From e41ffab87319b0e5a54d1eeefa3ad0410bc8eb17 Mon Sep 17 00:00:00 2001
From: Dan Alima <ddalimaspam@gmail.com>
Date: Sun, 31 Dec 2023 13:38:50 +0200
Subject: [PATCH] generate a json report

---
 .github/workflows/maven-build.yml | 24 +++---------------------
 1 file changed, 3 insertions(+), 21 deletions(-)

diff --git a/.github/workflows/maven-build.yml b/.github/workflows/maven-build.yml
index 1212db4d7..c251abc96 100644
--- a/.github/workflows/maven-build.yml
+++ b/.github/workflows/maven-build.yml
@@ -45,28 +45,10 @@ jobs:
 
       - name: Scan the project with your preferred SCA tool
         run: |
-          jf docker scan danvid.jfrog.io/assignment-docker/spring-petclinic:${{ github.sha }}
+          jf docker scan --format json danvid.jfrog.io/assignment-docker/spring-petclinic:${{ github.sha }} > jfrog_sca_report.json
   
       - uses: actions/upload-artifact@v4
         with:
-          name: my-artifact
-          path: /tmp/jfrog.cli.temp*
+          name: jfrog_sca_report
+          path: jfrog_sca_report.json
 
-      - name: Publish Build info With JFrog CLI
-        env:
-          # Generated and maintained by GitHub
-          JFROG_CLI_BUILD_NAME: spring-petclinic
-          # JFrog organization secret
-          JFROG_CLI_BUILD_NUMBER : ${{ github.run_number }}
-        run: |
-          # Bonus part: Publish the image to JFrog Artifactory in your pipeline (using the SaaS trial)
-          jf docker push $IMAGE_NAME
-          # Export the build name and build nuber
-          # Collect environment variables for the build
-          jf rt build-collect-env
-          # Collect VCS details from git and add them to the build
-          jf rt build-add-git
-          # Publish build info
-          jf rt build-publish
-
-    
\ No newline at end of file