From 4e0bcb975a6b2c550de9c2e1024fe3354d6a26b5 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 12:39:33 -0800 Subject: [PATCH 01/74] Update frogbot-scan-and-fix.yml --- .github/workflows/frogbot-scan-and-fix.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/frogbot-scan-and-fix.yml b/.github/workflows/frogbot-scan-and-fix.yml index f34595c..51976f5 100644 --- a/.github/workflows/frogbot-scan-and-fix.yml +++ b/.github/workflows/frogbot-scan-and-fix.yml @@ -12,7 +12,7 @@ name: "Frogbot Scan and Fix" on: push: - branches: [ "main" ] + branches: [ "main", "byron-test" ] permissions: contents: write pull-requests: write @@ -45,7 +45,7 @@ jobs: # [Mandatory if JF_USER and JF_PASSWORD are not provided] # JFrog access token with 'read' permissions on Xray service - #JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} + JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} # [Mandatory if JF_ACCESS_TOKEN is not provided] # JFrog username with 'read' permissions for Xray. Must be provided with JF_PASSWORD From af3ccdc154bcfb96e9580d863bffab9f66096133 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 12:40:36 -0800 Subject: [PATCH 02/74] Create forgbot-scan-repository.yml --- .github/workflows/forgbot-scan-repository.yml | 50 +++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 .github/workflows/forgbot-scan-repository.yml diff --git a/.github/workflows/forgbot-scan-repository.yml b/.github/workflows/forgbot-scan-repository.yml new file mode 100644 index 0000000..35b496a --- /dev/null +++ b/.github/workflows/forgbot-scan-repository.yml @@ -0,0 +1,50 @@ +name: "Frogbot Scan Repository" +on: + workflow_dispatch: + schedule: + # The repository will be scanned once a day at 00:00 GMT. + - cron: "0 0 * * *" +permissions: + contents: write + pull-requests: write + security-events: write + # [Mandatory If using OIDC authentication protocol instead of JF_ACCESS_TOKEN] + # id-token: write +jobs: + scan-repository: + runs-on: ubuntu-latest + strategy: + matrix: + # The repository scanning will be triggered periodically on the following branches. + branch: ["dev"] + steps: + - uses: jfrog/frogbot@v2 + env: + # [Mandatory] + # JFrog platform URL + JF_URL: ${{ secrets.JF_URL }} + + # [Mandatory if JF_USER and JF_PASSWORD are not provided] + # JFrog access token with 'read' permissions on Xray service + JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} + + # [Mandatory if JF_ACCESS_TOKEN is not provided] + # JFrog username with 'read' permissions for Xray. Must be provided with JF_PASSWORD + # JF_USER: ${{ secrets.JF_USER }} + + # [Mandatory if JF_ACCESS_TOKEN is not provided] + # JFrog password. Must be provided with JF_USER + # JF_PASSWORD: ${{ secrets.JF_PASSWORD }} + + # [Mandatory] + # The GitHub token is automatically generated for the job + JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + # [Mandatory] + # The name of the branch on which Frogbot will perform the scan + JF_GIT_BASE_BRANCH: ${{ matrix.branch }} + + # [Mandatory if using OIDC authentication protocol instead of JF_ACCESS_TOKEN] + # Insert to oidc-provider-name the 'Provider Name' defined in the OIDC integration configured in the JPD + # with: + # oidc-provider-name: "" From 347d4340e8ffb0c1d29d59dc02c9961b856f42d7 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 12:41:05 -0800 Subject: [PATCH 03/74] Update forgbot-scan-repository.yml --- .github/workflows/forgbot-scan-repository.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/forgbot-scan-repository.yml b/.github/workflows/forgbot-scan-repository.yml index 35b496a..8e03ef6 100644 --- a/.github/workflows/forgbot-scan-repository.yml +++ b/.github/workflows/forgbot-scan-repository.yml @@ -16,7 +16,7 @@ jobs: strategy: matrix: # The repository scanning will be triggered periodically on the following branches. - branch: ["dev"] + branch: ["byron-test"] steps: - uses: jfrog/frogbot@v2 env: From 24e6a0f7284c4476298a31685ab6cc56c64b77ec Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 12:45:42 -0800 Subject: [PATCH 04/74] Create forgbot-config.yml --- .frogbot/forgbot-config.yml | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 .frogbot/forgbot-config.yml diff --git a/.frogbot/forgbot-config.yml b/.frogbot/forgbot-config.yml new file mode 100644 index 0000000..b7b4cb6 --- /dev/null +++ b/.frogbot/forgbot-config.yml @@ -0,0 +1,6 @@ +- params: + git: + repoName: jfrog-github-example + branches: + - byron-test + - main From d7a6b3df8ff6729b71eed8bc320f3c6b0515f6e2 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 12:48:28 -0800 Subject: [PATCH 05/74] Update forgbot-config.yml --- .frogbot/forgbot-config.yml | 43 +++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/.frogbot/forgbot-config.yml b/.frogbot/forgbot-config.yml index b7b4cb6..361343e 100644 --- a/.frogbot/forgbot-config.yml +++ b/.frogbot/forgbot-config.yml @@ -4,3 +4,46 @@ branches: - byron-test - main + # Frogbot scanning parameters + scan: + # [Default: false] + # Frogbot displays all existing vulnerabilities, including the ones that were not added by the pull request + includeAllVulnerabilities: true + + # [Default: true] + # Frogbot does not fail the task if security issues are found and this parameter is set to false + # failOnSecurityIssues: false + + # List of subprojects / project dirs inside the Git repository + projects: + # [Mandatory for projects which use npm, yarn 2, nuget and dotnet to download their dependencies] + # Installation command (e.g. npm i, nuget restore) + # - installCommand: "" + + # [Default: root directory] + # List of relative path's to the projects directories in the git repository + # workingDirs: + # - "." + + # [Mandatory for pip only if using requirements file, Default: pip install .] + # The requirements file name that used to install dependencies in case of pip package manager + # pipRequirementsFile: "" + + # [Default: true] + # Use Gradle Wrapper (gradlew/gradlew.bat) to run Gradle + # useWrapper: true + + # [Optional] + # Name of a Virtual Repository in Artifactory to resolve (download) the project dependencies from + # repository: "" + + # JFrog Platform parameters + jfrogPlatform: + # [Optional] + # JFrog project key. Learn more about it [here](https://www.jfrog.com/confluence/display/JFROG/Projects) + # jfrogProjectKey: "" + + # [Optional] + # Xray Watches. Learn more about it [here](https://www.jfrog.com/confluence/display/JFROG/Configuring+Xray+Watches) + # watches: + # - "" From ddeb27a2d25ced4fd54f74df9acbef091f3040d5 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 12:57:14 -0800 Subject: [PATCH 06/74] Update frogbot-scan-and-fix.yml --- .github/workflows/frogbot-scan-and-fix.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/frogbot-scan-and-fix.yml b/.github/workflows/frogbot-scan-and-fix.yml index 51976f5..54789b8 100644 --- a/.github/workflows/frogbot-scan-and-fix.yml +++ b/.github/workflows/frogbot-scan-and-fix.yml @@ -30,7 +30,7 @@ jobs: - uses: jfrog/frogbot@v2 with: - oidc-provider-name: jfrog-github-oidc + oidc-provider-name: byron-juice-shop env: # [Mandatory if the two conditions below are met] # 1. The project uses npm, yarn 2, NuGet or .NET to download its dependencies From 7f5606a4c68088920953bf206107250c35d46108 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 12:57:55 -0800 Subject: [PATCH 07/74] Update frogbot-scan-pr.yml --- .github/workflows/frogbot-scan-pr.