ci(fossa): use custom fossa config #3142
Description
A follow-up to #3138 which added a FOSSA check to CI.
The check is running successfully but it does encounter errors attempting to check some template apps under templates/ which would be nice to avoid. We'd like to exclude scanning these template apps via a .fossa.yml configuration file, eg:
version: 3
paths:
exclude:
- ./templates/**However, in our tests, we encountered error(s) seemingly from some interaction with the fossa GH action (and/or fossa CLI) and the config. Example from this run:
/opt/hostedtoolcache/fossa/3.10.8/linux_amd64/fossa analyze
Error: An issue occurred
*** Relevant Errors ***
Error: Invalid project permission
You do not have permission to edit projects for your Organization.
Documentation: https://docs.fossa.com/docs/role-based-access-control
Support: If you believe this to be a defect, please report a bug to FOSSA support at https://support.fossa.com/
Help: Contact your FOSSA organization admin to grant you proper permissions
We've contacted support but have yet to hear back as of writing.