From cb88dd9a7e9ed71d1cc484f1abc71a34e0e6ea8a Mon Sep 17 00:00:00 2001 From: Rodolphe Fontaine <30529563+Rodi26@users.noreply.github.com> Date: Thu, 17 Oct 2024 21:11:26 +0200 Subject: [PATCH] add scan --- .github/workflows/maven-build.yml | 95 ++++++++++++++++++++++--------- 1 file changed, 69 insertions(+), 26 deletions(-) diff --git a/.github/workflows/maven-build.yml b/.github/workflows/maven-build.yml index caf0038b3..ce4819a71 100644 --- a/.github/workflows/maven-build.yml +++ b/.github/workflows/maven-build.yml @@ -46,29 +46,72 @@ jobs: - name: Run Tests run: ./mvnw -B test - Run_Jmeter_test_plan: - runs-on: ubuntu-latest - needs: Run_test - strategy: - matrix: - java: [ '21' ] - steps: - - uses: actions/checkout@v4 - - name: Set up JDK ${{matrix.java}} - uses: actions/setup-java@v4 - with: - java-version: ${{matrix.java}} - distribution: 'adopt' - cache: maven - - name: run docker - uses: docker-practice/actions-setup-docker@master - - name: Build Docker Image - run: docker build -t spring-petclinic . - - name: Run Docker Container - run: docker run -d -p 8080:8080 spring-petclinic - - name: Run JMeter Action on a test - uses: rbhadti94/apache-jmeter-action@v0.5.0 - with: - testFilePath: src/test/jmeter/petclinic_test_plan.jmx - outputReportsFolder: reports/ - args: "--loglevel INFO" \ No newline at end of file + + + Build_and_push: + runs-on: ubuntu-latest + needs: Run_test + steps: + - name: checkout Git repository + uses: actions/checkout@v4 + - name: Set up JDK 21 + uses: actions/setup-java@v4 + with: + distribution: 'temurin' # See 'Supported distributions' for available options + java-version: '21' + - name: Login to Jfrog Artifactory + uses: docker/login-action@v3 + with: + registry: rodi26.jfrog.io + username: 'rodolphe.fontaine@orange.fr' + password: ${{ secrets.JF_ACCESS_TOKEN }} + - name: Build and push + uses: docker/build-push-action@v6 + with: + push: true + tags: rodi26.jfrog.io/rodi26-docker/spring-petclinic:latest + + scan-repository: + runs-on: ubuntu-latest + needs: Build_and_push + strategy: + matrix: + # The repository scanning will be triggered periodically on the following branches. + branch: ["main"] + steps: + - name: Set up JDK 21 + uses: actions/setup-java@v4 + with: + distribution: 'temurin' # See 'Supported distributions' for available options + java-version: '21' + - uses: jfrog/frogbot@v2.9.2 + env: + # [Mandatory] + # JFrog platform URL + JF_URL: ${{ secrets.JF_URL }} + + # [Mandatory if JF_USER and JF_PASSWORD are not provided] + # JFrog access token with 'read' permissions on Xray service + JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} + + # [Mandatory if JF_ACCESS_TOKEN is not provided] + # JFrog username with 'read' permissions for Xray. Must be provided with JF_PASSWORD + # JF_USER: ${{ secrets.JF_USER }} + + # [Mandatory if JF_ACCESS_TOKEN is not provided] + # JFrog password. Must be provided with JF_USER + # JF_PASSWORD: ${{ secrets.JF_PASSWORD }} + + # [Mandatory] + # The GitHub token is automatically generated for the job + JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + # [Mandatory] + # The name of the branch on which Frogbot will perform the scan + JF_GIT_BASE_BRANCH: ${{ matrix.branch }} + + # [Mandatory if using OIDC authentication protocol instead of JF_ACCESS_TOKEN] + # Insert to oidc-provider-name the 'Provider Name' defined in the OIDC integration configured in the JPD + # with: + # oidc-provider-name: "" + #JF_PATH_EXCLUSIONS: "*gradle*" \ No newline at end of file