blackduck-scan #1170
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: blackduck-scan | |
on: | |
workflow_dispatch: | |
schedule: | |
- cron: 0 23 * * * | |
jobs: | |
tests: | |
runs-on: ubuntu-latest | |
timeout-minutes: 15 | |
steps: | |
- uses: actions/checkout@v4 | |
- run: git fetch --depth=1 | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: 22 | |
cache: 'yarn' | |
- run: yarn install --frozen-lockfile --ignore-engines | |
- run: sudo apt-get install jq | |
- run: echo "project_version=$(cat package.json | jq '.version' | tr -d '"')" >> $GITHUB_ENV | |
- name: Blackduck Scan | |
uses: SAP/project-piper-action@27cadf261545552a68660531476c0915a97ee3d8 | |
with: | |
command: detectExecuteScan | |
flags: \ | |
--version=$PROJECT_VERSION \ | |
--excludedDirectories=test-packages | |
env: | |
PIPER_token: ${{ secrets.BLACKDUCK_TOKEN }} | |
PROJECT_VERSION: ${{ env.project_version }} | |
DETECT_TIMEOUT: 6000 | |
DETECT_YARN_EXCLUDED_WORKSPACES: test-packages/** | |
DETECT_YARN_DEPENDENCY_TYPES_EXCLUDED: NON_PRODUCTION | |
- if: failure() || cancelled() | |
name: Slack Notify | |
uses: rtCamp/[email protected] | |
env: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
SLACK_USERNAME: SDK Pipeline Bot | |
SLACK_TITLE: Blackduck scan ${{ job.status }} | |
SLACK_MESSAGE: 'Test failed' | |
MSG_MINIMAL: event,actions url | |
SLACK_COLOR: ${{ job.status }} | |
SLACK_MSG_AUTHOR: ' ' | |
SLACK_ICON: https://sap.github.io/cloud-sdk/img/logo.png |