From d587c77991830a8b6511d6e3b25af23c2aa21810 Mon Sep 17 00:00:00 2001
From: ron-duck <ronald.felice@blackduck.com>
Date: Wed, 12 Mar 2025 09:31:20 -0400
Subject: [PATCH] Create polaris-sig.yml

---
 .github/workflows/polaris-sig.yml | 42 +++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)
 create mode 100644 .github/workflows/polaris-sig.yml

diff --git a/.github/workflows/polaris-sig.yml b/.github/workflows/polaris-sig.yml
new file mode 100644
index 00000000..f0f55830
--- /dev/null
+++ b/.github/workflows/polaris-sig.yml
@@ -0,0 +1,42 @@
+# example workflow for Polaris scans using the Black Duck Security Scan Action
+# https://github.com/marketplace/actions/black-duck-security-scan
+name: polaris-ss-sig-action
+on:
+  push:
+    branches: [ main, master, develop, stage, release ]
+  pull_request:
+    branches: [ main, master, develop, stage, release ]
+  workflow_dispatch:
+jobs:
+  polaris:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout Source
+      uses: actions/checkout@v4
+    - name: Setup Java JDK
+      uses: actions/setup-java@v4
+      with:
+        java-version: 17
+        distribution: microsoft
+        cache: maven
+    - name: Polaris Scan
+      if: ${{ github.event_name != 'pull_request' }}
+      uses: blackduck-inc/black-duck-security-scan@v2.0.0
+      with:
+        polaris_server_url: ${{ vars.POLARIS_SERVERURL }}
+        polaris_access_token: ${{ secrets.POLARIS_ACCESSTOKEN }}
+        polaris_assessment_types: 'SCA'
+        polaris_test_sca_type: 'SCA-SIGNATURE'
+        polaris_application_name: RAF-ACME_LABS
+        polaris_prComment_enabled: 'true'
+        polaris_reports_sarif_create: 'true'
+        polaris_upload_sarif_report: 'true'
+        github_token: ${{ secrets.GITHUB_TOKEN }}
+        # include_diagnostics: true
+#    - name: Save Logs
+#      if: always()
+#      uses: actions/upload-artifact@v4
+#      with:
+#        name: bridge-logs
+#        path: ${{ github.workspace }}/.bridge
+#        include-hidden-files: true