diff --git a/.github/workflows/bd_ss_main.yml b/.github/workflows/bd_ss_main.yml
new file mode 100644
index 0000000..faee7d6
--- /dev/null
+++ b/.github/workflows/bd_ss_main.yml
@@ -0,0 +1,74 @@
+name: CI-BlackDuck-SCA
+
+on:
+ push:
+ branches: [main, master, develop, stage, release]
+ pull_request:
+ branches: [main, master, develop, stage, release]
+
+jobs:
+ build:
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout Source
+ uses: actions/checkout@v4
+
+ - name: Black Duck SCA Full Scan
+ id: black-duck-full-scan
+ if: ${{ github.event_name != 'pull_request' }}
+ uses: blackduck-inc/black-duck-security-scan@v2
+ env:
+ DETECT_PROJECT_NAME: ${{ github.event.repository.name }}
+ with:
+ blackducksca_url: ${{ vars.BLACKDUCK_URL }}
+ blackducksca_token: ${{ secrets.BLACKDUCK_TOKEN }}
+ blackducksca_scan_full: true
+ blackducksca_scan_failure_severities: 'BLOCKER,CRITICAL'
+ # blackducksca_waitForScan: false
+ # detect_search_depth: 2
+ # detect_args: '--detect.diagnostic=true'
+ # detect_config_path: '/Users/Config/application.properties'
+ # blackducksca_fixpr_enabled: true
+ # blackducksca_fixpr_maxCount: 5
+ # blackducksca_fixpr_filter_severities: 'CRITICAL,HIGH'
+ # blackducksca_fixpr_useUpgradeGuidance: 'SHORT_TERM,LONG_TERM'
+ # github_token: ${{ secrets.GITHUB_TOKEN }}
+ # blackducksca_reports_sarif_create: true
+ # blackducksca_reports_sarif_file_path: '/Users/tmp/report.sarif.json'
+ # blackducksca_reports_sarif_severities: 'CRITICAL,HIGH'
+ # blackducksca_reports_sarif_groupSCAIssues: true
+ # blackducksca_upload_sarif_report: true
+ # github_token: ${{ secrets.GITHUB_TOKEN }}
+ mark_build_status: 'success'
+ # blackducksca_policy_badges_create: true
+ # blackducksca_policy_badges_maxCount: 5
+ # project_directory: ${{ vars.PROJECT_DIRECTORY }}
+ # include_diagnostics: true
+ # network_ssl_trustAll: true
+ # network_ssl_cert_file: '/Users/Config/cert.pem'
+
+ - name: Black Duck SCA PR Scan
+ id: black-duck-pr-scan
+ if: ${{ github.event_name == 'pull_request' }}
+ uses: blackduck-inc/black-duck-security-scan@v2
+ env:
+ DETECT_PROJECT_NAME: ${{ github.event.repository.name }}
+ with:
+ blackducksca_url: ${{ vars.BLACKDUCK_URL }}
+ blackducksca_token: ${{ secrets.BLACKDUCK_TOKEN }}
+ blackducksca_scan_full: false
+ blackducksca_prComment_enabled: true
+ github_token: ${{ secrets.GITHUB_TOKEN }}
+ # blackducksca_policy_badges_create: true
+ # blackducksca_policy_badges_maxCount: 5
+ # project_directory: ${{ vars.PROJECT_DIRECTORY }}
+ # include_diagnostics: true
+ mark_build_status: 'success'
+ # network_ssl_trustAll: true
+ # network_ssl_cert_file: '/Users/Config/cert.pem'
+
+ # - name: cmdLine
+ # id: cmdLine
+ # run: |
+ # EXIT_CODE=${{ steps.black-duck-full-scan.outputs.status }}
+
diff --git a/pom.xml b/pom.xml
index 49138f6..b17e933 100644
--- a/pom.xml
+++ b/pom.xml
@@ -11,12 +11,32 @@
https://jitpack.io/#jitpack/maven-simple/0.1
+
junit
junit
4.13.1
test
+
+
+ ch.qos.logback
+ logback-core
+ 1.1.0
+
+
+
+ org.springframework
+ spring-core
+ 5.3.18
+
+
+ org.springframework
+ spring-context
+
+
+
+