-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathbd-detect-legacy.yml
More file actions
33 lines (33 loc) · 1.11 KB
/
Copy pathbd-detect-legacy.yml
File metadata and controls
33 lines (33 loc) · 1.11 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
# example workflow for Black Duck scans using the legacy Black Duck Action
# https://github.com/blackducksoftware/github-action
name: bd-detect-legacy
on:
push:
branches: [ main, master, develop, stage, release ]
pull_request:
branches: [ main, master, develop, stage, release ]
workflow_dispatch:
jobs:
blackduck:
runs-on: ubuntu-latest
steps:
- name: Checkout Source
uses: actions/checkout@v4
- name: Setup Java JDK
uses: actions/setup-java@v4
with:
java-version: 17
distribution: microsoft
cache: maven
- name: Maven Build
run: mvn -B -DskipTests package
- name: Black Duck Scan
uses: blackducksoftware/github-action@v2.2
env:
DETECT_PROJECT_NAME: ${{ github.event.repository.name }}
DETECT_PROJECT_VERSION_NAME: ${{ github.ref_name }}
DETECT_CODE_LOCATION_NAME: ${{ github.event.repository.name }}-${{ github.ref_name }}
with:
blackduck.url: ${{ vars.BLACKDUCK_URL }}
blackduck.api.token: ${{ secrets.BLACKDUCK_API_TOKEN }}
args: --detect.policy.check.fail.on.severities=BLOCKER