Skip to content

Blackduck Scan

Blackduck Scan #83

Workflow file for this run

name: 'Blackduck Scan'
on:
workflow_dispatch:
schedule:
- cron: 0 23 * * *
jobs:
tests:
runs-on: ubuntu-latest
timeout-minutes: 15
steps:
- uses: actions/checkout@v3
- run: git fetch --depth=1
- name: Setup java
uses: actions/setup-java@v3
with:
distribution: "temurin"
java-version: "17"
cache: maven
# Fixme: Use major version from pom once it is 5.x
- name: Get SDK Version
run: |
echo "project_version_NOT_YET_IN_USE=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout | cut -d '.' -f 1)" >> $GITHUB_ENV
- name: Blackduck Scan
uses: SAP/project-piper-action@27cadf261545552a68660531476c0915a97ee3d8
with:
command: detectExecuteScan
flags: \
--version=$PROJECT_VERSION \
--scanProperties="\
--blackduck.signature.scanner.memory=4096 \
--detect.timeout=6000 \
--blackduck.trust.cert=true"
env:
PIPER_token: ${{ secrets.BLACKDUCK_TOKEN }}
PROJECT_VERSION: "5"