Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/philips-labs/blackduck-scanner-action

BlackDuck GItHub Action
https://github.com/philips-labs/blackduck-scanner-action

Last synced: 25 days ago
JSON representation

BlackDuck GItHub Action

Awesome Lists containing this project

README

        

# Black Duck Scanner action

> Warning. This action is no longer maintained. [Synopsys released their own action. Please use theirs](https://github.com/synopsys-sig/detect-action)!

A Github action for running Black Duck analysis on your codebase inside a Docker container.

## Required parameters

| Parameter | Description |
| ------------- | :-------------------------------------------------- |
| projectName | Your project name in BlackDuck |
| versionPrefix | Version prefix |
| token | Black Duck token token |
| url | Black Duck server url |
| sourePath | source path |
| extraArgs | Extra arguments that will be passed to the detector |

## Sample Configuration

To prevent your token from showing in the runner's output, it is advised to store the token configuration inside of a github secret variable.

The listing below uses the secret `BLACKDUCK_TOKEN` from your project's configuration.

```yml
blackduck:
name: BlackDuck
runs-on: self-hosted
steps:
- uses: philips-labs/blackduck-scanner-action@v1
with:
token: ${{ secrets.BLACKDUCK_TOKEN }}
projectName: Your project name
versionPrefix: You version prefix
url: https://your.black.duck.swamp/
sourcePath: /code
extraArgs: --detect.yarn.prod.only=true

```