Case Study: Puppet achieves 99% reduction in license compliance time and saves hundreds of engineering hours with FOSSA

How Puppet Saves Hundreds of Hours a Year on Open Source Compliance

Puppet, a global leader in IT automation serving 40,000 customers, faced a slow, manual open source license compliance process for Puppet Enterprise that required 2–3 weeks of engineering time before each release. Engineers resented the drudgery of opening tarballs, tracing dependencies and licenses, and searching for fourth- and fifth-level components, so Puppet sought an automated solution and evaluated FOSSA.

Puppet implemented FOSSA’s software composition analysis and policy engine, pointing it at source repos and integrating it with a Jenkins job for daily scans; setup took about a day and a half and Puppet merged FOSSA’s pre-built policies with its own rules in a couple of hours. The result: compliance reviews now take 5–10 minutes (a >99% reduction in engineering hours, roughly 2.5 weeks saved per release), accurate deep-dependency tracing, and faster, more confident compliance across languages like Clojure and Ruby thanks to FOSSA.

Puppet

Eric Griswold

Principal Release Engineer