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/frogbot-scan-pr.yml b/.github/workflows/frogbot-scan-pr.yml index fc3f6ab..ee66709 100644 --- a/.github/workflows/frogbot-scan-pr.yml +++ b/.github/workflows/frogbot-scan-pr.yml @@ -35,7 +35,7 @@ jobs: - uses: jfrog/frogbot@v2 with: - oidc-provider-name: jfrog-github-oidc + oidc-provider-name: byron-juice-shop env: JFROG_CLI_LOG_LEVEL: DEBUG # [Mandatory if the two conditions below are met] From f1985e793c10017d89eac415effc1a22e58e5a2d Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 12:59:12 -0800 Subject: [PATCH 08/74] Rename forgbot-config.yml to frogbot-config.yml --- .frogbot/{forgbot-config.yml => frogbot-config.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .frogbot/{forgbot-config.yml => frogbot-config.yml} (100%) diff --git a/.frogbot/forgbot-config.yml b/.frogbot/frogbot-config.yml similarity index 100% rename from .frogbot/forgbot-config.yml rename to .frogbot/frogbot-config.yml From 683e85b20b87b2116ba942d817a346267d87d026 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 13:42:13 -0800 Subject: [PATCH 09/74] Update forgbot-scan-repository.yml --- .github/workflows/forgbot-scan-repository.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/forgbot-scan-repository.yml b/.github/workflows/forgbot-scan-repository.yml index 8e03ef6..702b5ae 100644 --- a/.github/workflows/forgbot-scan-repository.yml +++ b/.github/workflows/forgbot-scan-repository.yml @@ -46,5 +46,5 @@ jobs: # [Mandatory if using OIDC authentication protocol instead of JF_ACCESS_TOKEN] # Insert to oidc-provider-name the 'Provider Name' defined in the OIDC integration configured in the JPD - # with: - # oidc-provider-name: "" + with: + oidc-provider-name: "byron-juice-shop" From 7ec75e37f8277c74a0332a2c88340cef73dfa4cd Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 13:42:36 -0800 Subject: [PATCH 10/74] Update frogbot-scan-and-fix.yml --- .github/workflows/frogbot-scan-and-fix.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/frogbot-scan-and-fix.yml b/.github/workflows/frogbot-scan-and-fix.yml index 54789b8..c3b1d2c 100644 --- a/.github/workflows/frogbot-scan-and-fix.yml +++ b/.github/workflows/frogbot-scan-and-fix.yml @@ -30,7 +30,7 @@ jobs: - uses: jfrog/frogbot@v2 with: - oidc-provider-name: byron-juice-shop + oidc-provider-name: "byron-juice-shop" env: # [Mandatory if the two conditions below are met] # 1. The project uses npm, yarn 2, NuGet or .NET to download its dependencies From 2a0d2c3be2ee02fd2aee1c26cf47304cf5ca83d7 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 13:42:53 -0800 Subject: [PATCH 11/74] Update frogbot-scan-pr.yml --- .github/workflows/frogbot-scan-pr.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/frogbot-scan-pr.yml b/.github/workflows/frogbot-scan-pr.yml index ee66709..0695ae6 100644 --- a/.github/workflows/frogbot-scan-pr.yml +++ b/.github/workflows/frogbot-scan-pr.yml @@ -35,7 +35,7 @@ jobs: - uses: jfrog/frogbot@v2 with: - oidc-provider-name: byron-juice-shop + oidc-provider-name: "byron-juice-shop" env: JFROG_CLI_LOG_LEVEL: DEBUG # [Mandatory if the two conditions below are met] From 5d8ec4d8721233a51dfafc7972ca3d01e4f10109 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 14:26:03 -0800 Subject: [PATCH 12/74] Update frogbot-scan-and-fix.yml --- .github/workflows/frogbot-scan-and-fix.yml | 50 ---------------------- 1 file changed, 50 deletions(-) diff --git a/.github/workflows/frogbot-scan-and-fix.yml b/.github/workflows/frogbot-scan-and-fix.yml index c3b1d2c..a7c424f 100644 --- a/.github/workflows/frogbot-scan-and-fix.yml +++ b/.github/workflows/frogbot-scan-and-fix.yml @@ -1,14 +1,3 @@ -# This workflow uses actions that are not certified by GitHub. -# They are provided by a third-party and are governed by -# separate terms of service, privacy policy, and support -# documentation. -# Frogbot Scan and Fix does the following: -# Automatically creates pull requests with fixes for vulnerable project dependencies. -# Uses JFrog Xray to scan the project. -# Read more about Frogbot here - https://github.com/jfrog/frogbot#frogbot - -# Some projects require creating a frogbot-config.yml file. Read more about it here - https://github.com/jfrog/frogbot/blob/master/docs/frogbot-config.md - name: "Frogbot Scan and Fix" on: push: @@ -24,50 +13,11 @@ jobs: steps: - uses: actions/checkout@v4 - # IMPORTANT: - # 1. See the following link for information about the tools that need to be installed for Frogbot to work - https://github.com/jfrog/frogbot/tree/master/docs/templates/github-actions/scan-and-fix - # 2. Some projects require creating a frogbot-config.yml file. Read more about it here - https://github.com/jfrog/frogbot/blob/master/docs/frogbot-config.md - - uses: jfrog/frogbot@v2 with: oidc-provider-name: "byron-juice-shop" env: - # [Mandatory if the two conditions below are met] - # 1. The project uses npm, yarn 2, NuGet or .NET to download its dependencies - # 2. The `installCommand` variable isn't set in your frogbot-config.yml file. - # - # The command that installs the project dependencies (e.g "npm i", "nuget restore" or "dotnet restore") - # JF_INSTALL_DEPS_CMD: "" - - # [Mandatory] - # JFrog platform URL JF_URL: https://${{ vars.JF_URL }}/ - - # [Mandatory if JF_USER and JF_PASSWORD are not provided] - # JFrog access token with 'read' permissions on Xray service JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} - - # [Mandatory if JF_ACCESS_TOKEN is not provided] - # JFrog username with 'read' permissions for Xray. Must be provided with JF_PASSWORD - # JF_USER: ${{ secrets.JF_USER }} - - # [Mandatory if JF_ACCESS_TOKEN is not provided] - # JFrog password. Must be provided with JF_USER - # JF_PASSWORD: ${{ secrets.JF_PASSWORD }} - - # [Mandatory] - # The GitHub token automatically generated for the job JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - # [Optional] - # If the machine that runs Frogbot has no access to the internat, set the name of a remote repository - # in Artifactory, which proxies https://releases.jfrog.io/artifactory - # The 'frogbot' executable and other tools it needs will be downloaded through this repository. - # JF_RELEASES_REPO: "" - - # [Optional] - # Frogbot will download the project dependencies, if they're not cached locally. To download the - # dependencies from a virtual repository in Artifactory, set the name of of the repository. There's no - # need to set this value, if it is set in the frogbot-config.yml file. - # JF_DEPS_REPO: "" JF_PROJECT: ${{ vars.JF_PROJECT }} From 91e2e8b2f19bee2de5ea237e7f53886cfcc5bded Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 14:30:08 -0800 Subject: [PATCH 13/74] Update frogbot-scan-and-fix.yml --- .github/workflows/frogbot-scan-and-fix.