From 788caff9d812d1480e4cf447d11026acda6107ce Mon Sep 17 00:00:00 2001
From: wattachai <117723407+wattachai-lseg@users.noreply.github.com>
Date: Fri, 24 Nov 2023 17:37:31 +0700
Subject: [PATCH] chore: refactor blackduck scan workflow (#1034)

---
 .github/workflows/blackduck_scan.yml | 21 +++++++++++++--------
 1 file changed, 13 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/blackduck_scan.yml b/.github/workflows/blackduck_scan.yml
index 1ca6b18c25..69dd68b2a3 100644
--- a/.github/workflows/blackduck_scan.yml
+++ b/.github/workflows/blackduck_scan.yml
@@ -36,6 +36,16 @@ jobs:
     name: Blackduck
     runs-on: ubuntu-latest
     steps:
+      - name: Context Valdidation
+        run: |
+          BRANCH_NAME="${GITHUB_REF#refs/heads/}"
+          if [[ "${{ inputs.target }}" == "Production" && $BRANCH_NAME != "v6" && $BRANCH_NAME != "v7" ]]; \
+          then echo "Only v6 & v7 branch can be published as production"; exit 1; \
+          fi
+          if [[ -z "${{ vars.BLACKDUCK_APP_ID }}" ]]; then  echo "[BLACKDUCK] APP_ID must be set";  exit 1; fi
+          if [[ -z "${{ vars.BLACKDUCK_PROJECT_ID }}" ]]; then echo "[BLACKDUCK] PROJECT_ID must be set"; exit 1; fi
+          if [[ -z "${{ secrets.BLACKDUCK_APP_TOKEN }}" ]]; then echo "[BLACKDUCK] BLACKDUCK_APP_TOKEN must be set"; exit 1; fi
+          echo "Inputs, variables & secrets validation: successful."
       - name: Check out repository code
         uses: actions/checkout@v3
         with:
@@ -52,14 +62,9 @@ jobs:
           mv $DETECT_FILE appsec/
           BRANCH_NAME="${GITHUB_REF#refs/heads/}"
 
-          if [[ "${{ inputs.target }}" == "Production" && $BRANCH_NAME != "v6" && $BRANCH_NAME != "v7" ]]; \
-          then echo "Only v6 & v7 branch can be published as production"; exit 1; \
-          fi
-          if [[ "${{ inputs.target }}" == "Production" ]]; then  export RELEASE_TYPE="PROD"; export VERSION_ID="Release_$BRANCH_NAME"; fi
-          if [[ "${{ inputs.target }}" != "Production" ]]; then export RELEASE_TYPE="DEV"; export VERSION_ID="${{ inputs.target }}"; fi
-          if [[ -z "${{ vars.BLACKDUCK_APP_ID }}" ]]; then  echo "[BLACKDUCK] APP_ID must be set";  exit 1; fi
-          if [[ -z "${{ vars.BLACKDUCK_PROJECT_ID }}" ]]; then echo "[BLACKDUCK] PROJECT_ID must be set"; exit 1; fi
-          if [[ -z "${{ secrets.BLACKDUCK_APP_TOKEN }}" ]]; then echo "[BLACKDUCK] BLACKDUCK_APP_TOKEN must be set"; exit 1; fi
+          RELEASE_TYPE="DEV"
+          VERSION_ID="${{ inputs.target }}"
+          if [[ "${{ inputs.target }}" == "Production" ]]; then RELEASE_TYPE="PROD"; VERSION_ID="Release_${GITHUB_REF#refs/heads/}"; fi
 
           java -jar appsec/$DETECT_FILE \
           --detect.project.application.id="${{ vars.BLACKDUCK_APP_ID }}" \