actions · sadmananik · Dec 18, 2024 · Dec 18, 2024 · Dec 18, 2024 · Dec 23, 2024
@@ -0,0 +1,34 @@
+name: CI-Black-Duck-Security-Scan
+on:
+  push:
+    branches: [ $default-branch ]
+  pull_request:
+    branches: [ $default-branch ]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Source
+        uses: actions/checkout@v3
+      - name: Black Duck SCA Scan
+        uses: blackduck-inc/black-duck-security-scan@805cbd09e806b01907bbea0f990723c2bb85abe9         
+        with:
+          ### ---------- BLACKDUCK SCA SCANNING: REQUIRED FIELDS ----------
+          blackducksca_url: ${{ vars.BLACKDUCKSCA_URL }}
+          blackducksca_token: ${{ secrets.BLACKDUCKSCA_TOKEN }}
+
+          ### ---------- COVERITY SCANNING: REQUIRED FIELDS ----------
+          coverity_url: ${{ vars.COVERITY_URL }}
+          coverity_user: ${{ secrets.COVERITY_USER }}
+          coverity_passphrase: ${{ secrets.COVERITY_PASSPHRASE }}
+
+          ### ---------- POLARIS SCANNING: REQUIRED FIELDS ----------
+          polaris_server_url: ${{ vars.POLARIS_SERVER_URL }}
+          polaris_access_token: ${{ secrets.POLARIS_ACCESS_TOKEN }}
+          polaris_assessment_types: "SCA,SAST"
+
+          ### ---------- SRM SCANNING: REQUIRED FIELDS ----------
+          srm_url: ${{ vars.SRM_URL }}
+          srm_apikey: ${{ secrets.SRM_API_KEY }}
+          srm_assessment_types: "SCA,SAST"
@@ -0,0 +1,21 @@
+{
+    "name": "Black Duck Security Scan Workflow",
+    "description": "The Black Duck Security Scan GitHub Action allows you to configure your pipeline to run Black Duck Security Scan and take action on the security results",
+    "iconName": "black-duck-icon.png",
+    "categories": [
+      "Code Scanning", 
+      "C", 
+      "C++", 
+      "C#", 
+      "Go", 
+      "Java", 
+      "JavaScript", 
+      "Ruby", 
+      "PHP", 
+      "Swift", 
+      "Kotlin", 
+      "Python", 
+      "VB.NET", 
+      "Objective C"
+    ]
+}