blackduck-scan #710

	name: blackduck-scan

	on:
	workflow_dispatch:
	schedule:
	- cron: 0 23 * * *

	jobs:
	tests:
	runs-on: ubuntu-latest
	timeout-minutes: 15
	steps:
	- uses: actions/checkout@v3
	- run: git fetch --depth=1
	- uses: actions/setup-node@v3
	with:
	node-version: 18
	cache: 'yarn'
	- run: yarn install --frozen-lockfile
	- run: sudo apt-get install jq
	- run: echo "project_version=$(cat package.json \| jq '.version' \| tr -d '"')" >> $GITHUB_ENV
	- name: Blackduck Scan
	uses: SAP/project-piper-action@27cadf261545552a68660531476c0915a97ee3d8
	with:
	command: detectExecuteScan
	flags: \
	--version=$PROJECT_VERSION \
	--scanProperties="\
	--detect.yarn.prod.only=true \
	--blackduck.signature.scanner.memory=4096 \
	--detect.timeout=6000 \
	--blackduck.trust.cert=true"
	env:
	PIPER_token: ${{ secrets.BLACKDUCK_TOKEN }}
	PROJECT_VERSION: ${{ env.project_version }}

Provide feedback