From d587c77991830a8b6511d6e3b25af23c2aa21810 Mon Sep 17 00:00:00 2001
From: ron-duck <ronald.felice@blackduck.com>
Date: Wed, 12 Mar 2025 09:31:20 -0400
Subject: [PATCH 1/5] Create polaris-sig.yml

---
 .github/workflows/polaris-sig.yml | 42 +++++++++++++++++++++++++++++++
 1 file changed, 42 insertions(+)
 create mode 100644 .github/workflows/polaris-sig.yml

diff --git a/.github/workflows/polaris-sig.yml b/.github/workflows/polaris-sig.yml
new file mode 100644
index 00000000..f0f55830
--- /dev/null
+++ b/.github/workflows/polaris-sig.yml
@@ -0,0 +1,42 @@
+# example workflow for Polaris scans using the Black Duck Security Scan Action
+# https://github.com/marketplace/actions/black-duck-security-scan
+name: polaris-ss-sig-action
+on:
+  push:
+    branches: [ main, master, develop, stage, release ]
+  pull_request:
+    branches: [ main, master, develop, stage, release ]
+  workflow_dispatch:
+jobs:
+  polaris:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout Source
+      uses: actions/checkout@v4
+    - name: Setup Java JDK
+      uses: actions/setup-java@v4
+      with:
+        java-version: 17
+        distribution: microsoft
+        cache: maven
+    - name: Polaris Scan
+      if: ${{ github.event_name != 'pull_request' }}
+      uses: blackduck-inc/black-duck-security-scan@v2.0.0
+      with:
+        polaris_server_url: ${{ vars.POLARIS_SERVERURL }}
+        polaris_access_token: ${{ secrets.POLARIS_ACCESSTOKEN }}
+        polaris_assessment_types: 'SCA'
+        polaris_test_sca_type: 'SCA-SIGNATURE'
+        polaris_application_name: RAF-ACME_LABS
+        polaris_prComment_enabled: 'true'
+        polaris_reports_sarif_create: 'true'
+        polaris_upload_sarif_report: 'true'
+        github_token: ${{ secrets.GITHUB_TOKEN }}
+        # include_diagnostics: true
+#    - name: Save Logs
+#      if: always()
+#      uses: actions/upload-artifact@v4
+#      with:
+#        name: bridge-logs
+#        path: ${{ github.workspace }}/.bridge
+#        include-hidden-files: true

From 8b30199e916269c46cafc4eade4d46ced25edeca Mon Sep 17 00:00:00 2001
From: ron-duck <ronald.felice@blackduck.com>
Date: Fri, 13 Feb 2026 10:38:08 -0500
Subject: [PATCH 2/5] Update Polaris Scan action and application name

---
 .github/workflows/polaris-sig.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/polaris-sig.yml b/.github/workflows/polaris-sig.yml
index f0f55830..2b67557c 100644
--- a/.github/workflows/polaris-sig.yml
+++ b/.github/workflows/polaris-sig.yml
@@ -21,13 +21,13 @@ jobs:
         cache: maven
     - name: Polaris Scan
       if: ${{ github.event_name != 'pull_request' }}
-      uses: blackduck-inc/black-duck-security-scan@v2.0.0
+      uses: blackduck-inc/black-duck-security-scan@v2.7.1
       with:
         polaris_server_url: ${{ vars.POLARIS_SERVERURL }}
         polaris_access_token: ${{ secrets.POLARIS_ACCESSTOKEN }}
         polaris_assessment_types: 'SCA'
         polaris_test_sca_type: 'SCA-SIGNATURE'
-        polaris_application_name: RAF-ACME_LABS
+        polaris_application_name: RAF-ACME-JSC
         polaris_prComment_enabled: 'true'
         polaris_reports_sarif_create: 'true'
         polaris_upload_sarif_report: 'true'

From c93e8097b137f3070a1afddeb2132bfe7bbd705c Mon Sep 17 00:00:00 2001
From: ron-duck <ronald.felice@blackduck.com>
Date: Fri, 13 Feb 2026 10:48:56 -0500
Subject: [PATCH 3/5] Refactor Polaris scan workflow configuration

