Patrick.Sy/spring-petclinic
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-petclinic.git synced 2025-07-25 01:05:48 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

trying to publish SCA report to Artifactory

Browse source
This commit is contained in:
Dan Alima 2023-12-31 17:01:39 +02:00
parent 8eb7236448
commit 4296e454fc
1 changed files with 10 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
.github/workflows/maven-build.yml vendored
View file

@ -9,7 +9,9 @@ on:
jobs: jobs:
build: build:
env: env:
IMAGE_NAME: danvid.jfrog.io/spring-petclinic-docker/spring-petclinic JF_REPO_NAME: danvid.jfrog.io
JF_REPO_PATH: spring-petclinic-docker
IMAGE_NAME: "spring-petclinic"
SCA_REPORT_FILE: jfrog_sca_report.json SCA_REPORT_FILE: jfrog_sca_report.json
runs-on: ubuntu-latest runs-on: ubuntu-latest
@ -37,12 +39,13 @@ jobs:
run: ./mvnw test run: ./mvnw test
- name: Package the project as a runnable Docker image - name: Package the project as a runnable Docker image
run: | run: |
jf docker build -t ${{ env.IMAGE_NAME }}:${{ github.sha }} -t ${{ env.IMAGE_NAME }}:latest . jf docker build -t ${{ env.JF_REPO_NAME }}/${{ env.JF_REPO_PATH }}/${{ env.IMAGE_NAME }}:${{ github.sha }} -t ${{ env.JF_REPO_NAME }}/${{ env.JF_REPO_PATH }}/${{ env.IMAGE_NAME }}:latest .
- name: Scan the project with your preferred SCA tool - name: Scan the project with your preferred SCA tool
run: | run: |
jf docker scan --format json ${{ env.IMAGE_NAME }}:${{ github.sha }} > ${{ env.SCA_REPORT_FILE }} jf docker scan --format json ${{ env.JF_REPO_NAME }}/${{ env.JF_REPO_PATH }}/${{ env.IMAGE_NAME }}:${{ github.sha }} > ${{ env.SCA_REPORT_FILE }}
- uses: actions/upload-artifact@v4 - name: Assign the SCA report to this Github Action workflow as an artifact
uses: actions/upload-artifact@v4
with: with:
name: sca_report name: sca_report
path: ${{ env.SCA_REPORT_FILE }} path: ${{ env.SCA_REPORT_FILE }}
@ -55,7 +58,7 @@ jobs:
JFROG_CLI_BUILD_NUMBER : ${{ github.run_number }} JFROG_CLI_BUILD_NUMBER : ${{ github.run_number }}
run: | run: |
# Push Docker Image to Artifactory # Push Docker Image to Artifactory
jf docker push ${{ env.IMAGE_NAME }} --all-tags jf docker push ${{ env.JF_REPO_NAME }}/${{ env.JF_REPO_PATH }}/${{ env.IMAGE_NAME }} --all-tags
# Export the build name and build nuber # Export the build name and build nuber
# Collect environment variables for the build # Collect environment variables for the build
jf rt build-collect-env jf rt build-collect-env
@ -63,5 +66,7 @@ jobs:
jf rt build-add-git jf rt build-add-git
# Publish build info # Publish build info
jf rt build-publish jf rt build-publish
# Publish the local SCA scan report
jf rt upload ${{ env.SCA_REPORT_FILE }} ${{ env.JF_REPO_NAME }}/${{ env.JF_REPO_PATH }}/${{ env.SCA_REPORT_FILE }}_${{ env.IMAGE_NAME }}:${{ github.sha }}