Skip to content

Commit

Permalink
.github:workflows: add workflow file for blackduck scanning
Browse files Browse the repository at this point in the history
This check will be triggered when a push is made on main branch of a tag
for release is created.
A blackduck scanning of the project will be made and uploaded on the
product page from analogdevices blackduck server.

Signed-off-by: Andreea Andrisan <[email protected]>
  • Loading branch information
AAndrisa committed Sep 30, 2024
1 parent 8bce8b3 commit 7dc382f
Showing 1 changed file with 31 additions and 0 deletions.
31 changes: 31 additions & 0 deletions .github/workflows/blackduck_scaninng.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
name: Blackduck Scanning

on:
push:
branches:
- main
tags:
- v**

jobs:
build:
runs-on: [ ubuntu-latest ]
environment: blackduck
steps:
- name: Checkout Source
uses: actions/checkout@v3
- name: Black Duck Scan
uses: synopsys-sig/[email protected]

### Configure DETECT environment variables
env:
DETECT_PROJECT_NAME: oa_libiio
DETECT_PROJECT_VERSION_NAME: ${{ github.ref_name }}
DETECT_BLACKDUCK_SIGNATURE_SCANNER_LICENSE_SEARCH: true
DETECT_BLACKDUCK_SIGNATURE_SCANNER_COPYRIGHT_SEARCH: true
DETECT_EXCLUDED_DETECTOR_TYPES: GIT
with:
### SCANNING: Required fields
blackduck_url: ${{ vars.BLACKDUCK_URL }}
blackduck_token: ${{ secrets.BLACKDUCK_TOKEN }}
blackduck_args: '--detect.wait.for.results=false'

0 comments on commit 7dc382f

Please sign in to comment.