diff --git a/.github/workflows/jf-cli.yml b/.github/workflows/jf-cli.yml index 68e989f1b..e78a55ba0 100755 --- a/.github/workflows/jf-cli.yml +++ b/.github/workflows/jf-cli.yml @@ -237,23 +237,6 @@ jobs: jf rt bdc ${{env.RT_REPO_DOCKER_VIRTUAL}} --image-file ${{env.DOCKER_METADATA_JSON}} --build-name=${{env.BUILD_NAME}} --build-number=${{env.BUILD_ID}} - - name: "Docker: Extract metadata" - run: | - cat ${{env.DOCKER_METADATA_JSON}} - imageDigest=$(jq -r '.["containerimage.digest"]' "${{env.DOCKER_METADATA_JSON}}") - imageDigest=$(echo "${imageDigest}" | tr -d '\r' | xargs) - echo "DOCKER_DIGEST=${imageDigest}" >> $GITHUB_ENV - - - name: "Evidence: GitHub Attest for docker image" - continue-on-error: true - uses: actions/attest-build-provenance@v3 # https://github.com/marketplace/actions/attest-build-provenance - with: - subject-name: "${{vars.JF_NAME}}.jfrog.io/${{env.RT_REPO_DOCKER_VIRTUAL}}/${{env.ARTIFACT_NAME}}" - subject-digest: '${{ env.DOCKER_DIGEST }}' # sha256:hex_digest - github-token: ${{secrets.GITHUB_TOKEN}} - push-to-registry: true - show-summary: true - - name: "BuildInfo: Build Publish" run: jf rt bp ${{env.BUILD_NAME}} ${{env.BUILD_ID}} --detailed-summary=true @@ -775,7 +758,7 @@ jobs: - name: "Package: Create MVN Build" run: | # -Djar.finalName=${{env.JAR_FINAL_NAME}} - export MAVEN_OPTS="--add-opens jdk.compiler/com.sun.tools.javac.api=ALL-UNNAMED" + export MAVEN_OPTS="--add-opens jdk.compiler/com.sun.tools.javac.util=ALL-UNNAMED" jf mvn clean install -DskipTests=true -Denforcer.skip=true -f pom.xml --build-name ${{env.BUILD_NAME}} --build-number ${{env.BUILD_ID}} @@ -805,41 +788,6 @@ jobs: ARTIFACT_DIGEST=$(sha256sum target/spring-petclinic-*.jar | awk '{print "sha256:"$1}') echo "artifact_digest=$ARTIFACT_DIGEST" >> $GITHUB_OUTPUT - - name: "Create attestation" - uses: actions/attest@v2 - with: - subject-digest: ${{ steps.create_artifact_digest.outputs.artifact_digest }} - subject-name: dev-repo-local/artifact1.txt - predicate-type: "https://github.com/attestations/custom-review-v1" - predicate: | - { - "creationTime": "${{ github.event.repository.pushed_at }}", - "reviewer": "Krishna Manchikalapudi", - "repository": "${{ github.repository }}" - } - - # mvn help:evaluate -Dexpression=project.artifactId -q -DforceStdout - # mvn help:evaluate -Dexpression=project.version -q -DforceStdout - - name: "Evidence: GitHub Attestation" - continue-on-error: true - uses: actions/attest-build-provenance@v3 # https://github.com/marketplace/actions/attest-build-provenance - with: - subject-name: "GitHub Attestation" - subject-path: | - "${{ github.workspace }}/target/spring-petclinic-*.jar" - "${{ github.workspace }}/target/build-info.json" - "${{ github.workspace }}/target/classes/META-INF/sbom/application.cdx.json" - show-summary: true - github-token: ${{secrets.GITHUB_TOKEN}} - - - name: "Evidence: SBOM Attestation" - uses: actions/attest-sbom@v3 # https://github.com/actions/attest-sbom - with: - subject-name: "${{env.JF_RT_URL}}/${{env.RT_REPO_MVN_VIRTUAL}}/${{env.BUILD_NAME}}" - subject-path: "target/spring-petclinic-*.jar" - sbom-path: "target/classes/META-INF/sbom/application.cdx.json" - show-summary: true - github-token: ${{secrets.GITHUB_TOKEN}} - name: "Evidence: Build Info" # continue-on-error: true