https://community.databricks.com/t5/get-started-discussions/blackduck-scanning-on-databricks-workflow/m-p/129794#M10613 <P>Does anyone know if its compatible scan in blackduck your json based files from Workflows?&nbsp;</P><P>&nbsp;</P><P>At least, when its come to the notebook its compatible as blackduck detects python based files but i am wondering why can workflow be scanned as well.</P> Tue, 26 Aug 2025 10:19:50 GMT fjrodriguez 2025-08-26T10:19:50Z https://community.databricks.com/t5/get-started-discussions/blackduck-scanning-on-databricks-workflow/m-p/129794#M10613 <P>Does anyone know if its compatible scan in blackduck your json based files from Workflows?&nbsp;</P><P>&nbsp;</P><P>At least, when its come to the notebook its compatible as blackduck detects python based files but i am wondering why can workflow be scanned as well.</P> Tue, 26 Aug 2025 10:19:50 GMT https://community.databricks.com/t5/get-started-discussions/blackduck-scanning-on-databricks-workflow/m-p/129794#M10613 fjrodriguez 2025-08-26T10:19:50Z https://community.databricks.com/t5/get-started-discussions/blackduck-scanning-on-databricks-workflow/m-p/132514#M10726 <DIV class="prose text-pretty dark:prose-invert inline leading-relaxed break-words min-w-0 [word-break:break-word] prose-strong:font-medium"> <P>Hi <a href="https://community.databricks.com/t5/user/viewprofilepage/user-id/176268">@fjrodriguez</a>&nbsp;,</P> <P>Have you found your answer already? I hope I understand your question correctly. I think Databricks Asset Bundles (or Terraform) can be a useful tool to be added here, if you haven't looked at it already.</P> <UL class="marker:text-quiet list-disc"> <LI class="py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0"> <P class="my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2"><STRONG>Yes, you can and should scan both Python and JSON files</STRONG> (e.g., Databricks Workflow configs) with BlackDuck to detect vulnerabilities and exposed secrets such as API tokens.</P> </LI> <LI class="py-0 my-0 prose-p:pt-0 prose-p:mb-2 prose-p:my-0 [&amp;&gt;p]:pt-0 [&amp;&gt;p]:mb-2 [&amp;&gt;p]:my-0"> <P class="my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2"><STRONG>Databricks Asset Bundles</STRONG> let you manage all related Python scripts and JSON configuration files together in a Git repository. This structure makes it easy to apply automated BlackDuck scans across your entire Databricks project using CI/CD pipelines, ensuring all assets are checked for security issues before deployment.</P> </LI> </UL> <P class="my-2 [&amp;+p]:mt-4 [&amp;_strong:has(+br)]:inline-block [&amp;_strong:has(+br)]:pb-2">This approach helps you maintain security and compliance across your Databricks workflows.&nbsp;</P> </DIV> <OL> <LI><A href="https://wdcnet.com.br/wp-content/uploads/2025/01/Black-Duck-Secrets-Scanning.pdf" target="_blank">https://wdcnet.com.br/wp-content/uploads/2025/01/Black-Duck-Secrets-Scanning.pdf</A></LI> <LI><A href="https://www.blackduck.com/blog/finding-hard-coded-secrets-before-you-suffer-a-breach.html" target="_blank">https://www.blackduck.com/blog/finding-hard-coded-secrets-before-you-suffer-a-breach.html</A></LI> <LI><A href="https://community.databricks.com/t5/technical-blog/ci-cd-integration-with-databricks-workflows/ba-p/81821" target="_blank">https://community.databricks.com/t5/technical-blog/ci-cd-integration-with-databricks-workflows/ba-p/81821</A></LI> <LI><A href="https://docs.databricks.com/aws/en/dev-tools/ci-cd/" target="_blank">https://docs.databricks.com/aws/en/dev-tools/ci-cd/</A></LI> <LI><A href="https://documentation.blackduck.com/category/cicd_integrations" target="_blank">https://documentation.blackduck.com/category/cicd_integrations</A></LI> </OL> Fri, 19 Sep 2025 02:32:27 GMT https://community.databricks.com/t5/get-started-discussions/blackduck-scanning-on-databricks-workflow/m-p/132514#M10726 koji_kawamura 2025-09-19T02:32:27Z