From dcdce27795b9db496bf3d577dfff89916726de33 Mon Sep 17 00:00:00 2001 From: "jfrog-app-demo-v1[bot]" <182506936+jfrog-app-demo-v1[bot]@users.noreply.github.com> Date: Thu, 26 Sep 2024 12:47:04 +0000 Subject: [PATCH 1/2] Added frogbot-scan-repository.yml on jfrog-github-app/add-frogbot-configurations --- .github/workflows/frogbot-scan-repository.yml | 37 +++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 .github/workflows/frogbot-scan-repository.yml diff --git a/.github/workflows/frogbot-scan-repository.yml b/.github/workflows/frogbot-scan-repository.yml new file mode 100644 index 0000000..33a5cc8 --- /dev/null +++ b/.github/workflows/frogbot-scan-repository.yml @@ -0,0 +1,37 @@ +name: "Frogbot Scan Repository" +on: + workflow_dispatch: + schedule: + # The repository will be scanned once a day at 00:00 GMT. + - cron: "0 0 * * *" +permissions: + contents: write + pull-requests: write + security-events: write +jobs: + scan-repository: + runs-on: ubuntu-latest + name: Scan Repository (${{ matrix.branch }} branch) + strategy: + matrix: + # The repository scanning will be triggered periodically on the following branches. + branch: [ "main" ] + steps: + - uses: jfrog/frogbot@v2 + env: + JFROG_CLI_LOG_LEVEL: "DEBUG" + # [Mandatory] + # JFrog platform URL (This functionality requires version 3.29.0 or above of Xray) + JF_URL: ${{ secrets.FROGBOT_URL }} + + # [Mandatory if JF_USER and JF_PASSWORD are not provided] + # JFrog access token with 'read' permissions on Xray service + JF_ACCESS_TOKEN: ${{ secrets.FROGBOT_ACCESS_TOKEN }} + + # [Mandatory] + # The GitHub token is automatically generated for the job + JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + # [Mandatory] + # The name of the branch on which Frogbot will perform the scan + JF_GIT_BASE_BRANCH: ${{ matrix.branch }} \ No newline at end of file From 701a898adf745e4b0449433a1ad8f8e052224cfc Mon Sep 17 00:00:00 2001 From: "jfrog-app-demo-v1[bot]" <182506936+jfrog-app-demo-v1[bot]@users.noreply.github.com> Date: Thu, 26 Sep 2024 12:47:05 +0000 Subject: [PATCH 2/2] Added frogbot-scan-pull-request.yml on jfrog-github-app/add-frogbot-configurations --- .../workflows/frogbot-scan-pull-request.yml | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 .github/workflows/frogbot-scan-pull-request.yml diff --git a/.github/workflows/frogbot-scan-pull-request.yml b/.github/workflows/frogbot-scan-pull-request.yml new file mode 100644 index 0000000..3d6fe39 --- /dev/null +++ b/.github/workflows/frogbot-scan-pull-request.yml @@ -0,0 +1,28 @@ +jobs: + scan-pull-request: + runs-on: ubuntu-latest + # A pull request needs to be approved before Frogbot scans it. Any GitHub user who is associated with the + # "frogbot" GitHub environment can approve the pull request to be scanned. + environment: frogbot + steps: + - uses: jfrog/frogbot@v2 + env: + # [Mandatory] + # JFrog platform URL + JF_URL: ${{ vars.JF_URL }} + + # [Mandatory if JF_USER and JF_PASSWORD are not provided] + # JFrog access token with 'read' permissions on Xray service + JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} + + # [Mandatory if JF_ACCESS_TOKEN is not provided] + # JFrog username with 'read' permissions for Xray. Must be provided with JF_PASSWORD + # JF_USER: ${{ secrets.JF_USER }} + + # [Mandatory if JF_ACCESS_TOKEN is not provided] + # JFrog password. Must be provided with JF_USER + # JF_PASSWORD: ${{ secrets.JF_PASSWORD }} + + # [Mandatory] + # The GitHub token is automatically generated for the job + JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file