Skip to content

feat(bff): authorize endpoints based on kubeflow-userid and kubeflow-groups header #833

feat(bff): authorize endpoints based on kubeflow-userid and kubeflow-groups header

feat(bff): authorize endpoints based on kubeflow-userid and kubeflow-groups header #833

name: FOSSA License Scanning
on:
push:
branches:
- main
pull_request:
jobs:
fossa-scan:
if: github.repository_owner == 'kubeflow' # FOSSA is not intended to run on forks.
runs-on: ubuntu-latest
env:
# push-only token, intentional; see https://github.com/fossa-contrib/fossa-action?tab=readme-ov-file#push-only-api-token
# this also how other CNCF projects are doing e.g. https://github.com/cncf/foundation/issues/109
FOSSA_API_KEY: 80871bdd477c2c97f65e9822cae99d20 # This is a push-only token that is safe to be exposed.
steps:
- name: Checkout tree
uses: actions/checkout@v4
- name: Run FOSSA scan and upload build data
uses: fossas/[email protected]
with:
api-key: ${{ env.FOSSA_API_KEY }}
project: "github.com/kubeflow/model-registry"