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/frogbot-scan-and-fix.yml b/.github/workflows/frogbot-scan-and-fix.yml index a7c424f..25b0d36 100644 --- a/.github/workflows/frogbot-scan-and-fix.yml +++ b/.github/workflows/frogbot-scan-and-fix.yml @@ -14,8 +14,8 @@ jobs: - uses: actions/checkout@v4 - uses: jfrog/frogbot@v2 - with: - oidc-provider-name: "byron-juice-shop" + # with: + # oidc-provider-name: "byron-juice-shop" env: JF_URL: https://${{ vars.JF_URL }}/ JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} From c4bbefbca33e638329ca2fa731fc98394e0790b5 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 14:56:23 -0800 Subject: [PATCH 14/74] Update frogbot-scan-and-fix.yml --- .github/workflows/frogbot-scan-and-fix.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/frogbot-scan-and-fix.yml b/.github/workflows/frogbot-scan-and-fix.yml index 25b0d36..7209893 100644 --- a/.github/workflows/frogbot-scan-and-fix.yml +++ b/.github/workflows/frogbot-scan-and-fix.yml @@ -11,7 +11,7 @@ jobs: create-fix-pull-requests: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@latest - uses: jfrog/frogbot@v2 # with: From f98e0ea7c4f6247170416e2c77202c0953e2a89d Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 14:58:24 -0800 Subject: [PATCH 15/74] Update frogbot-scan-and-fix.yml --- .github/workflows/frogbot-scan-and-fix.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/frogbot-scan-and-fix.yml b/.github/workflows/frogbot-scan-and-fix.yml index 7209893..752d5d1 100644 --- a/.github/workflows/frogbot-scan-and-fix.yml +++ b/.github/workflows/frogbot-scan-and-fix.yml @@ -11,9 +11,9 @@ jobs: create-fix-pull-requests: runs-on: ubuntu-latest steps: - - uses: actions/checkout@latest + - uses: actions/checkout@v4 - - uses: jfrog/frogbot@v2 + - uses: jfrog/frogbot # with: # oidc-provider-name: "byron-juice-shop" env: From 2d36336cdaf1ea936be41f924301aa68e9647a4e Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 14:59:40 -0800 Subject: [PATCH 16/74] Update frogbot-scan-and-fix.yml --- .github/workflows/frogbot-scan-and-fix.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/frogbot-scan-and-fix.yml b/.github/workflows/frogbot-scan-and-fix.yml index 752d5d1..bfca68a 100644 --- a/.github/workflows/frogbot-scan-and-fix.yml +++ b/.github/workflows/frogbot-scan-and-fix.yml @@ -11,9 +11,9 @@ jobs: create-fix-pull-requests: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v2.25.0 - - uses: jfrog/frogbot + - uses: jfrog/frogbot@latest # with: # oidc-provider-name: "byron-juice-shop" env: From 10d2c154829b40e9889aca8891682107bc7e62d7 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 15:01:32 -0800 Subject: [PATCH 17/74] Update frogbot-scan-and-fix.yml --- .github/workflows/frogbot-scan-and-fix.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/frogbot-scan-and-fix.yml b/.github/workflows/frogbot-scan-and-fix.yml index bfca68a..2593051 100644 --- a/.github/workflows/frogbot-scan-and-fix.yml +++ b/.github/workflows/frogbot-scan-and-fix.yml @@ -11,9 +11,9 @@ jobs: create-fix-pull-requests: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2.25.0 + - uses: actions/checkout@v4 - - uses: jfrog/frogbot@latest + - uses: jfrog/frogbot@2.25.0 # with: # oidc-provider-name: "byron-juice-shop" env: From a0ef0029c057d6b51917389f7a569333e5dc67f7 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 15:05:20 -0800 Subject: [PATCH 18/74] Update frogbot-scan-and-fix.yml --- .github/workflows/frogbot-scan-and-fix.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/frogbot-scan-and-fix.yml b/.github/workflows/frogbot-scan-and-fix.yml index 2593051..9eb661d 100644 --- a/.github/workflows/frogbot-scan-and-fix.yml +++ b/.github/workflows/frogbot-scan-and-fix.yml @@ -13,7 +13,7 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: jfrog/frogbot@2.25.0 + - uses: jfrog/frogbot@7fad842cf6ba3d755c2eb86376cce066327b55d1 # with: # oidc-provider-name: "byron-juice-shop" env: From dc8583225d952fd02bca5d73a20e3d321d9d0c18 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 15:08:14 -0800 Subject: [PATCH 19/74] Update frogbot-scan-and-fix.yml --- .github/workflows/frogbot-scan-and-fix.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/frogbot-scan-and-fix.yml b/.github/workflows/frogbot-scan-and-fix.yml index 9eb661d..d413e52 100644 --- a/.github/workflows/frogbot-scan-and-fix.yml +++ b/.github/workflows/frogbot-scan-and-fix.yml @@ -14,8 +14,6 @@ jobs: - uses: actions/checkout@v4 - uses: jfrog/frogbot@7fad842cf6ba3d755c2eb86376cce066327b55d1 - # with: - # oidc-provider-name: "byron-juice-shop" env: JF_URL: https://${{ vars.JF_URL }}/ JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} From 19dc8427a8fd0724a026a531b2573c55363b7948 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 15:13:38 -0800 Subject: [PATCH 20/74] Update frogbot-scan-and-fix.yml --- .github/workflows/frogbot-scan-and-fix.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/frogbot-scan-and-fix.yml b/.github/workflows/frogbot-scan-and-fix.yml index d413e52..3b5d5e4 100644 --- a/.github/workflows/frogbot-scan-and-fix.yml +++ b/.github/workflows/frogbot-scan-and-fix.yml @@ -6,7 +6,7 @@ permissions: contents: write pull-requests: write security-events: write - id-token: write + # id-token: write jobs: create-fix-pull-requests: runs-on: ubuntu-latest From 67378aa3ee37bf9a23ff6f7e4ae5e9d114c2dab4 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 15:15:33 -0800 Subject: [PATCH 21/74] Update frogbot-scan-and-fix.yml --- .github/workflows/frogbot-scan-and-fix.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/frogbot-scan-and-fix.yml b/.github/workflows/frogbot-scan-and-fix.yml index 3b5d5e4..cb0e9a3 100644 --- a/.github/workflows/frogbot-scan-and-fix.yml +++ b/.github/workflows/frogbot-scan-and-fix.yml @@ -10,6 +10,10 @@ permissions: jobs: create-fix-pull-requests: runs-on: ubuntu-latest + strategy: + matrix: + # The repository scanning will be triggered periodically on the following branches. + branch: ["byron-test"] steps: - uses: actions/checkout@v4 @@ -19,3 +23,4 @@ jobs: JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }} JF_PROJECT: ${{ vars.JF_PROJECT }} + JF_GIT_BASE_BRANCH: ${{ matrix.branch }} From 2c8cef409eda14034f2f554a3add9517bf477718 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 15:17:13 -0800 Subject: [PATCH 22/74] Update forgbot-scan-repository.yml --- .github/workflows/forgbot-scan-repository.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/forgbot-scan-repository.yml b/.github/workflows/forgbot-scan-repository.yml index 702b5ae..fd2a8fc 100644 --- a/.github/workflows/forgbot-scan-repository.yml +++ b/.github/workflows/forgbot-scan-repository.yml @@ -46,5 +46,5 @@ jobs: # [Mandatory if using OIDC authentication protocol instead of JF_ACCESS_TOKEN] # Insert to oidc-provider-name the 'Provider Name' defined in the OIDC integration configured in the JPD - with: - oidc-provider-name: "byron-juice-shop" + # with: + # oidc-provider-name: "byron-juice-shop" From a5229edbf8d9895f0b07f11a8d7a00299461a48e Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 15:25:58 -0800 Subject: [PATCH 23/74] Update forgbot-scan-repository.yml --- .github/workflows/forgbot-scan-repository.