fix: skip Black Duck CI when credentials not configured

[Copilot]

• Identify merge conflict with main branch
• Resolve conflict by removing Black Duck workflow (deleted in main)
• Verify no other conflicts remain after merge
• Reply to user

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

[EthanThePhoenix38]

@copilot resouds conflits et merge

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: ef7726fd67

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Guard scan on credentials, not just URL vars

The new step condition only checks URL vars (line 35), but the action also requires tokens/passwords from secrets.*. If a URL is configured but the corresponding secret is missing (the exact failure you’re trying to avoid), the step still runs and fails. This means the change doesn’t actually skip when credentials aren’t configured. Consider including the required secrets in the condition (per tool) so missing credentials truly bypass the scan.

Useful? React with 👍 / 👎.

[EthanThePhoenix38]

@claude Enleve BlackDUCK de tous mes scan, je n'ai pas les credentials.

[Copilot]

Pull request overview

Adjusts the Black Duck CI security scan workflow to avoid running scans when the repository isn’t configured for any of the supported scanning tools (intended to address CI failures due to missing credentials/config).

Changes:

• Adds a conditional guard to the Black Duck scan step to run only when at least one scanner URL is configured.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

This repo’s workflows consistently wrap if expressions using the ${{ ... }} syntax (e.g. .github/workflows/dependabot-secure-flow.yaml:37). For consistency and to avoid YAML treating the value as a plain string in some contexts, wrap this step condition in ${{ }} as well.

[Copilot]

PR title indicates a tldts-core dependency update, but the changes in this PR are only to the Black Duck security scan workflow. Please either include the dependency bump changes, or update the PR title to match the actual scope.

[Copilot]

The new guard only checks that a URL variable is set, but the reported failure is “missing credentials”. As written, the step will still run (and likely fail) when a URL is configured but the required secret(s) are not. Consider gating per tool on both its URL var and required secrets (e.g., BlackDuck URL + token, Coverity URL + user + passphrase, etc.), or otherwise skipping when credentials are absent.

Suggested change

	# Only run if at least one scanning tool is configured
	if: vars.BLACKDUCKSCA_URL != '' || vars.COVERITY_URL != '' || vars.POLARIS_SERVER_URL != '' || vars.SRM_URL != ''
	# Only run if at least one scanning tool is configured with both URL and required credentials
	if: >
	(vars.BLACKDUCKSCA_URL != '' && secrets.BLACKDUCKSCA_TOKEN != '') ||
	(vars.COVERITY_URL != '' && secrets.COVERITY_USER != '' && secrets.COVERITY_PASSPHRASE != '') ||
	(vars.POLARIS_SERVER_URL != '' && secrets.POLARIS_ACCESS_TOKEN != '') ||
	(vars.SRM_URL != '' && secrets.SRM_API_KEY != '')