Skip to content
Jfrog Scan

Jfrog Scan #144

Sign in to view logs

Jfrog Scan

Jfrog Scan #144

Workflow file for this run

.github/workflows/jfrog-scan.yaml at 92e729f
name: Jfrog Scan
on:
workflow_dispatch:
schedule:
- cron: "0 20 * * *"
jobs:
scan-images:
runs-on: ubuntu-latest
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
- uses: actions/checkout@v4
- uses: docker/setup-qemu-action@v3
# IMPORTANT: network=host lets buildkit reach localhost:5000
- uses: docker/setup-buildx-action@v3
with:
driver-opts: network=host
- name: Setup JFrog CLI
uses: jfrog/setup-jfrog-cli@v4
env:
JF_URL: ${{ secrets.JF_URL }}
JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
# -------------------------
# Gateway Runtime (Router + Policy Engine)
# -------------------------
- name: Build & push gateway-runtime to temp registry
run: |
make -C gateway/gateway-runtime build-and-push-multiarch \
IMAGE_NAME=localhost:5000/gateway-runtime \
VERSION=trivy
- name: JFrog scan gateway-runtime
run: |
docker pull localhost:5000/gateway-runtime:trivy
jf docker scan localhost:5000/gateway-runtime:trivy
# -------------------------
# Gateway Controller
# -------------------------
- name: Build & push gateway-controller to temp registry
run: |
make -C gateway/gateway-controller build-and-push-multiarch \
IMAGE_NAME=localhost:5000/gateway-controller \
VERSION=trivy
- name: JFrog scan gateway-controller
run: |
docker pull localhost:5000/gateway-controller:trivy
jf docker scan localhost:5000/gateway-controller:trivy
# -------------------------
# Gateway Builder
# -------------------------
- name: Build & push gateway-builder to temp registry
run: |
make -C gateway/gateway-builder build-and-push-multiarch \
IMAGE_NAME=localhost:5000/gateway-builder \
VERSION=trivy
- name: JFrog scan gateway-builder
run: |
docker pull localhost:5000/gateway-builder:trivy
jf docker scan localhost:5000/gateway-builder:trivy
# -------------------------
# Event Gateway Runtime
# -------------------------
- name: Build & push event-gateway-runtime to temp registry
run: |
make -C event-gateway/gateway-runtime build-and-push-multiarch \
IMAGE_NAME=localhost:5000/event-gateway-runtime \
VERSION=trivy
- name: JFrog scan event-gateway-runtime
run: |
docker pull localhost:5000/event-gateway-runtime:trivy
jf docker scan localhost:5000/event-gateway-runtime:trivy
# -------------------------
# Event Gateway Controller
# -------------------------
- name: Build & push event-gateway-controller to temp registry
run: |
cd gateway/gateway-controller && \
docker buildx build -f Dockerfile \
--build-context sdk=../../sdk \
--build-context sdk-core=../../sdk/core \
--build-context common=../../common \
--build-context build-manifest=.. \
--platform linux/amd64,linux/arm64 \
--build-arg VERSION=trivy \
--target production \
-t localhost:5000/event-gateway-controller:trivy \
--push \
.
- name: JFrog scan event-gateway-controller
run: |
docker pull localhost:5000/event-gateway-controller:trivy
jf docker scan localhost:5000/event-gateway-controller:trivy