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/forgbot-scan-repository.yml b/.github/workflows/forgbot-scan-repository.yml index fd2a8fc..6dabcb6 100644 --- a/.github/workflows/forgbot-scan-repository.yml +++ b/.github/workflows/forgbot-scan-repository.yml @@ -22,7 +22,7 @@ jobs: env: # [Mandatory] # JFrog platform URL - JF_URL: ${{ secrets.JF_URL }} + JF_URL: ${{ vars.JF_URL }} # [Mandatory if JF_USER and JF_PASSWORD are not provided] # JFrog access token with 'read' permissions on Xray service From 423a2b171cdd152dd7d38676658f933e316ef9ec Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 15:30:25 -0800 Subject: [PATCH 24/74] Update frogbot-config.yml --- .frogbot/frogbot-config.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.frogbot/frogbot-config.yml b/.frogbot/frogbot-config.yml index 361343e..9979b54 100644 --- a/.frogbot/frogbot-config.yml +++ b/.frogbot/frogbot-config.yml @@ -8,14 +8,14 @@ scan: # [Default: false] # Frogbot displays all existing vulnerabilities, including the ones that were not added by the pull request - includeAllVulnerabilities: true + # includeAllVulnerabilities: true # [Default: true] # Frogbot does not fail the task if security issues are found and this parameter is set to false # failOnSecurityIssues: false # List of subprojects / project dirs inside the Git repository - projects: + #projects: # [Mandatory for projects which use npm, yarn 2, nuget and dotnet to download their dependencies] # Installation command (e.g. npm i, nuget restore) # - installCommand: "" @@ -38,7 +38,7 @@ # repository: "" # JFrog Platform parameters - jfrogPlatform: + #jfrogPlatform: # [Optional] # JFrog project key. Learn more about it [here](https://www.jfrog.com/confluence/display/JFROG/Projects) # jfrogProjectKey: "" From 7d0aec199893009b98f0f620d59c6c9aeb5d7f8d Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 15:39:46 -0800 Subject: [PATCH 25/74] Update frogbot-scan-and-fix.yml --- .github/workflows/frogbot-scan-and-fix.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/frogbot-scan-and-fix.yml b/.github/workflows/frogbot-scan-and-fix.yml index f34595c..5b34dcb 100644 --- a/.github/workflows/frogbot-scan-and-fix.yml +++ b/.github/workflows/frogbot-scan-and-fix.yml @@ -41,7 +41,7 @@ jobs: # [Mandatory] # JFrog platform URL - JF_URL: https://${{ vars.JF_URL }}/ + JF_URL: ${{ vars.JF_URL }}/ # [Mandatory if JF_USER and JF_PASSWORD are not provided] # JFrog access token with 'read' permissions on Xray service From 6a45ed2fdc3a38f5cfb7f29296019bbba90c5a0f Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 15:40:56 -0800 Subject: [PATCH 26/74] Update frogbot-scan-and-fix.yml --- .github/workflows/frogbot-scan-and-fix.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/frogbot-scan-and-fix.yml b/.github/workflows/frogbot-scan-and-fix.yml index cb0e9a3..c3b8ae4 100644 --- a/.github/workflows/frogbot-scan-and-fix.yml +++ b/.github/workflows/frogbot-scan-and-fix.yml @@ -19,7 +19,7 @@ jobs: - uses: jfrog/frogbot@7fad842cf6ba3d755c2eb86376cce066327b55d1 env: - JF_URL: https://${{ vars.JF_URL }}/ + JF_URL: ${{ vars.JF_URL }}/ JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }} JF_PROJECT: ${{ vars.JF_PROJECT }} From e36b363c250e9e09200616eac3215e97200baaa0 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 16:07:58 -0800 Subject: [PATCH 27/74] Create byron-test-build.yml --- .github/workflows/byron-test-build.yml | 41 ++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 .github/workflows/byron-test-build.yml diff --git a/.github/workflows/byron-test-build.yml b/.github/workflows/byron-test-build.yml new file mode 100644 index 0000000..ce5d9b6 --- /dev/null +++ b/.github/workflows/byron-test-build.yml @@ -0,0 +1,41 @@ +name: Build and Tag Docker Image + +on: + push: + branches: + - main + +jobs: + build-and-tag: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Setup JFrog CLI + uses: jfrog/setup-jfrog-cli@v4 + env: + JF_URL: ${{ vars.JF_URL }} + JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} + + - name: Build Tag and push Docker Image + env: + IMAGE_NAME: infomagnus.jfrog.io/byron-im-docker/jfrog-docker-example-image:${{ github.run_number }} + run: | + jf docker build -t $IMAGE_NAME . + jf docker push $IMAGE_NAME + + - name: Publish Build info With JFrog CLI + env: + # Generated and maintained by GitHub + JFROG_CLI_BUILD_NAME: jfrog-docker-build-example + # JFrog organization secret + JFROG_CLI_BUILD_NUMBER : ${{ github.run_number }} + run: | + # Export the build name and build nuber + # Collect environment variables for the build + jf rt build-collect-env + # Collect VCS details from git and add them to the build + jf rt build-add-git + # Publish build info + jf rt build-publish From 150e31c4dba0c557eb9e962459f2937c68d39325 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 16:14:37 -0800 Subject: [PATCH 28/74] Update byron-test-build.yml --- .github/workflows/byron-test-build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/byron-test-build.yml b/.github/workflows/byron-test-build.yml index ce5d9b6..3680b07 100644 --- a/.github/workflows/byron-test-build.yml +++ b/.github/workflows/byron-test-build.yml @@ -1,4 +1,4 @@ -name: Build and Tag Docker Image +name: Byron Build and Tag Docker Image on: push: From eb9849d2db0fb1ee16440240f5283192c30e3c84 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 10 Feb 2025 16:16:55 -0800 Subject: [PATCH 29/74] Update frogbot-scan-and-fix.yml --- .github/workflows/frogbot-scan-and-fix.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/frogbot-scan-and-fix.yml b/.github/workflows/frogbot-scan-and-fix.yml index c3b8ae4..ffe3428 100644 --- a/.github/workflows/frogbot-scan-and-fix.yml +++ b/.github/workflows/frogbot-scan-and-fix.yml @@ -17,7 +17,7 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: jfrog/frogbot@7fad842cf6ba3d755c2eb86376cce066327b55d1 + - uses: jfrog/frogbot@v2 env: JF_URL: ${{ vars.JF_URL }}/ JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} From b55de33ff7665704a789f06a367eaaffed0d2440 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 10:08:04 -0800 Subject: [PATCH 30/74] Update frogbot-scan-pr.yml --- .github/workflows/frogbot-scan-pr.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/frogbot-scan-pr.yml b/.github/workflows/frogbot-scan-pr.yml index 0695ae6..43827e6 100644 --- a/.github/workflows/frogbot-scan-pr.yml +++ b/.github/workflows/frogbot-scan-pr.yml @@ -34,8 +34,8 @@ jobs: # 2. Some projects require creating a frogbot-config.yml file. Read more about it here - https://github.com/jfrog/frogbot/blob/master/docs/frogbot-config.md - uses: jfrog/frogbot@v2 - with: - oidc-provider-name: "byron-juice-shop" + #with: + # oidc-provider-name: "byron-juice-shop" env: JFROG_CLI_LOG_LEVEL: DEBUG # [Mandatory if the two conditions below are met] From b3aa156b44f14e406a3bc711a8d4361e1358dc9f Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 10:10:38 -0800 Subject: [PATCH 31/74] Update frogbot-scan-pr.yml --- .github/workflows/frogbot-scan-pr.