From cb02566ac00d7a02e51c0b71dd68fd9a66072655 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 4 Feb 2026 06:38:29 +0000 Subject: [PATCH 1/3] Initial plan From ef7726fd6734fa0af2fad37e93cf5d718904693b Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 4 Feb 2026 06:40:16 +0000 Subject: [PATCH 2/3] fix: add conditional to Black Duck workflow to skip when credentials not configured Co-authored-by: EthanThePhoenix38 <103653068+EthanThePhoenix38@users.noreply.github.com> --- .github/workflows/black-duck-security-scan-ci.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/black-duck-security-scan-ci.yml b/.github/workflows/black-duck-security-scan-ci.yml index ec244c3bb..0656139fe 100644 --- a/.github/workflows/black-duck-security-scan-ci.yml +++ b/.github/workflows/black-duck-security-scan-ci.yml @@ -31,6 +31,8 @@ jobs: - name: Checkout source uses: actions/checkout@v4 - name: Black Duck SCA scan + # Only run if at least one scanning tool is configured + if: vars.BLACKDUCKSCA_URL != '' || vars.COVERITY_URL != '' || vars.POLARIS_SERVER_URL != '' || vars.SRM_URL != '' uses: blackduck-inc/black-duck-security-scan@805cbd09e806b01907bbea0f990723c2bb85abe9 with: ### ---------- BLACKDUCK SCA SCANNING: REQUIRED FIELDS ---------- From 0f95f8ee2c93f34db95cbbae4ee16e1b81af1941 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 4 Feb 2026 06:45:11 +0000 Subject: [PATCH 3/3] chore: remove Black Duck workflow (deleted in main) Co-authored-by: EthanThePhoenix38 <103653068+EthanThePhoenix38@users.noreply.github.com> --- .../workflows/black-duck-security-scan-ci.yml | 56 ------------------- 1 file changed, 56 deletions(-) delete mode 100644 .github/workflows/black-duck-security-scan-ci.yml diff --git a/.github/workflows/black-duck-security-scan-ci.yml b/.github/workflows/black-duck-security-scan-ci.yml deleted file mode 100644 index 0656139fe..000000000 --- a/.github/workflows/black-duck-security-scan-ci.yml +++ /dev/null @@ -1,56 +0,0 @@ -# This workflow uses actions that are not certified by GitHub. -# They are provided by a third-party and are governed by -# separate terms of service, privacy policy, and support -# documentation. - -# Black Duck Security Action allows you to integrate Static Analysis Security Testing (SAST) and Software Composition Analysis (SCA) into your CI/CD pipelines. -# For more information about configuring your workflow, -# read our documentation at https://github.com/blackduck-inc/black-duck-security-scan - -name: CI Black Duck security scan - -on: - push: - branches: [ "main" ] - pull_request: - # The branches below must be a subset of the branches above - branches: [ "main" ] - schedule: - - cron: '39 6 * * 0' - -jobs: - build: - runs-on: ubuntu-latest - permissions: - contents: read - pull-requests: write - security-events: write - actions: read - - steps: - - name: Checkout source - uses: actions/checkout@v4 - - name: Black Duck SCA scan - # Only run if at least one scanning tool is configured - if: vars.BLACKDUCKSCA_URL != '' || vars.COVERITY_URL != '' || vars.POLARIS_SERVER_URL != '' || vars.SRM_URL != '' - uses: blackduck-inc/black-duck-security-scan@805cbd09e806b01907bbea0f990723c2bb85abe9 - with: - ### ---------- BLACKDUCK SCA SCANNING: REQUIRED FIELDS ---------- - blackducksca_url: ${{ vars.BLACKDUCKSCA_URL }} - blackducksca_token: ${{ secrets.BLACKDUCKSCA_TOKEN }} - - ### ---------- COVERITY SCANNING: REQUIRED FIELDS ---------- - coverity_url: ${{ vars.COVERITY_URL }} - coverity_user: ${{ secrets.COVERITY_USER }} - coverity_passphrase: ${{ secrets.COVERITY_PASSPHRASE }} - - ### ---------- POLARIS SCANNING: REQUIRED FIELDS ---------- - polaris_server_url: ${{ vars.POLARIS_SERVER_URL }} - polaris_access_token: ${{ secrets.POLARIS_ACCESS_TOKEN }} - polaris_assessment_types: "SCA,SAST" - - ### ---------- SRM SCANNING: REQUIRED FIELDS ---------- - srm_url: ${{ vars.SRM_URL }} - srm_apikey: ${{ secrets.SRM_API_KEY }} - srm_assessment_types: "SCA,SAST" -