Migrating workflows from v2/trunk to here to reduce confusion/collisions

.github/workflows/blackduck-v2.yml

@@ -0,0 +1,46 @@
+name: Blackduck Rapid Scan v2
+
+on:
+  push:
+    branches:
+      - v2/trunk
+  pull_request:
+    types: [opened, synchronize, reopened]
+
+jobs:
+  blackduck:
+    runs-on: ubuntu-latest
+    env:
+      JFROG_NPMRC: ${{ secrets.JFROG_NPMRC }}
+      GH_TOKEN: Fisker-Inc:${{secrets.GITHUB_TOKEN}}
+
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v3
+
+      - uses: actions/setup-node@v3
+        with:
+          node-version: "18.x"
+          cache: npm
+
+      - name: JFrog Auth
+        run:  echo ${JFROG_NPMRC} | base64 -d > .npmrc
+
+      - run: npm install
+      - run: npm run build
+
+      - name: Run Synopsys Detect RAPID
+        run: |
+          bash <(curl -s -L https://detect.synopsys.com/detect8.sh) \
+          --blackduck.url=${{ secrets.BLACKDUCK_URL }} \
+          --blackduck.api.token=${{ secrets.BLACKDUCK_API_KEY }} \
+          --blackduck.trust.cert=true \
+          --detect.project.version.update=true \
+          --detect.project.name='ota-admin-portal' \
+          --detect.excluded.directories='node_modules, .next' \
+          --detect.project.version.name=$GITHUB_REF_NAME \
+          --detect.blackduck.scan.mode="RAPID" \
+          --detect.detector.search.depth=3 \
+          --detect.detector.search.continue=true \
+          --detect.npm.include.dev.dependencies=false
+    # --detect.detector.search.continue=true - If true, the bom tool search will continue to look for nested bom tools of the same type to the maximum search depth