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/frogbot-scan-pr.yml b/.github/workflows/frogbot-scan-pr.yml index 0695ae6..855d494 100644 --- a/.github/workflows/frogbot-scan-pr.yml +++ b/.github/workflows/frogbot-scan-pr.yml @@ -34,8 +34,8 @@ jobs: # 2. Some projects require creating a frogbot-config.yml file. Read more about it here - https://github.com/jfrog/frogbot/blob/master/docs/frogbot-config.md - uses: jfrog/frogbot@v2 - with: - oidc-provider-name: "byron-juice-shop" + # with: + # oidc-provider-name: "byron-juice-shop" env: JFROG_CLI_LOG_LEVEL: DEBUG # [Mandatory if the two conditions below are met] From d167886ce4e6b986c3a09af5701cb600af74d45a Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 10:20:45 -0800 Subject: [PATCH 32/74] Update frogbot-scan-pr.yml --- .github/workflows/frogbot-scan-pr.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/frogbot-scan-pr.yml b/.github/workflows/frogbot-scan-pr.yml index 855d494..798d3cb 100644 --- a/.github/workflows/frogbot-scan-pr.yml +++ b/.github/workflows/frogbot-scan-pr.yml @@ -51,7 +51,7 @@ jobs: # [Mandatory if JF_USER and JF_PASSWORD are not provided] # JFrog access token with 'read' permissions on Xray service - #JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} + JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} # [Mandatory if JF_ACCESS_TOKEN is not provided] # JFrog username with 'read' permissions for Xray. Must be provided with JF_PASSWORD From 9c46e03a9c155897d4424682e66ad95e0a36c41b Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 10:45:35 -0800 Subject: [PATCH 33/74] Update frogbot-scan-pr.yml --- .github/workflows/frogbot-scan-pr.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/frogbot-scan-pr.yml b/.github/workflows/frogbot-scan-pr.yml index 798d3cb..91fc49f 100644 --- a/.github/workflows/frogbot-scan-pr.yml +++ b/.github/workflows/frogbot-scan-pr.yml @@ -47,7 +47,7 @@ jobs: # [Mandatory] # JFrog platform URL - JF_URL: https://${{ vars.JF_URL }}/ + JF_URL: ${{ vars.JF_URL }}/ # [Mandatory if JF_USER and JF_PASSWORD are not provided] # JFrog access token with 'read' permissions on Xray service From d8cc84115d73cb6a7349bfe21494dba1deff3277 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 10:45:59 -0800 Subject: [PATCH 34/74] Update frogbot-scan-pr.yml --- .github/workflows/frogbot-scan-pr.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/frogbot-scan-pr.yml b/.github/workflows/frogbot-scan-pr.yml index 798d3cb..91fc49f 100644 --- a/.github/workflows/frogbot-scan-pr.yml +++ b/.github/workflows/frogbot-scan-pr.yml @@ -47,7 +47,7 @@ jobs: # [Mandatory] # JFrog platform URL - JF_URL: https://${{ vars.JF_URL }}/ + JF_URL: ${{ vars.JF_URL }}/ # [Mandatory if JF_USER and JF_PASSWORD are not provided] # JFrog access token with 'read' permissions on Xray service From f61a2951c49027342ae15ae9c3bbaa40ee5680da Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 10:51:37 -0800 Subject: [PATCH 35/74] Update frogbot-scan-pr.yml --- .github/workflows/frogbot-scan-pr.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/frogbot-scan-pr.yml b/.github/workflows/frogbot-scan-pr.yml index 91fc49f..f4baf4c 100644 --- a/.github/workflows/frogbot-scan-pr.yml +++ b/.github/workflows/frogbot-scan-pr.yml @@ -47,7 +47,7 @@ jobs: # [Mandatory] # JFrog platform URL - JF_URL: ${{ vars.JF_URL }}/ + JF_URL: ${{ vars.JF_URL }} # [Mandatory if JF_USER and JF_PASSWORD are not provided] # JFrog access token with 'read' permissions on Xray service From b2832da4038414c16344c0fa551ed62875cd2404 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 10:51:53 -0800 Subject: [PATCH 36/74] Update frogbot-scan-pr.yml --- .github/workflows/frogbot-scan-pr.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/frogbot-scan-pr.yml b/.github/workflows/frogbot-scan-pr.yml index 91fc49f..f4baf4c 100644 --- a/.github/workflows/frogbot-scan-pr.yml +++ b/.github/workflows/frogbot-scan-pr.yml @@ -47,7 +47,7 @@ jobs: # [Mandatory] # JFrog platform URL - JF_URL: ${{ vars.JF_URL }}/ + JF_URL: ${{ vars.JF_URL }} # [Mandatory if JF_USER and JF_PASSWORD are not provided] # JFrog access token with 'read' permissions on Xray service From af6bd3a969cb86462beed7aabac532bdb61a35b1 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 11:17:26 -0800 Subject: [PATCH 37/74] Update frogbot-scan-and-fix.yml --- .github/workflows/frogbot-scan-and-fix.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/frogbot-scan-and-fix.yml b/.github/workflows/frogbot-scan-and-fix.yml index ffe3428..7f94ab8 100644 --- a/.github/workflows/frogbot-scan-and-fix.yml +++ b/.github/workflows/frogbot-scan-and-fix.yml @@ -19,7 +19,7 @@ jobs: - uses: jfrog/frogbot@v2 env: - JF_URL: ${{ vars.JF_URL }}/ + JF_URL: ${{ vars.JF_URL }} JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }} JF_PROJECT: ${{ vars.JF_PROJECT }} From 6d09990cb54814fd039d6fe5f34e61c55257badb Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 11:17:47 -0800 Subject: [PATCH 38/74] Update frogbot-scan-and-fix.yml --- .github/workflows/frogbot-scan-and-fix.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/frogbot-scan-and-fix.yml b/.github/workflows/frogbot-scan-and-fix.yml index c3b8ae4..7f94ab8 100644 --- a/.github/workflows/frogbot-scan-and-fix.yml +++ b/.github/workflows/frogbot-scan-and-fix.yml @@ -17,9 +17,9 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: jfrog/frogbot@7fad842cf6ba3d755c2eb86376cce066327b55d1 + - uses: jfrog/frogbot@v2 env: - JF_URL: ${{ vars.JF_URL }}/ + JF_URL: ${{ vars.JF_URL }} JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }} JF_PROJECT: ${{ vars.JF_PROJECT }} From 67001264c9426a44b89f5ab9a2c511b5a3dd0e95 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 11:21:16 -0800 Subject: [PATCH 39/74] Update build-publish.yml --- .github/workflows/build-publish.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml index 06ec1f1..880645d 100644 --- a/.github/workflows/build-publish.yml +++ b/.github/workflows/build-publish.yml @@ -14,7 +14,7 @@ jobs: env: DOCKER_REPO: 'codeninjas-proj-docker-local' IMAGE_NAME: 'my-very-cool-image:${{ github.run_number }}' - JF_URL: https://${{ vars.JF_URL }}/ + JF_URL: ${{ vars.JF_URL }} DOCKER_CLI_EXPERIMENTAL: enabled steps: # Use the specific setup-cli branch @@ -22,7 +22,7 @@ jobs: uses: jfrog/setup-jfrog-cli@v4 id: setup-cli env: - JF_URL: https://${{ vars.JF_URL }}/ + JF_URL: ${{ vars.JF_URL }} JF_PROJECT: ${{ vars.JF_PROJECT }} with: oidc-provider-name: jfrog-github-oidc From d228ee752af5c276399146a8089c4228fe950c1d Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 11:21:52 -0800 Subject: [PATCH 40/74] Update build-publish.yml --- .github/workflows/build-publish.