cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 
Help
Get Started Discussions
Start your journey with Databricks by joining discussions on getting started guides, tutorials, and introductory topics. Connect with beginners and experts alike to kickstart your Databricks experience.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forย 
Search instead forย 
Did you mean:ย 

Blackduck scanning on Databricks Workflow

fjrodriguez
New Contributor II

a month ago

Does anyone know if its compatible scan in blackduck your json based files from Workflows? 

 

At least, when its come to the notebook its compatible as blackduck detects python based files but i am wondering why can workflow be scanned as well.

Labels:
0 Kudos
1 REPLY 1

koji_kawamura
Databricks Employee
Databricks Employee

Thursday

Hi @fjrodriguez ,

Have you found your answer already? I hope I understand your question correctly. I think Databricks Asset Bundles (or Terraform) can be a useful tool to be added here, if you haven't looked at it already.

  • Yes, you can and should scan both Python and JSON files (e.g., Databricks Workflow configs) with BlackDuck to detect vulnerabilities and exposed secrets such as API tokens.

  • Databricks Asset Bundles let you manage all related Python scripts and JSON configuration files together in a Git repository. This structure makes it easy to apply automated BlackDuck scans across your entire Databricks project using CI/CD pipelines, ensuring all assets are checked for security issues before deployment.

This approach helps you maintain security and compliance across your Databricks workflows. 

  1. https://wdcnet.com.br/wp-content/uploads/2025/01/Black-Duck-Secrets-Scanning.pdf
  2. https://www.blackduck.com/blog/finding-hard-coded-secrets-before-you-suffer-a-breach.html
  3. https://community.databricks.com/t5/technical-blog/ci-cd-integration-with-databricks-workflows/ba-p/...
  4. https://docs.databricks.com/aws/en/dev-tools/ci-cd/
  5. https://documentation.blackduck.com/category/cicd_integrations

Join Us as a Local Community Builder!

Passionate about hosting events and connecting people? Help us grow a vibrant local communityโ€”sign up today to get started!

Sign Up Now
Announcements