@@ -60,22 +60,12 @@ jobs:
6060 output : results-${{ matrix.language_details.name }}
6161 upload : false
6262
63- - name : Set up Python
64- uses : actions/setup-python@v4
65- with :
66- python-version : ' 3.8'
67-
6863 - name : Convert SARIF to Markdown
6964 run : |
7065 python ./examples/codeql/sarif_to_markdown.py \
7166 results-${{ matrix.language_details.name }}/${{ matrix.language_details.name }}.sarif \
7267 results-${{ matrix.language_details.name }}/${{ matrix.language_details.name }}-report.md
7368
74- name : Setup Node
75- if : matrix.language_details.name == 'javascript'
76- uses : actions/setup-node@v4
77-
78-
7969name : Build and Publish ${{ matrix.language_details.name }} package
8070 env :
8171 GO_CODE_PATH : examples/codeql/go
@@ -92,40 +82,40 @@ jobs:
9282 jf rt bp my-go-build ${{ github.run_number }}
9383 elif [ ${{ matrix.language_details.name }} == 'javascript' ]; then
9484 cd $JS_CODE_PATH
95- jf npm-config --repo-resolve=javascript-remote --repo-deploy=javascript-local --server-id-deploy=setup-jfrog-cli-server --server-id-resolve=setup-jfrog-cli-server
96- jf npm publish --build-name=my-javascript-build --build-number=1
97- jf rt bp my-javascript-build 1
85+ jf npm-config --repo-resolve=javascript-remote --repo-deploy=javascript-local \
86+ --server-id-deploy=setup-jfrog-cli-server \
87+ --server-id-resolve=setup-jfrog-cli-server
88+
89+ jf npm publish --build-name=my-javascript-build --build-number=${{ github.run_number }}
90+ jf rt bp my-javascript-build ${{ github.run_number }}
91+ jf rt u trivy-results.md javascript-local
9892 fi
9993 cd -
10094continue-on-error : true
10195
10296 - name : Attach Evidence Using JFrog CLI
103- env :
104- JFROG_SIGNING_KEY : ${{ secrets.JFROG_SIGNING_KEY }}
10597 run : |
106- KEY=$(echo $JFROG_SIGNING_KEY | base64 -d)
107- echo $KEY
10898 jf config show
10999 if [ ${{ matrix.language_details.name }} == 'go' ]; then
110100 PACKAGE_VERSION="v0.0.${{ github.run_number }}"
111101 jf evd create \
112- --package-name= "jfrog.com/mygobuild" \
113- --package-version=" $PACKAGE_VERSION" \
114- --package-repo-name=" go-local" \
115- --key= "${{ secrets.CODEQL_SIGNING_KEY }}" \
116- --key-alias= ${{ vars.CODEQL_KEY_ALIAS }} \
117- --predicate= "results-go/go.sarif" \
118- --predicate-type= "http://github.com/CodeQL/static-analysis" \
119- --markdown= "results-go/go-report.md"
102+ --package-name "jfrog.com/mygobuild" \
103+ --package-version $PACKAGE_VERSION \
104+ --package-repo-name go-local \
105+ --key "${{ secrets.CODEQL_SIGNING_KEY }}" \
106+ --key-alias ${{ vars.CODEQL_KEY_ALIAS }} \
107+ --predicate "results-go/go.sarif" \
108+ --predicate-type "http://github.com/CodeQL/static-analysis" \
109+ --markdown "results-go/go-report.md"
120110 elif [ ${{ matrix.language_details.name }} == 'javascript' ]; then
121111 PACKAGE_VERSION="0.0.1"
122112 jf evd create \
123- --package-name=" my-javascript-build" \
124- --package-version=" $PACKAGE_VERSION" \
125- --package-repo-name=" javascript-local" \
126- --key= "${{ secrets.CODEQL_SIGNING_KEY }}" \
127- --key-alias= ${{ vars.CODEQL_KEY_ALIAS }} \
128- --predicate= "results-javascript/javascript.sarif" \
129- --predicate-type= "http://github.com/CodeQL/static-analysis" \
130- --markdown= "results-javascript/javascript-report.md"
113+ --package-name my-javascript-build \
114+ --package-version $PACKAGE_VERSION \
115+ --package-repo-name javascript-local \
116+ --key "${{ secrets.CODEQL_SIGNING_KEY }}" \
117+ --key-alias ${{ vars.CODEQL_KEY_ALIAS }} \
118+ --predicate "results-javascript/javascript.sarif" \
119+ --predicate-type "http://github.com/CodeQL/static-analysis" \
120+ --markdown "results-javascript/javascript-report.md"
131121 fi
0 commit comments