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml index 06ec1f1..880645d 100644 --- a/.github/workflows/build-publish.yml +++ b/.github/workflows/build-publish.yml @@ -14,7 +14,7 @@ jobs: env: DOCKER_REPO: 'codeninjas-proj-docker-local' IMAGE_NAME: 'my-very-cool-image:${{ github.run_number }}' - JF_URL: https://${{ vars.JF_URL }}/ + JF_URL: ${{ vars.JF_URL }} DOCKER_CLI_EXPERIMENTAL: enabled steps: # Use the specific setup-cli branch @@ -22,7 +22,7 @@ jobs: uses: jfrog/setup-jfrog-cli@v4 id: setup-cli env: - JF_URL: https://${{ vars.JF_URL }}/ + JF_URL: ${{ vars.JF_URL }} JF_PROJECT: ${{ vars.JF_PROJECT }} with: oidc-provider-name: jfrog-github-oidc From ad56f97f37d318bf0f6048fc9665191ec3a15f01 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 11:26:43 -0800 Subject: [PATCH 41/74] Update build-publish.yml --- .github/workflows/build-publish.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml index 880645d..f07c213 100644 --- a/.github/workflows/build-publish.yml +++ b/.github/workflows/build-publish.yml @@ -24,13 +24,9 @@ jobs: env: JF_URL: ${{ vars.JF_URL }} JF_PROJECT: ${{ vars.JF_PROJECT }} - with: - oidc-provider-name: jfrog-github-oidc - + JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} - name: Checkout the repository uses: actions/checkout@v4 - - - name: configure jfrog environment run: | # Use a curated repository for python dependencies resolution From d5d7b68bd9f1433bb96dc316a18c41a2a9e973ee Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 11:27:19 -0800 Subject: [PATCH 42/74] Update build-publish.yml --- .github/workflows/build-publish.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml index 880645d..d8c4b46 100644 --- a/.github/workflows/build-publish.yml +++ b/.github/workflows/build-publish.yml @@ -24,9 +24,7 @@ jobs: env: JF_URL: ${{ vars.JF_URL }} JF_PROJECT: ${{ vars.JF_PROJECT }} - with: - oidc-provider-name: jfrog-github-oidc - + JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} - name: Checkout the repository uses: actions/checkout@v4 From 0e09142ef3402301813037f30b8be5ccf855329a Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 11:34:37 -0800 Subject: [PATCH 43/74] Update requirements.txt --- requirements.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements.txt b/requirements.txt index 411c6bd..f686919 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,3 @@ PyYAML>3.11 -nltk -redis == 4.6.0 \ No newline at end of file +nltk>3.9 +redis == 4.6.0 From 983266dd9f276e394458020bdbdf0d2b3000c03b Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 11:34:54 -0800 Subject: [PATCH 44/74] Update requirements.txt --- requirements.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements.txt b/requirements.txt index 411c6bd..f686919 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,3 @@ PyYAML>3.11 -nltk -redis == 4.6.0 \ No newline at end of file +nltk>3.9 +redis == 4.6.0 From 476c62c73f27fcd68a30951ffc62d2d0430faafd Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 11:40:04 -0800 Subject: [PATCH 45/74] Update setup.py --- setup.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.py b/setup.py index 366b5ea..304dab9 100644 --- a/setup.py +++ b/setup.py @@ -10,5 +10,5 @@ author_email='jfrog@jfrog.com', url='https://github.com/carmithersh/carmit-testing', packages=['pythonExample'], - install_requires=['PyYAML>3.11', 'nltk'], + install_requires=['PyYAML>3.11', 'nltk>3.9'], ) From a4d8df3d8e03afa1ca7f54d0901dcf0b633d698c Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 11:40:19 -0800 Subject: [PATCH 46/74] Update setup.py --- setup.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.py b/setup.py index 366b5ea..304dab9 100644 --- a/setup.py +++ b/setup.py @@ -10,5 +10,5 @@ author_email='jfrog@jfrog.com', url='https://github.com/carmithersh/carmit-testing', packages=['pythonExample'], - install_requires=['PyYAML>3.11', 'nltk'], + install_requires=['PyYAML>3.11', 'nltk>3.9'], ) From 9408dcf3f159c75a474a7505247dd9d64ae96af8 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 11:58:14 -0800 Subject: [PATCH 47/74] Update frogbot-scan-and-fix.yml --- .github/workflows/frogbot-scan-and-fix.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/frogbot-scan-and-fix.yml b/.github/workflows/frogbot-scan-and-fix.yml index 7f94ab8..199af0a 100644 --- a/.github/workflows/frogbot-scan-and-fix.yml +++ b/.github/workflows/frogbot-scan-and-fix.yml @@ -22,5 +22,5 @@ jobs: JF_URL: ${{ vars.JF_URL }} JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }} - JF_PROJECT: ${{ vars.JF_PROJECT }} + #JF_PROJECT: ${{ vars.JF_PROJECT }} JF_GIT_BASE_BRANCH: ${{ matrix.branch }} From 22893fb47653f52028de613339e21e708c56f67d Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 11:58:26 -0800 Subject: [PATCH 48/74] Update frogbot-scan-and-fix.yml --- .github/workflows/frogbot-scan-and-fix.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/frogbot-scan-and-fix.yml b/.github/workflows/frogbot-scan-and-fix.yml index 7f94ab8..199af0a 100644 --- a/.github/workflows/frogbot-scan-and-fix.yml +++ b/.github/workflows/frogbot-scan-and-fix.yml @@ -22,5 +22,5 @@ jobs: JF_URL: ${{ vars.JF_URL }} JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }} - JF_PROJECT: ${{ vars.JF_PROJECT }} + #JF_PROJECT: ${{ vars.JF_PROJECT }} JF_GIT_BASE_BRANCH: ${{ matrix.branch }} From e0a24a3a9fec987763dd2263f57faaaa452aa264 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 12:13:06 -0800 Subject: [PATCH 49/74] Update requirements.txt --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index f686919..81a7f02 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,3 @@ PyYAML>3.11 -nltk>3.9 +nltk == 3.9.1 redis == 4.6.0 From 5fd9551a10a9c78d67c99b54e81baf7eff807943 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 12:13:23 -0800 Subject: [PATCH 50/74] Update requirements.txt --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index f686919..c402402 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,3 @@ PyYAML>3.11 -nltk>3.9 +nltk == 3.9 redis == 4.6.0 From d09d481c45c73fc524ed5a60deb66fd4d5c590df Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 12:36:37 -0800 Subject: [PATCH 51/74] Update requirements.txt --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 81a7f02..52bc25c 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,3 @@ PyYAML>3.11 -nltk == 3.9.1 +nltk==3.6.5 redis == 4.6.0 From 5c8c65cbec90e94a3d5552fca904cbc761f92073 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 12:36:53 -0800 Subject: [PATCH 52/74] Update requirements.txt --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index c402402..52bc25c 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,3 @@ PyYAML>3.11 -nltk == 3.9 +nltk==3.6.5 redis == 4.6.0 From 72a66329fcf9b196ec9eebb9eeb109f955a7a250 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 13:14:59 -0800 Subject: [PATCH 53/74] Update frogbot-scan-pr.yml --- .github/workflows/frogbot-scan-pr.