Blackduck scanning on Databricks Workflow
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-26-2025 03:19 AM
Does anyone know if its compatible scan in blackduck your json based files from Workflows?
At least, when its come to the notebook its compatible as blackduck detects python based files but i am wondering why can workflow be scanned as well.
- Labels:
-
Blackduck
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-18-2025 07:32 PM
Hi @fjrodriguez ,
Have you found your answer already? I hope I understand your question correctly. I think Databricks Asset Bundles (or Terraform) can be a useful tool to be added here, if you haven't looked at it already.
-
Yes, you can and should scan both Python and JSON files (e.g., Databricks Workflow configs) with BlackDuck to detect vulnerabilities and exposed secrets such as API tokens.
-
Databricks Asset Bundles let you manage all related Python scripts and JSON configuration files together in a Git repository. This structure makes it easy to apply automated BlackDuck scans across your entire Databricks project using CI/CD pipelines, ensuring all assets are checked for security issues before deployment.
This approach helps you maintain security and compliance across your Databricks workflows.
- https://wdcnet.com.br/wp-content/uploads/2025/01/Black-Duck-Secrets-Scanning.pdf
- https://www.blackduck.com/blog/finding-hard-coded-secrets-before-you-suffer-a-breach.html
- https://community.databricks.com/t5/technical-blog/ci-cd-integration-with-databricks-workflows/ba-p/...
- https://docs.databricks.com/aws/en/dev-tools/ci-cd/
- https://documentation.blackduck.com/category/cicd_integrations