Skip to content

Black Duck Security: Automatic pull request to commit blackducksca-workflow.yml#443

Open
black-duck-security[bot] wants to merge 1 commit into
masterfrom
blackduck-workflow-0b767dab-c0b2-4ced-8301-b450b0392f54
Open

Black Duck Security: Automatic pull request to commit blackducksca-workflow.yml#443
black-duck-security[bot] wants to merge 1 commit into
masterfrom
blackduck-workflow-0b767dab-c0b2-4ced-8301-b450b0392f54

Conversation

@black-duck-security

Copy link
Copy Markdown

This pull request adds a workflow file for Black Duck integration.

Comment on lines +22 to +49
runs-on: self-hosted
steps:
- name: Checkout Source
uses: actions/checkout@v4
- name: Black Duck Security Scan
id: black-duck-security-scan
uses: blackduck-inc/black-duck-security-scan@v2

env:
BRIDGE_DETECT_DOWNLOAD_URL: https://artifactory.intra.infineon.com/artifactory/gen-repo-blackduck-com/bds-integrations-release/com/blackduck/integration/detect/10.7.0/detect-10.7.0.jar
DETECT_BLACKDUCK_SIGNATURE_SCANNER_SNIPPET_MATCHING: SNIPPET_MATCHING
DETECT_ACCURACY_REQUIRED: ALL
DETECT_PROJECT_VERSION_NAME: comprehensive_snippet_include_offchip
DETECT_PROJECT_TAGS: github

with:
blackducksca_url: ${{ vars.BLACKDUCK_EXT_URL }}
blackducksca_token: ${{ secrets.BD_EXT_RW_TOKEN }}

bridgecli_download_url: https://artifactory.intra.infineon.com/artifactory/gen-repo-blackduck-com/bds-integrations-release/com/blackduck/integration/bridge/binaries/bridge-cli-bundle/latest/bridge-cli-bundle-linux64.zip

blackducksca_waitForScan: true
mark_build_status: failure
include_diagnostics: false
blackducksca_prComment_enabled: false
blackducksca_fixpr_enabled: false
blackducksca_reports_sarif_create: false
blackducksca_upload_sarif_report: false No newline at end of file
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant