jfrog · byron-infomagnus · Feb 10, 2025 · Feb 10, 2025 · Feb 10, 2025 · Feb 10, 2025
diff --git a/.frogbot/frogbot-config.yml b/.frogbot/frogbot-config.yml
@@ -0,0 +1,49 @@
+- params:
+    git:
+      repoName: jfrog-github-example
+      branches:
+        - byron-test
+        - main
+    # Frogbot scanning parameters
+    scan:
+      # [Default: false]
+      # Frogbot displays all existing vulnerabilities, including the ones that were not added by the pull request
+      # includeAllVulnerabilities: true
+
+      # [Default: true]
+      # Frogbot does not fail the task if security issues are found and this parameter is set to false
+      # failOnSecurityIssues: false
+
+      # List of subprojects / project dirs inside the Git repository
+      #projects:
+      # [Mandatory for projects which use npm, yarn 2, nuget and dotnet to download their dependencies]
+      # Installation command (e.g. npm i, nuget restore)
+      # - installCommand: ""
+
+      # [Default: root directory]
+      # List of relative path's to the projects directories in the git repository
+      #   workingDirs:
+      #     - "."
+
+      # [Mandatory for pip only if using requirements file, Default: pip install .]
+      # The requirements file name that used to install dependencies in case of pip package manager
+      #   pipRequirementsFile: ""
+
+      # [Default: true]
+      # Use Gradle Wrapper (gradlew/gradlew.bat) to run Gradle
+      #   useWrapper: true
+
+      # [Optional]
+      # Name of a Virtual Repository in Artifactory to resolve (download) the project dependencies from
+      #   repository: ""
+
+    # JFrog Platform parameters
+    #jfrogPlatform:
+    # [Optional]
+    # JFrog project key. Learn more about it [here](https://www.jfrog.com/confluence/display/JFROG/Projects)
+    # jfrogProjectKey: ""
+
+    # [Optional]
+    # Xray Watches. Learn more about it [here](https://www.jfrog.com/confluence/display/JFROG/Configuring+Xray+Watches)
+    # watches:
+    #  - ""
diff --git a/.github/workflows/build-publish.yml b/.github/workflows/build-publish.yml
@@ -12,25 +12,21 @@ jobs:
     build-publish-python:
         runs-on: ubuntu-latest              
         env:
-          DOCKER_REPO: 'codeninjas-proj-docker-local'
-          IMAGE_NAME: 'my-very-cool-image:${{ github.run_number }}'
-          JF_URL: https://${{ vars.JF_URL }}/
+          DOCKER_REPO: 'jfrog-example'
+          IMAGE_NAME: 'jfrog-example-image:${{ github.run_number }}'
+          JF_URL: ${{ vars.JF_URL }}
           DOCKER_CLI_EXPERIMENTAL: enabled
         steps:
             # Use the specific setup-cli branch
             - name: Setup JFrog CLI
               uses: jfrog/setup-jfrog-cli@v4
               id: setup-cli
               env:
-                JF_URL: https://${{ vars.JF_URL }}/
+                JF_URL: ${{ vars.JF_URL }}
                 JF_PROJECT: ${{ vars.JF_PROJECT }}
-              with:
-                  oidc-provider-name: jfrog-github-oidc
-
+                JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
             - name: Checkout the repository
               uses: actions/checkout@v4
-
-
             - name: configure jfrog environment
               run: |
                 # Use a curated repository for python dependencies resolution
@@ -52,18 +48,22 @@ jobs:
 
             - name: publish python package
               run: |
-                jf rt u dist/ codeninjas-proj-python-virtual/example-projects/ --module=jfrog-python-example
+                jf rt u dist/ byron-py-pypi/ --module=jfrog-python-example
+            - name: Publish Build info With JFrog CLI
+              run: |
+                jf rt build-collect-env
+                jf rt build-add-git
+                jf rt build-publish
 
-
             - name: Set up QEMU
               uses: docker/setup-qemu-action@v3                 
 
             - name: Authenticate Docker
               uses: docker/login-action@v3
               with:
                 registry: ${{ vars.JF_URL }}
-                username: ${{ steps.setup-cli.outputs.oidc-user }}
-                password: ${{ steps.setup-cli.outputs.oidc-token }}
+                username: ${{ vars.JF_USER }}
+                password: ${{ secrets.JF_ACCESS_TOKEN }}
 
             - name: Setup buildx instance
               uses: docker/setup-buildx-action@v3
@@ -76,12 +76,12 @@ jobs:
               run: |  
                 docker buildx ls
                 jf docker --version
-                jf docker build --tag ${{ vars.JF_URL }}/${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }} --platform linux/amd64,linux/arm64 --metadata-file  metadata.json --push .
+                jf docker build --tag ${{ vars.JF_URL_NO_HTTP }}/${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }} --platform linux/amd64,linux/arm64 --metadata-file  metadata.json --push .
 
             - name: docker scan
               run: |  
-                 jf docker pull ${{ vars.JF_URL }}/${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }}
-                 jf docker scan ${{ vars.JF_URL }}/${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }}   
+                 jf docker pull ${{ vars.JF_URL_NO_HTTP }}/${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }}
+                 jf docker scan ${{ vars.JF_URL_NO_HTTP }}/${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }}   
             #- name: docker build
             #  run: |  
             #    jf docker build --tag ${{ vars.JF_URL }}/${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }}-amd64 --platform  linux/amd64 --load .
@@ -109,7 +109,7 @@ jobs:
                  echo "----------------"
                  digest=$(cat metadata.json | jq '.["containerimage.digest"]')
                  echo "digest=$digest"
-                 echo "${{ vars.JF_URL }}/${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }}@$digest" > metadata.json
+                 echo "${{ vars.JF_URL_NO_HTTP }}/${{ env.DOCKER_REPO }}/${{ env.IMAGE_NAME }}@$digest" > metadata.json
                  jf rt build-docker-create ${{ env.DOCKER_REPO }} --image-file metadata.json 
 
