From 3e3c2afff8fefe755808cd350c8ec45b3f1bcb43 Mon Sep 17 00:00:00 2001
From: Jesse Houldsworth <jesseh@jfrog.com>
Date: Mon, 17 Mar 2025 11:50:18 -0700
Subject: [PATCH] adding xray scan

---
 .github/workflows/ci-pipeline.yml | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/ci-pipeline.yml b/.github/workflows/ci-pipeline.yml
index 222b6353c..51e41e0a8 100644
--- a/.github/workflows/ci-pipeline.yml
+++ b/.github/workflows/ci-pipeline.yml
@@ -73,7 +73,14 @@ jobs:
             --build-number="${{ github.run_id }}"
 
       #################################################
-      # 8) Build Docker Image
+      # 8) Scan with XRay
+      #################################################
+      - name: Scan Artifact
+        run: |
+          jf scan /path/to/artifact
+          
+      #################################################
+      # 9) Build Docker Image
       #################################################
       - name: Build Docker Image
         run: |
@@ -81,7 +88,7 @@ jobs:
         # Builds the application into a Docker image and tags it with the GitHub run ID
 
       #################################################
-      # 9) Push Docker Image to JFrog Artifactory
+      # 10) Push Docker Image to JFrog Artifactory
       #################################################
       - name: Docker Push to Artifactory
         run: |
@@ -93,7 +100,7 @@ jobs:
         # Uploads the built Docker image to Artifactory for storage and deployment
 
       #################################################
-      # 10) Publish Build Information to JFrog
+      # 11) Publish Build Information to JFrog
       #################################################
       - name: Publish Build Info
         run: |