Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/philips-labs/blackduck-scanner-action

BlackDuck GItHub Action
https://github.com/philips-labs/blackduck-scanner-action

Last synced: 3 months ago
JSON representation

BlackDuck GItHub Action

Awesome Lists containing this project

README 

        
# Black Duck Scanner action



> Warning. This action is no longer maintained. [Synopsys released their own action. Please use theirs](https://github.com/synopsys-sig/detect-action)!



A Github action for running Black Duck analysis on your codebase inside a Docker container.



## Required parameters



| Parameter     | Description                                         |

| ------------- | :-------------------------------------------------- |

| projectName   | Your project name in BlackDuck                      |

| versionPrefix | Version prefix                                      |

| token         | Black Duck token token                              |

| url           | Black Duck server url                               |

| sourePath     | source path                                         |

| extraArgs     | Extra arguments that will be passed to the detector |



## Sample Configuration



To prevent your token from showing in the runner's output, it is advised to store the token configuration inside of a github secret variable.



The listing below uses the secret `BLACKDUCK_TOKEN` from your project's configuration.



```yml

blackduck:

  name: BlackDuck

  runs-on: self-hosted

  steps:

    - uses: philips-labs/blackduck-scanner-action@v1

      with:

        token: ${{ secrets.BLACKDUCK_TOKEN }}

        projectName: Your project name

        versionPrefix: You version prefix

        url: https://your.black.duck.swamp/

        sourcePath: /code

        extraArgs: --detect.yarn.prod.only=true



```