CEC-1955 synopsys blackduck (#166)
* Testing the blackduck integration * Updated the depth to 0 * updated the scheduler
This commit is contained in:
venkats09
40
.github/workflows/blackduck.yml
vendored
Normal file
40
.github/workflows/blackduck.yml
vendored
Normal file
@@ -0,0 +1,40 @@
|
|||||||
|
name: Blackduck
|
||||||
|
|
||||||
|
on:
|
||||||
|
schedule:
|
||||||
|
# run scans twice a month
|
||||||
|
- cron: "0 2 1,15 * *"
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
blackduck:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
steps:
|
||||||
|
- name: Checkout Code
|
||||||
|
uses: actions/checkout@v2
|
||||||
|
|
||||||
|
- name: Use Node.js ${{ matrix.node-version }}
|
||||||
|
uses: actions/setup-node@v2
|
||||||
|
with:
|
||||||
|
node-version: "16"
|
||||||
|
cache: "npm"
|
||||||
|
- run: npm install
|
||||||
|
- run: npm run build
|
||||||
|
|
||||||
|
# ota-admin-portal
|
||||||
|
- name: Run Synopsys Detect - ota-admin-portal
|
||||||
|
uses: synopsys-sig/detect-action@v0.3.2
|
||||||
|
env:
|
||||||
|
DETECT_PROJECT_NAME: ota-admin-portal
|
||||||
|
DETECT_EXCLUDED_DIRECTORIES: node_modules
|
||||||
|
DETECT_PROJECT_VERSION_NAME: default
|
||||||
|
DETECT_NPM_INCLUDE_DEV_DEPENDENCIES: "FALSE"
|
||||||
|
# DETECT_DETECTOR_SEARCH_EXCLUSION_DEFAULTS: "true"
|
||||||
|
DETECT_DETECTOR_SEARCH_DEPTH: 0
|
||||||
|
DETECT_DETECTOR_SEARCH_CONTINUE: "true"
|
||||||
|
|
||||||
|
with:
|
||||||
|
github-token: ${{ secrets.GITHUB_TOKEN }}
|
||||||
|
detect-version: 7.9.0
|
||||||
|
blackduck-url: ${{ secrets.BLACKDUCK_URL }}
|
||||||
|
blackduck-api-token: ${{ secrets.BLACKDUCK_API_KEY }}
|
||||||
|
scan-mode: INTELLIGENT
|
||||||
Reference in New Issue
Block a user