From 10e5591e65366de88bb4cc9ddefb89fd6faa2f97 Mon Sep 17 00:00:00 2001
From: Nathan Clemons <nathan.clemons@nice.com>
Date: Fri, 21 Jul 2023 04:41:30 -0700
Subject: [PATCH] DE-57584: Configure GHA for Black Duck scanning.

---
 .github/workflows/blackduck.yaml | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 .github/workflows/blackduck.yaml

diff --git a/.github/workflows/blackduck.yaml b/.github/workflows/blackduck.yaml
new file mode 100644
index 0000000..186645b
--- /dev/null
+++ b/.github/workflows/blackduck.yaml
@@ -0,0 +1,29 @@
+name: blackduck
+
+on:
+  push:
+    branches:
+      - master
+  schedule:
+    # Execute at 00:00 on 1st day of every month
+    - cron: '0 0 1 * *'
+
+jobs:
+  # A job to execute a blackduck scan
+  blackduck:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Run Synopsys Detect
+        uses: synopsys-sig/detect-action@v0.3.0
+        env:
+          DETECT_TOOLS: DETECTOR
+          DETECT_PROJECT_NAME: ${{ github.repository }}
+          NODE_EXTRA_CA_CERTS: ${{ secrets.LOCAL_CA_CERT_PATH }}
+        with:
+            github-token: ${{ secrets.GITHUB_TOKEN }}
+            detect-version: 7.9.0
+            blackduck-url: https://nice2.app.blackduck.com/
+            blackduck-api-token: ${{ secrets.BLACKDUCK_API_TOKEN }}
+            scan-mode: INTELLIGENT