Skip to content

blackduck-scan

blackduck-scan #1170

Workflow file for this run

name: blackduck-scan
on:
workflow_dispatch:
schedule:
- cron: 0 23 * * *
jobs:
tests:
runs-on: ubuntu-latest
timeout-minutes: 15
steps:
- uses: actions/checkout@v4
- run: git fetch --depth=1
- uses: actions/setup-node@v4
with:
node-version: 22
cache: 'yarn'
- run: yarn install --frozen-lockfile --ignore-engines
- run: sudo apt-get install jq
- run: echo "project_version=$(cat package.json | jq '.version' | tr -d '"')" >> $GITHUB_ENV
- name: Blackduck Scan
uses: SAP/project-piper-action@27cadf261545552a68660531476c0915a97ee3d8
with:
command: detectExecuteScan
flags: \
--version=$PROJECT_VERSION \
--excludedDirectories=test-packages
env:
PIPER_token: ${{ secrets.BLACKDUCK_TOKEN }}
PROJECT_VERSION: ${{ env.project_version }}
DETECT_TIMEOUT: 6000
DETECT_YARN_EXCLUDED_WORKSPACES: test-packages/**
DETECT_YARN_DEPENDENCY_TYPES_EXCLUDED: NON_PRODUCTION
- if: failure() || cancelled()
name: Slack Notify
uses: rtCamp/[email protected]
env:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
SLACK_USERNAME: SDK Pipeline Bot
SLACK_TITLE: Blackduck scan ${{ job.status }}
SLACK_MESSAGE: 'Test failed'
MSG_MINIMAL: event,actions url
SLACK_COLOR: ${{ job.status }}
SLACK_MSG_AUTHOR: ' '
SLACK_ICON: https://sap.github.io/cloud-sdk/img/logo.png