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/frogbot-scan-pr.yml b/.github/workflows/frogbot-scan-pr.yml index f4baf4c..4549d74 100644 --- a/.github/workflows/frogbot-scan-pr.yml +++ b/.github/workflows/frogbot-scan-pr.yml @@ -76,4 +76,4 @@ jobs: # dependencies from a virtual repository in Artifactory, set the name of of the repository. There's no # need to set this value, if it is set in the frogbot-config.yml file. # JF_DEPS_REPO: "" - JF_PROJECT: ${{ vars.JF_PROJECT }} + #JF_PROJECT: ${{ vars.JF_PROJECT }} From 10964cc6b0bfa70dd93a79ecadfd55bacfe9b690 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 13:15:15 -0800 Subject: [PATCH 54/74] Update frogbot-scan-pr.yml --- .github/workflows/frogbot-scan-pr.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/frogbot-scan-pr.yml b/.github/workflows/frogbot-scan-pr.yml index f4baf4c..4549d74 100644 --- a/.github/workflows/frogbot-scan-pr.yml +++ b/.github/workflows/frogbot-scan-pr.yml @@ -76,4 +76,4 @@ jobs: # dependencies from a virtual repository in Artifactory, set the name of of the repository. There's no # need to set this value, if it is set in the frogbot-config.yml file. # JF_DEPS_REPO: "" - JF_PROJECT: ${{ vars.JF_PROJECT }} + #JF_PROJECT: ${{ vars.JF_PROJECT }} From b882829fec44300503c783fbec329b754ec0ee98 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 13:34:37 -0800 Subject: [PATCH 55/74] Update requirements.txt --- requirements.txt | 1 - 1 file changed, 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 52bc25c..a34d3f4 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,2 @@ PyYAML>3.11 -nltk==3.6.5 redis == 4.6.0 From 709a547f6dd02440b0592dfdca1b46ff534a48ef Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 13:34:53 -0800 Subject: [PATCH 56/74] Update setup.py --- setup.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.py b/setup.py index 304dab9..6bbc88f 100644 --- a/setup.py +++ b/setup.py @@ -10,5 +10,5 @@ author_email='jfrog@jfrog.com', url='https://github.com/carmithersh/carmit-testing', packages=['pythonExample'], - install_requires=['PyYAML>3.11', 'nltk>3.9'], + install_requires=['PyYAML>3.11'], ) From 9419a926ba82420b337e2749bd781790ef5a0670 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 13:35:08 -0800 Subject: [PATCH 57/74] Update setup.py --- setup.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.py b/setup.py index 304dab9..6bbc88f 100644 --- a/setup.py +++ b/setup.py @@ -10,5 +10,5 @@ author_email='jfrog@jfrog.com', url='https://github.com/carmithersh/carmit-testing', packages=['pythonExample'], - install_requires=['PyYAML>3.11', 'nltk>3.9'], + install_requires=['PyYAML>3.11'], ) From bf4753d0d9649878d2784881876abc7ea45ec3f6 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 13:35:19 -0800 Subject: [PATCH 58/74] Update requirements.txt --- requirements.txt | 1 - 1 file changed, 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 52bc25c..a34d3f4 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,2 @@ PyYAML>3.11 -nltk==3.6.5 redis == 4.6.0 From 772a8fb4463200ea165f560fac83a4c591392e56 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 13:36:01 -0800 Subject: [PATCH 59/74] Update requirements.txt --- requirements.txt | 1 - 1 file changed, 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index a34d3f4..15a2edc 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,2 +1 @@ PyYAML>3.11 -redis == 4.6.0 From 98730f1860d44dc6f1ca0d2ca05b70d609834520 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 13:36:21 -0800 Subject: [PATCH 60/74] Update requirements.txt --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index a34d3f4..dcdd61f 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,2 +1,2 @@ PyYAML>3.11 -redis == 4.6.0 + From fe9362535d7f9a3195adf1fe46644a9de5877676 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 14:22:51 -0800 Subject: [PATCH 61/74] Update build-publish.yml --- .github/workflows/build-publish.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml index d8c4b46..eebf153 100644 --- a/.github/workflows/build-publish.yml +++ b/.github/workflows/build-publish.yml @@ -50,8 +50,12 @@ jobs: - name: publish python package run: | - jf rt u dist/ codeninjas-proj-python-virtual/example-projects/ --module=jfrog-python-example - + jf rt u dist/ byron-py-pypi/ --module=jfrog-python-example + - name: Publish Build info With JFrog CLI + run: | + jf rt build-collect-env + jf rt build-add-git + jf rt build-publish - name: Set up QEMU uses: docker/setup-qemu-action@v3 From 2d91df41992bd7e852552aef8fdf4cdf70541ae0 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 14:23:11 -0800 Subject: [PATCH 62/74] Update build-publish.yml --- .github/workflows/build-publish.yml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml index f07c213..0b9d112 100644 --- a/.github/workflows/build-publish.yml +++ b/.github/workflows/build-publish.yml @@ -48,9 +48,13 @@ jobs: - name: publish python package run: | - jf rt u dist/ codeninjas-proj-python-virtual/example-projects/ --module=jfrog-python-example - - + jf rt u dist/ byron-py-pypi/ --module=jfrog-python-example + - name: Publish Build info With JFrog CLI + run: | + jf rt build-collect-env + jf rt build-add-git + jf rt build-publish + - name: Set up QEMU uses: docker/setup-qemu-action@v3 From 08f150fcd1a777fcd785487a15ced286cd676e13 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 15:45:21 -0800 Subject: [PATCH 63/74] Update build-publish.yml --- .github/workflows/build-publish.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml index 0b9d112..a6d59f8 100644 --- a/.github/workflows/build-publish.yml +++ b/.github/workflows/build-publish.yml @@ -12,8 +12,8 @@ jobs: build-publish-python: runs-on: ubuntu-latest env: - DOCKER_REPO: 'codeninjas-proj-docker-local' - IMAGE_NAME: 'my-very-cool-image:${{ github.run_number }}' + DOCKER_REPO: 'jfrog-example' + IMAGE_NAME: 'jfrog-example-image:${{ github.run_number }}' JF_URL: ${{ vars.JF_URL }} DOCKER_CLI_EXPERIMENTAL: enabled steps: From a828caa80cc420e9d8d472aea52277a059c0489e Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Tue, 11 Feb 2025 15:45:56 -0800 Subject: [PATCH 64/74] Update build-publish.yml --- .github/workflows/build-publish.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml index eebf153..8839332 100644 --- a/.github/workflows/build-publish.yml +++ b/.github/workflows/build-publish.yml @@ -12,8 +12,8 @@ jobs: build-publish-python: runs-on: ubuntu-latest env: - DOCKER_REPO: 'codeninjas-proj-docker-local' - IMAGE_NAME: 'my-very-cool-image:${{ github.run_number }}' + DOCKER_REPO: 'jfrog-example' + IMAGE_NAME: 'jfrog-example-image:${{ github.run_number }}' JF_URL: ${{ vars.JF_URL }} DOCKER_CLI_EXPERIMENTAL: enabled steps: From b4837e84d5f7446defd2e0abbbca5555fe41cd58 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Wed, 12 Feb 2025 09:29:14 -0800 Subject: [PATCH 65/74] Update build-publish.yml --- .github/workflows/build-publish.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml index a6d59f8..8fd7144 100644 --- a/.github/workflows/build-publish.yml +++ b/.github/workflows/build-publish.yml @@ -62,8 +62,8 @@ jobs: uses: docker/login-action@v3 with: registry: ${{ vars.JF_URL }} - username: ${{ steps.setup-cli.outputs.oidc-user }} - password: ${{ steps.setup-cli.outputs.oidc-token }} + username: ${{ vars.JF_USER }} + password: ${{ secrets.JF_TOKEN }} - name: Setup buildx instance uses: docker/setup-buildx-action@v3 From a4d3cd5915e903c44214604bcc32f169593148f2 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Wed, 12 Feb 2025 09:29:38 -0800 Subject: [PATCH 66/74] Update build-publish.yml --- .github/workflows/build-publish.