Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/philips-labs/blackduck-scanner-action
BlackDuck GItHub Action
https://github.com/philips-labs/blackduck-scanner-action
Last synced: 25 days ago
JSON representation
BlackDuck GItHub Action
- Host: GitHub
- URL: https://github.com/philips-labs/blackduck-scanner-action
- Owner: philips-labs
- License: mit
- Created: 2020-03-21T12:53:15.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2022-11-25T08:49:35.000Z (about 2 years ago)
- Last Synced: 2024-10-31T10:47:42.117Z (about 1 month ago)
- Language: Shell
- Size: 23.4 KB
- Stars: 8
- Watchers: 5
- Forks: 5
- Open Issues: 3
-
Metadata Files:
- Readme: README.MD
- Contributing: CONTRIBUTING.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - philips-labs/blackduck-scanner-action - BlackDuck GItHub Action (Shell)
README
# Black Duck Scanner action
> Warning. This action is no longer maintained. [Synopsys released their own action. Please use theirs](https://github.com/synopsys-sig/detect-action)!
A Github action for running Black Duck analysis on your codebase inside a Docker container.
## Required parameters
| Parameter | Description |
| ------------- | :-------------------------------------------------- |
| projectName | Your project name in BlackDuck |
| versionPrefix | Version prefix |
| token | Black Duck token token |
| url | Black Duck server url |
| sourePath | source path |
| extraArgs | Extra arguments that will be passed to the detector |## Sample Configuration
To prevent your token from showing in the runner's output, it is advised to store the token configuration inside of a github secret variable.
The listing below uses the secret `BLACKDUCK_TOKEN` from your project's configuration.
```yml
blackduck:
name: BlackDuck
runs-on: self-hosted
steps:
- uses: philips-labs/blackduck-scanner-action@v1
with:
token: ${{ secrets.BLACKDUCK_TOKEN }}
projectName: Your project name
versionPrefix: You version prefix
url: https://your.black.duck.swamp/
sourcePath: /code
extraArgs: --detect.yarn.prod.only=true```