Add BlackDuck license scan workflow

.github/workflows/blackduck.yaml

@@ -0,0 +1,42 @@
+name: CI-BlackDuck-SCA-Basic
+on:
+  push:
+    branches:
+      - blackduck # main
+  # pull_request:
+  # workflow_dispatch:
+
+jobs:
+  build:
+    runs-on:
+      - ubuntu-latest
+    steps:
+      - name: Checkout Source
+        uses: actions/checkout@v3
+      - name: Black Duck SCA Scan
+        uses: blackduck-inc/black-duck-security-scan@v2.0.0
+
+        ### Configure DETECT environment variables
+        env:
+          DETECT_PROJECT_NAME: ${{ github.event.repository.name }}
+
+        with:
+          ### SCANNING: Required fields
+          blackducksca_url: https://apus-blackduck.volvocars.biz
+          blackducksca_token: ${{ secrets.BLACKDUCK_TOKEN }}
+
+          ### SCANNING: Optional fields
+          # blackducksca_scan_failure_severities: 'BLOCKER,CRITICAL'
+
+          ### FIX PULL REQUEST CREATION: Uncomment below to enable
+          # blackducksca_fixpr_enabled: true
+          # github_token: ${{ secrets.GITHUB_TOKEN }} # Required when Fix PRs is enabled
+
+          ### PULL REQUEST COMMENTS: Uncomment below to enable
+          # blackducksca_prcomment_enabled: true
+          # github_token: ${{ secrets.GITHUB_TOKEN }} # Required when PR comments is enabled
+
+          ### SARIF report generation and upload to GitHub Adavanced Security: Uncomment below to enable
+          # blackducksca_reports_sarif_create: true # Create Black Duck SCA SARIF report and upload it as artifact
+          # blackducksca_upload_sarif_report: true  # Upload Black Duck SCA SARIF report in GitHub Advanced Security tab
+          # github_token: ${{ secrets.GITHUB_TOKEN }} # Required when blackducksca_upload_sarif_report is set as true