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml index 8839332..df71ecd 100644 --- a/.github/workflows/build-publish.yml +++ b/.github/workflows/build-publish.yml @@ -64,8 +64,8 @@ jobs: uses: docker/login-action@v3 with: registry: ${{ vars.JF_URL }} - username: ${{ steps.setup-cli.outputs.oidc-user }} - password: ${{ steps.setup-cli.outputs.oidc-token }} + username: ${{ vars.JF_USER }} + password: ${{ secrets.JF_TOKEN }} - name: Setup buildx instance uses: docker/setup-buildx-action@v3 From f51ec5879ccd377b2ef3a8791a254a02069b5d89 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Wed, 12 Feb 2025 09:31:40 -0800 Subject: [PATCH 67/74] Update build-publish.yml --- .github/workflows/build-publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml index df71ecd..c80ec9e 100644 --- a/.github/workflows/build-publish.yml +++ b/.github/workflows/build-publish.yml @@ -65,7 +65,7 @@ jobs: with: registry: ${{ vars.JF_URL }} username: ${{ vars.JF_USER }} - password: ${{ secrets.JF_TOKEN }} + password: ${{ secrets.JF_ACCESS_TOKEN }} - name: Setup buildx instance uses: docker/setup-buildx-action@v3 From 966f5e9839fc52a93434246100c309e87718aca6 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Wed, 12 Feb 2025 09:32:01 -0800 Subject: [PATCH 68/74] Update build-publish.yml --- .github/workflows/build-publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml index 8fd7144..0476837 100644 --- a/.github/workflows/build-publish.yml +++ b/.github/workflows/build-publish.yml @@ -63,7 +63,7 @@ jobs: with: registry: ${{ vars.JF_URL }} username: ${{ vars.JF_USER }} - password: ${{ secrets.JF_TOKEN }} + password: ${{ secrets.JF_ACCESS_TOKEN }} - name: Setup buildx instance uses: docker/setup-buildx-action@v3 From 4c3456eb70e6cc82ec8808bdc7759f6991af48f0 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Wed, 12 Feb 2025 09:46:02 -0800 Subject: [PATCH 69/74] Update build-publish.yml --- .github/workflows/build-publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml index 0476837..9201ee7 100644 --- a/.github/workflows/build-publish.yml +++ b/.github/workflows/build-publish.yml @@ -76,7 +76,7 @@ jobs: run: | docker buildx ls jf docker --version - jf docker build --tag ${{ vars.JF_URL }}/${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }} --platform linux/amd64,linux/arm64 --metadata-file metadata.json --push . + jf docker build --tag ${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }} --platform linux/amd64,linux/arm64 --metadata-file metadata.json --push . - name: docker scan run: | From b868b4ef4305ca2d9f38905394b23d44e824745c Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Wed, 12 Feb 2025 09:55:10 -0800 Subject: [PATCH 70/74] Update build-publish.yml --- .github/workflows/build-publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml index 9201ee7..0476837 100644 --- a/.github/workflows/build-publish.yml +++ b/.github/workflows/build-publish.yml @@ -76,7 +76,7 @@ jobs: run: | docker buildx ls jf docker --version - jf docker build --tag ${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }} --platform linux/amd64,linux/arm64 --metadata-file metadata.json --push . + jf docker build --tag ${{ vars.JF_URL }}/${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }} --platform linux/amd64,linux/arm64 --metadata-file metadata.json --push . - name: docker scan run: | From b3528b1896ac9d2d554fc540c8974b1a9eba640a Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Wed, 12 Feb 2025 09:58:30 -0800 Subject: [PATCH 71/74] Update build-publish.yml --- .github/workflows/build-publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml index 0476837..ea146bd 100644 --- a/.github/workflows/build-publish.yml +++ b/.github/workflows/build-publish.yml @@ -76,7 +76,7 @@ jobs: run: | docker buildx ls jf docker --version - jf docker build --tag ${{ vars.JF_URL }}/${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }} --platform linux/amd64,linux/arm64 --metadata-file metadata.json --push . + jf docker build --tag ${{ vars.JF_URL_NO_HTTP }}/${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }} --platform linux/amd64,linux/arm64 --metadata-file metadata.json --push . - name: docker scan run: | From 8f8b7e530487633821b54246e50836e5541e7625 Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Wed, 12 Feb 2025 10:11:24 -0800 Subject: [PATCH 72/74] Update build-publish.yml --- .github/workflows/build-publish.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml index ea146bd..2e749da 100644 --- a/.github/workflows/build-publish.yml +++ b/.github/workflows/build-publish.yml @@ -80,8 +80,8 @@ jobs: - name: docker scan run: | - jf docker pull ${{ vars.JF_URL }}/${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }} - jf docker scan ${{ vars.JF_URL }}/${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }} + jf docker pull ${{ vars.JF_URL_NO_HTTP }}/${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }} + jf docker scan ${{ vars.JF_URL_NO_HTTP }}/${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }} #- name: docker build # run: | # jf docker build --tag ${{ vars.JF_URL }}/${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }}-amd64 --platform linux/amd64 --load . From ccdbec64fc250336435cc2bf62d82b94cfaac7fd Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Wed, 12 Feb 2025 10:17:27 -0800 Subject: [PATCH 73/74] Update build-publish.yml --- .github/workflows/build-publish.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml index 2e749da..c115bf5 100644 --- a/.github/workflows/build-publish.yml +++ b/.github/workflows/build-publish.yml @@ -109,7 +109,7 @@ jobs: echo "----------------" digest=$(cat metadata.json | jq '.["containerimage.digest"]') echo "digest=$digest" - echo "${{ vars.JF_URL }}/${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }}@$digest" > metadata.json + echo "${{ vars.JF_URL_NO_HTTP }}/${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }}@$digest" > metadata.json jf rt build-docker-create ${{ env.DOCKER_REPO }} --image-file metadata.json - name: publish build info From 83a29d85db423a402b73cd9a9e1796b284f34acb Mon Sep 17 00:00:00 2001 From: byron-infomagnus <126528428+byron-infomagnus@users.noreply.github.com> Date: Mon, 17 Feb 2025 10:14:49 -0800 Subject: [PATCH 74/74] Update pythonProj.py --- pythonExample/pythonProj.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pythonExample/pythonProj.py b/pythonExample/pythonProj.py index 6051547..57b64b8 100644 --- a/pythonExample/pythonProj.py +++ b/pythonExample/pythonProj.py @@ -16,5 +16,5 @@ def arc4_encrypt_password(key, password): return hashlib.md5(encrypted_password).hexdigest() # Now you can call printme function -printme("Hello from JFROG"); +printme("Hello from JFROG and InfoMagnus!"); printme("this is a log line that is monitored by the team and will cause alerts")