trying to publish SCA report to Artifactory

This commit is contained in:
Dan Alima 2023-12-31 17:01:39 +02:00
parent 8eb7236448
commit 4296e454fc

View file

@ -9,7 +9,9 @@ on:
jobs: jobs:
build: build:
env: env:
IMAGE_NAME: danvid.jfrog.io/spring-petclinic-docker/spring-petclinic JF_REPO_NAME: danvid.jfrog.io
JF_REPO_PATH: spring-petclinic-docker
IMAGE_NAME: "spring-petclinic"
SCA_REPORT_FILE: jfrog_sca_report.json SCA_REPORT_FILE: jfrog_sca_report.json
runs-on: ubuntu-latest runs-on: ubuntu-latest
@ -37,12 +39,13 @@ jobs:
run: ./mvnw test run: ./mvnw test
- name: Package the project as a runnable Docker image - name: Package the project as a runnable Docker image
run: | run: |
jf docker build -t ${{ env.IMAGE_NAME }}:${{ github.sha }} -t ${{ env.IMAGE_NAME }}:latest . jf docker build -t ${{ env.JF_REPO_NAME }}/${{ env.JF_REPO_PATH }}/${{ env.IMAGE_NAME }}:${{ github.sha }} -t ${{ env.JF_REPO_NAME }}/${{ env.JF_REPO_PATH }}/${{ env.IMAGE_NAME }}:latest .
- name: Scan the project with your preferred SCA tool - name: Scan the project with your preferred SCA tool
run: | run: |
jf docker scan --format json ${{ env.IMAGE_NAME }}:${{ github.sha }} > ${{ env.SCA_REPORT_FILE }} jf docker scan --format json ${{ env.JF_REPO_NAME }}/${{ env.JF_REPO_PATH }}/${{ env.IMAGE_NAME }}:${{ github.sha }} > ${{ env.SCA_REPORT_FILE }}
- uses: actions/upload-artifact@v4 - name: Assign the SCA report to this Github Action workflow as an artifact
uses: actions/upload-artifact@v4
with: with:
name: sca_report name: sca_report
path: ${{ env.SCA_REPORT_FILE }} path: ${{ env.SCA_REPORT_FILE }}
@ -55,7 +58,7 @@ jobs:
JFROG_CLI_BUILD_NUMBER : ${{ github.run_number }} JFROG_CLI_BUILD_NUMBER : ${{ github.run_number }}
run: | run: |
# Push Docker Image to Artifactory # Push Docker Image to Artifactory
jf docker push ${{ env.IMAGE_NAME }} --all-tags jf docker push ${{ env.JF_REPO_NAME }}/${{ env.JF_REPO_PATH }}/${{ env.IMAGE_NAME }} --all-tags
# Export the build name and build nuber # Export the build name and build nuber
# Collect environment variables for the build # Collect environment variables for the build
jf rt build-collect-env jf rt build-collect-env
@ -63,5 +66,7 @@ jobs:
jf rt build-add-git jf rt build-add-git
# Publish build info # Publish build info
jf rt build-publish jf rt build-publish
# Publish the local SCA scan report
jf rt upload ${{ env.SCA_REPORT_FILE }} ${{ env.JF_REPO_NAME }}/${{ env.JF_REPO_PATH }}/${{ env.SCA_REPORT_FILE }}_${{ env.IMAGE_NAME }}:${{ github.sha }}