From e30adc1e956117cb8cf4cb8b0c21f5b37858d30f Mon Sep 17 00:00:00 2001
From: Dan Alima <ddalimaspam@gmail.com>
Date: Sat, 30 Dec 2023 23:54:28 +0200
Subject: [PATCH] replace Trivy with JFrog SCA

---
 .github/workflows/maven-build.yml | 19 +++++++------------
 1 file changed, 7 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/maven-build.yml b/.github/workflows/maven-build.yml
index 4662145e9..a56e9f184 100644
--- a/.github/workflows/maven-build.yml
+++ b/.github/workflows/maven-build.yml
@@ -60,15 +60,10 @@ jobs:
           jf rt build-publish
 
       - name: Scan the project with your preferred SCA tool
-        uses: aquasecurity/trivy-action@master
-        with:
-          image-ref: 'danvid.jfrog.io/assignment-docker/spring-petclinic:${{ github.sha }}'
-          format: 'sarif'
-          output: 'trivy-results.sarif'
-          ignore-unfixed: true
-          vuln-type: 'os,library'
-          severity: 'CRITICAL,HIGH'
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v2
-        with:
-          sarif_file: 'trivy-results.sarif'
+        uses: jfrog/setup-jfrog-cli@v3
+        env:
+          JF_URL: ${{ secrets.JF_URL }}
+          JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
+      - run: |
+          jf scan danvid.jfrog.io/assignment-docker/spring-petclinic:${{ github.sha }}
+    
\ No newline at end of file