diff --git a/.github/workflows/blackduck_scan.yaml b/.github/workflows/blackduck_scan.yaml deleted file mode 100644 index 7e254e9..0000000 --- a/.github/workflows/blackduck_scan.yaml +++ /dev/null @@ -1,55 +0,0 @@ -name: Blackduck Scan PR -on: - pull_request_target: - branches: [main] - # push: - # branches: [main] - -permissions: - checks: write - pull-requests: write - -#invoke forked detect-action as the one from synopsys is deprecated: https://github.com/mercedesbenzio/detect-action -jobs: - blackduck: - runs-on: [ubuntu-latest] - steps: - - name: Checkout code - uses: actions/checkout@v4 - - name: Set up Java 17 - uses: actions/setup-java@v3 - with: - java-version: '17' - distribution: 'temurin' - - - name: Blackduck Full Scan - if: ${{ github.event_name != 'pull_request_target' }} - uses: mercedesbenzio/detect-action@v1 - env: - DETECT_PROJECT_USER_GROUPS: opencomponentmodel - DETECT_PROJECT_VERSION_DISTRIBUTION: SAAS - DETECT_SOURCE_PATH: ./ - NODE_TLS_REJECT_UNAUTHORIZED: true - with: - scan-mode: INTELLIGENT - github-token: ${{ secrets.GITHUB_TOKEN }} - blackduck-url: ${{ secrets.BLACKDUCK_URL }} - blackduck-api-token: ${{ secrets.BLACKDUCK_API_TOKEN }} - - - name: Blackduck PR Scan - if: ${{ github.event_name == 'pull_request_target' }} - uses: mercedesbenzio/detect-action@v1 - env: - DETECT_PROJECT_USER_GROUPS: opencomponentmodel - DETECT_PROJECT_VERSION_DISTRIBUTION: SAAS - DETECT_SOURCE_PATH: ./ - NODE_TLS_REJECT_UNAUTHORIZED: true - BLACKDUCK_SKIP_PHONE_HOME: true - #LOGGING_LEVEL_COM_SYNOPSYS_INTEGRATION: DEBUG - with: - scan-mode: RAPID - github-token: ${{ secrets.GITHUB_TOKEN }} - blackduck-url: ${{ secrets.BLACKDUCK_URL }} - blackduck-api-token: ${{ secrets.BLACKDUCK_API_TOKEN }} - detect-version: 8.8.0 - \ No newline at end of file