Resolved reviwed comments
This commit is contained in:
@@ -7,20 +7,30 @@
|
||||
# For more information about configuring your workflow,
|
||||
# read our documentation at https://github.com/blackduck-inc/black-duck-security-scan
|
||||
|
||||
name: CI-Black-Duck-Security-Scan
|
||||
name: CI Black Duck security scan
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ $default-branch ]
|
||||
branches: [ $default-branch, $protected-branches ]
|
||||
pull_request:
|
||||
# The branches below must be a subset of the branches above
|
||||
branches: [ $default-branch ]
|
||||
schedule:
|
||||
- cron: $cron-weekly
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
pull-requests: write
|
||||
security-events: write
|
||||
actions: read
|
||||
|
||||
steps:
|
||||
- name: Checkout Source
|
||||
- name: Checkout source
|
||||
uses: actions/checkout@v3
|
||||
- name: Black Duck SCA Scan
|
||||
- name: Black Duck SCA scan
|
||||
uses: blackduck-inc/black-duck-security-scan@805cbd09e806b01907bbea0f990723c2bb85abe9
|
||||
with:
|
||||
### ---------- BLACKDUCK SCA SCANNING: REQUIRED FIELDS ----------
|
||||
@@ -41,3 +51,4 @@ jobs:
|
||||
srm_url: ${{ vars.SRM_URL }}
|
||||
srm_apikey: ${{ secrets.SRM_API_KEY }}
|
||||
srm_assessment_types: "SCA,SAST"
|
||||
|
||||
|
||||
@@ -1,7 +1,8 @@
|
||||
{
|
||||
"name": "Black Duck Security Scan Workflow",
|
||||
"creator": "Black Duck Software, Inc.",
|
||||
"description": "The Black Duck Security Scan GitHub Action allows you to configure your pipeline to run Black Duck Security Scan and take action on the security results",
|
||||
"iconName": "black-duck-icon.png",
|
||||
"iconName": "black-duck.svg",
|
||||
"categories": [
|
||||
"Code Scanning",
|
||||
"C",
|
||||
@@ -18,4 +19,4 @@
|
||||
"VB.NET",
|
||||
"Objective C"
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user