             - name: publish build info

diff --git a/.github/workflows/byron-test-build.yml b/.github/workflows/byron-test-build.yml
@@ -0,0 +1,41 @@
+name: Byron Build and Tag Docker Image
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  build-and-tag:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Setup JFrog CLI
+        uses: jfrog/setup-jfrog-cli@v4
+        env:
+          JF_URL: ${{ vars.JF_URL }}
+          JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
+
+      - name: Build Tag and push Docker Image
+        env:
+          IMAGE_NAME: infomagnus.jfrog.io/byron-im-docker/jfrog-docker-example-image:${{ github.run_number }}
+        run: |
+          jf docker build -t $IMAGE_NAME .
+          jf docker push $IMAGE_NAME
+
+      - name: Publish Build info With JFrog CLI
+        env:
+          # Generated and maintained by GitHub
+          JFROG_CLI_BUILD_NAME: jfrog-docker-build-example
+          # JFrog organization secret
+          JFROG_CLI_BUILD_NUMBER : ${{ github.run_number }}
+        run: |
+          # Export the build name and build nuber
+          # Collect environment variables for the build
+          jf rt build-collect-env
+          # Collect VCS details from git and add them to the build
+          jf rt build-add-git
+          # Publish build info
+          jf rt build-publish
diff --git a/.github/workflows/forgbot-scan-repository.yml b/.github/workflows/forgbot-scan-repository.yml
@@ -0,0 +1,50 @@
+name: "Frogbot Scan Repository"
+on:
+  workflow_dispatch:
+  schedule:
+    # The repository will be scanned once a day at 00:00 GMT.
+    - cron: "0 0 * * *"
+permissions:
+  contents: write
+  pull-requests: write
+  security-events: write
+  # [Mandatory If using OIDC authentication protocol instead of JF_ACCESS_TOKEN]
+  # id-token: write
+jobs:
+  scan-repository:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        # The repository scanning will be triggered periodically on the following branches.
+        branch: ["byron-test"]
+    steps:
+      - uses: jfrog/frogbot@v2
+        env:
+          # [Mandatory]
+          # JFrog platform URL
+          JF_URL: ${{ vars.JF_URL }}
+
+          # [Mandatory if JF_USER and JF_PASSWORD are not provided]
+          # JFrog access token with 'read' permissions on Xray service
+          JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
+
+          # [Mandatory if JF_ACCESS_TOKEN is not provided]
+          # JFrog username with 'read' permissions for Xray. Must be provided with JF_PASSWORD
+          # JF_USER: ${{ secrets.JF_USER }}
+
+          # [Mandatory if JF_ACCESS_TOKEN is not provided]
+          # JFrog password. Must be provided with JF_USER
+          # JF_PASSWORD: ${{ secrets.JF_PASSWORD }}
+
+          # [Mandatory]
+          # The GitHub token is automatically generated for the job
+          JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+          # [Mandatory]
+          # The name of the branch on which Frogbot will perform the scan
+          JF_GIT_BASE_BRANCH: ${{ matrix.branch }}
+
+        # [Mandatory if using OIDC authentication protocol instead of JF_ACCESS_TOKEN]
+        # Insert to oidc-provider-name the 'Provider Name' defined in the OIDC integration configured in the JPD
+       # with:
+        #   oidc-provider-name: "byron-juice-shop"
diff --git a/.github/workflows/frogbot-scan-and-fix.yml b/.github/workflows/frogbot-scan-and-fix.yml
@@ -1,73 +1,26 @@
-# This workflow uses actions that are not certified by GitHub.
-# They are provided by a third-party and are governed by
-# separate terms of service, privacy policy, and support
-# documentation.
-# Frogbot Scan and Fix does the following:
-# Automatically creates pull requests with fixes for vulnerable project dependencies.
-# Uses JFrog Xray to scan the project.
-# Read more about Frogbot here - https://github.com/jfrog/frogbot#frogbot
-
-# Some projects require creating a frogbot-config.yml file. Read more about it here - https://github.com/jfrog/frogbot/blob/master/docs/frogbot-config.md
-
 name: "Frogbot Scan and Fix"
 on:
   push:
-    branches: [ "main" ]
+    branches: [ "main", "byron-test" ]
 permissions:
   contents: write
   pull-requests: write
   security-events: write
-  id-token: write
+ # id-token: write
 jobs:
   create-fix-pull-requests:
     runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        # The repository scanning will be triggered periodically on the following branches.
+        branch: ["byron-test"]
     steps:
       - uses: actions/checkout@v4
 