Updated the Polaris scan workflow to use newer action versions and modified assessment types.
---
 .github/workflows/polaris-sig.yml | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/polaris-sig.yml b/.github/workflows/polaris-sig.yml
index 2b67557c..12313436 100644
--- a/.github/workflows/polaris-sig.yml
+++ b/.github/workflows/polaris-sig.yml
@@ -1,6 +1,6 @@
 # example workflow for Polaris scans using the Black Duck Security Scan Action
 # https://github.com/marketplace/actions/black-duck-security-scan
-name: polaris-ss-sig-action
+name: polaris-ss-action
 on:
   push:
     branches: [ main, master, develop, stage, release ]
@@ -12,12 +12,12 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout Source
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
     - name: Setup Java JDK
-      uses: actions/setup-java@v4
+      uses: actions/setup-java@v5
       with:
-        java-version: 17
-        distribution: microsoft
+        java-version: 21
+        distribution: temurin
         cache: maven
     - name: Polaris Scan
       if: ${{ github.event_name != 'pull_request' }}
@@ -25,14 +25,16 @@ jobs:
       with:
         polaris_server_url: ${{ vars.POLARIS_SERVERURL }}
         polaris_access_token: ${{ secrets.POLARIS_ACCESSTOKEN }}
-        polaris_assessment_types: 'SCA'
-        polaris_test_sca_type: 'SCA-SIGNATURE'
+        polaris_assessment_types: 'SAST,SCA'
+        # polaris_test_sca_type: 'SCA-SIGNATURE'
         polaris_application_name: RAF-ACME-JSC
         polaris_prComment_enabled: 'true'
         polaris_reports_sarif_create: 'true'
         polaris_upload_sarif_report: 'true'
+        coverity_build_command: mvn -B -DskipTests package
+        coverity_clean_command: mvn -B clean        
         github_token: ${{ secrets.GITHUB_TOKEN }}
-        # include_diagnostics: true
+        include_diagnostics: false
 #    - name: Save Logs
 #      if: always()
 #      uses: actions/upload-artifact@v4

From f9bef6b291fd1bae15891f6297021cddd51adc79 Mon Sep 17 00:00:00 2001
From: ron-duck <ronald.felice@blackduck.com>
Date: Fri, 13 Feb 2026 10:59:01 -0500
Subject: [PATCH 4/5] Update Polaris assessment types and enable diagnostics

---
 .github/workflows/polaris-sig.yml | 19 +++++++++----------
 1 file changed, 9 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/polaris-sig.yml b/.github/workflows/polaris-sig.yml
index 12313436..3c1e97d6 100644
--- a/.github/workflows/polaris-sig.yml
+++ b/.github/workflows/polaris-sig.yml
@@ -25,8 +25,7 @@ jobs:
       with:
         polaris_server_url: ${{ vars.POLARIS_SERVERURL }}
         polaris_access_token: ${{ secrets.POLARIS_ACCESSTOKEN }}
-        polaris_assessment_types: 'SAST,SCA'
-        # polaris_test_sca_type: 'SCA-SIGNATURE'
+        polaris_assessment_types: SAST,SCA
         polaris_application_name: RAF-ACME-JSC
         polaris_prComment_enabled: 'true'
         polaris_reports_sarif_create: 'true'
@@ -34,11 +33,11 @@ jobs:
         coverity_build_command: mvn -B -DskipTests package
         coverity_clean_command: mvn -B clean        
         github_token: ${{ secrets.GITHUB_TOKEN }}
-        include_diagnostics: false
-#    - name: Save Logs
-#      if: always()
-#      uses: actions/upload-artifact@v4
-#      with:
-#        name: bridge-logs
-#        path: ${{ github.workspace }}/.bridge
-#        include-hidden-files: true
+        include_diagnostics: true
+    - name: Save Logs
+      if: always()
+      uses: actions/upload-artifact@v4
+      with:
+        name: bridge-logs
+        path: ${{ github.workspace }}/.bridge
+        include-hidden-files: true

From 1c0c2c7b018325c13d088bc51540bd88e49f7d2a Mon Sep 17 00:00:00 2001
From: ron-duck <ronald.felice@blackduck.com>
Date: Fri, 13 Feb 2026 11:03:52 -0500
Subject: [PATCH 5/5] Change Java version and distribution in workflow

---
 .github/workflows/polaris-sig.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/polaris-sig.yml b/.github/workflows/polaris-sig.yml
index 3c1e97d6..202961ad 100644
--- a/.github/workflows/polaris-sig.yml
+++ b/.github/workflows/polaris-sig.yml
@@ -16,8 +16,8 @@ jobs:
     - name: Setup Java JDK
       uses: actions/setup-java@v5
       with:
-        java-version: 21
-        distribution: temurin
+        java-version: 17
+        distribution: microsoft
         cache: maven
     - name: Polaris Scan
       if: ${{ github.event_name != 'pull_request' }}