Files
starter-workflows/code-scanning/black-duck-security-scan-ci.yml
T

34 lines
1.2 KiB
YAML

name: CI-Black-Duck-Security-Scan
on:
push:
branches: [ $default-branch ]
pull_request:
branches: [ $default-branch ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout Source
uses: actions/checkout@v3
- name: Black Duck SCA Scan
uses: blackduck-inc/black-duck-security-scan@v2.0.0
with:
### ---------- BLACKDUCK SCA SCANNING: REQUIRED FIELDS ----------
blackducksca_url: ${{ vars.BLACKDUCKSCA_URL }}
blackducksca_token: ${{ secrets.BLACKDUCKSCA_TOKEN }}
### ---------- COVERITY SCANNING: REQUIRED FIELDS ----------
coverity_url: ${{ vars.COVERITY_URL }}
coverity_user: ${{ secrets.COVERITY_USER }}
coverity_passphrase: ${{ secrets.COVERITY_PASSPHRASE }}
### ---------- POLARIS SCANNING: REQUIRED FIELDS ----------
polaris_server_url: ${{ vars.POLARIS_SERVER_URL }}
polaris_access_token: ${{ secrets.POLARIS_ACCESS_TOKEN }}
polaris_assessment_types: "SCA,SAST"
### ---------- SRM SCANNING: REQUIRED FIELDS ----------
srm_url: ${{ vars.SRM_URL }}
srm_apikey: ${{ secrets.SRM_API_KEY }}
srm_assessment_types: "SCA,SAST"