-      #  IMPORTANT:
-      #  1. See the following link for information about the tools that need to be installed for Frogbot to work - https://github.com/jfrog/frogbot/tree/master/docs/templates/github-actions/scan-and-fix
-      #  2. Some projects require creating a frogbot-config.yml file. Read more about it here - https://github.com/jfrog/frogbot/blob/master/docs/frogbot-config.md
-
       - uses: jfrog/frogbot@v2
-        with:
-          oidc-provider-name: jfrog-github-oidc
         env:
-          # [Mandatory if the two conditions below are met]
-          # 1. The project uses npm, yarn 2, NuGet or .NET to download its dependencies
-          # 2. The `installCommand` variable isn't set in your frogbot-config.yml file.
-          #
-          # The command that installs the project dependencies (e.g "npm i", "nuget restore" or "dotnet restore")
-          # JF_INSTALL_DEPS_CMD: ""
-
-          # [Mandatory]
-          # JFrog platform URL
-          JF_URL: https://${{ vars.JF_URL }}/
-
-          # [Mandatory if JF_USER and JF_PASSWORD are not provided]
-          # JFrog access token with 'read' permissions on Xray service
-          #JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
-
-          # [Mandatory if JF_ACCESS_TOKEN is not provided]
-          # JFrog username with 'read' permissions for Xray. Must be provided with JF_PASSWORD
-          # JF_USER: ${{ secrets.JF_USER }}
-
-          # [Mandatory if JF_ACCESS_TOKEN is not provided]
-          # JFrog password. Must be provided with JF_USER
-          # JF_PASSWORD: ${{ secrets.JF_PASSWORD }}
-
-          # [Mandatory]
-          # The GitHub token automatically generated for the job
+          JF_URL: ${{ vars.JF_URL }}
+          JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
           JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
-          # [Optional]
-          # If the machine that runs Frogbot has no access to the internat, set the name of a remote repository
-          # in Artifactory, which proxies https://releases.jfrog.io/artifactory
-          # The 'frogbot' executable and other tools it needs will be downloaded through this repository.
-          # JF_RELEASES_REPO: ""
-
-          # [Optional]
-          # Frogbot will download the project dependencies, if they're not cached locally. To download the
-          # dependencies from a virtual repository in Artifactory, set the name of of the repository. There's no
-          # need to set this value, if it is set in the frogbot-config.yml file.
-          # JF_DEPS_REPO: ""
-          JF_PROJECT: ${{ vars.JF_PROJECT }}
+          #JF_PROJECT: ${{ vars.JF_PROJECT }}
+          JF_GIT_BASE_BRANCH: ${{ matrix.branch }}
diff --git a/.github/workflows/frogbot-scan-pr.yml b/.github/workflows/frogbot-scan-pr.yml
@@ -34,8 +34,8 @@ jobs:
       #  2. Some projects require creating a frogbot-config.yml file. Read more about it here - https://github.com/jfrog/frogbot/blob/master/docs/frogbot-config.md
 
       - uses: jfrog/frogbot@v2
-        with:
-          oidc-provider-name: jfrog-github-oidc
+       # with:
+       #   oidc-provider-name: "byron-juice-shop"
         env:
           JFROG_CLI_LOG_LEVEL: DEBUG
           # [Mandatory if the two conditions below are met]
@@ -47,11 +47,11 @@ jobs:
 
           # [Mandatory]
           # JFrog platform URL
-          JF_URL: https://${{ vars.JF_URL }}/
+          JF_URL: ${{ vars.JF_URL }}
 
           # [Mandatory if JF_USER and JF_PASSWORD are not provided]
           # JFrog access token with 'read' permissions on Xray service
-          #JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
+          JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
 
           # [Mandatory if JF_ACCESS_TOKEN is not provided]
           # JFrog username with 'read' permissions for Xray. Must be provided with JF_PASSWORD
@@ -76,4 +76,4 @@ jobs:
           # dependencies from a virtual repository in Artifactory, set the name of of the repository. There's no
           # need to set this value, if it is set in the frogbot-config.yml file.
           # JF_DEPS_REPO: ""
-          JF_PROJECT: ${{ vars.JF_PROJECT }}
+          #JF_PROJECT: ${{ vars.JF_PROJECT }}
diff --git a/pythonExample/pythonProj.py b/pythonExample/pythonProj.py
@@ -16,5 +16,5 @@ def arc4_encrypt_password(key, password):
     return hashlib.md5(encrypted_password).hexdigest()
 
 # Now you can call printme function
-printme("Hello from JFROG");
+printme("Hello from JFROG and InfoMagnus!");
 printme("this is a log line that is monitored by the team and will cause alerts")
diff --git a/requirements.txt b/requirements.txt
@@ -1,3 +1,2 @@
 PyYAML>3.11
-nltk
-redis == 4.6.0
+
diff --git a/setup.py b/setup.py
@@ -10,5 +10,5 @@
     author_email='jfrog@jfrog.com',
     url='https://github.com/carmithersh/carmit-testing',
     packages=['pythonExample'],
-    install_requires=['PyYAML>3.11', 'nltk'],
+    install_requires=['PyYAML>3.11'],
 )