ci.yml | 13 +++++++++++++
 2 files changed, 29 insertions(+)
 create mode 100644 .fossa.yml

diff --git a/.fossa.yml b/.fossa.yml
new file mode 100644
index 0000000000..985d5df2d4
--- /dev/null
+++ b/.fossa.yml
@@ -0,0 +1,16 @@
+version: 3
+
+targets:
+  only:
+    - type: gomod
+    - type: maven
+      path: java/jmx
+    - type: maven
+      path: java/runner
+    - type: setuptools
+      path: python
+
+paths:
+  exclude:
+    - test-services
+    - tests
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 48eb5b26bb..eae81fa2f2 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -3,6 +3,7 @@ default:
 
 stages:
   - update-stage-cache
+  - sast-oss-scan
   - win-bundle-build
   - win-bundle-sign
   - win-msi-build
@@ -15,6 +16,9 @@ stages:
 include:
   - project: 'core-ee/signing/api-integration'
     file: '/templates/.sign-client.yml'
+  - project: 'ci-cd/templates'
+    ref: master
+    file: '/prodsec/.oss-scan.yml'
 
 .sign-release-cache:
   variables:
@@ -41,6 +45,15 @@ update-stage-cache:
   script:
     - make stage-cache
 
+fossa:
+  extends: .oss-scan
+  stage: sast-oss-scan
+  needs: []
+  only:
+    - main
+    - schedules
+  # allow_failure: false
+
 win-bundle-build:
   stage: win-bundle-build
   needs: []