From 6919cc2baf7545b0539199d13f76ee8b82623407 Mon Sep 17 00:00:00 2001
From: Jesse Houldsworth <jesseh@jfrog.com>
Date: Mon, 8 Sep 2025 12:30:53 -0700
Subject: [PATCH] improving jas

---
 .github/workflows/ci-pipeline.yml | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ci-pipeline.yml b/.github/workflows/ci-pipeline.yml
index 7e36d28cc..894f28ac7 100644
--- a/.github/workflows/ci-pipeline.yml
+++ b/.github/workflows/ci-pipeline.yml
@@ -64,7 +64,14 @@ jobs:
       # 5) SAST/SCA (on-demand audit; not tied to the build)
       #################################################
       - name: JFrog Audit (SAST & SCA)
-        run: jf audit
+        # Add build info to associate results with the published build
+        # Add --fail=false so the pipeline doesn't stop here.
+        # Let Xray Policies and Watches determine the build status later.
+        run: |
+          jf audit \
+            --build-name=${{ env.JFROG_CLI_BUILD_NAME }} \
+            --build-number=${{ env.JFROG_CLI_BUILD_NUMBER }} \
+            --fail=false
 
       #################################################
       # 6) Build with Maven (attached to build via env)