From 8d4067e25da6b41e183182d34a744a5395f7955f Mon Sep 17 00:00:00 2001
From: Jesse Houldsworth <jesseh@jfrog.com>
Date: Mon, 25 Aug 2025 10:51:31 -0700
Subject: [PATCH] new workflow

---
 .github/workflows/ci-pipeline.yml | 129 +++++++++---------------------
 1 file changed, 37 insertions(+), 92 deletions(-)

diff --git a/.github/workflows/ci-pipeline.yml b/.github/workflows/ci-pipeline.yml
index 58301894e..3fa113bdf 100644
--- a/.github/workflows/ci-pipeline.yml
+++ b/.github/workflows/ci-pipeline.yml
@@ -1,120 +1,65 @@
-name: Build with JFrog CLI (Forcing New Extractor)
+name: CI with JFrog
 
 on:
   push:
     branches:
       - main
       - develop
-
   pull_request:
-    branches: [ "main" ]  # Trigger workflow on pull requests targeting main
+    branches: [ "main" ]
+
+env:
+  # Define variables for build name and number for reuse
+  BUILD_NAME: spring-petclinic
+  # Use run_number for a simple, incrementing build number
+  BUILD_NUMBER: ${{ github.run_number }}
 
 jobs:
-  build:
-    runs-on: ubuntu-latest  # Use the latest Ubuntu runner for execution
-
+  build-and-scan:
+    runs-on: ubuntu-latest
     steps:
-      #################################################
-      # 1) Checkout the repository to the runner
-      #################################################
       - name: Checkout
-        uses: actions/checkout@v4  # Pulls the latest code from the repository
+        uses: actions/checkout@v4
 
-      #################################################
-      # 2) Set up Java environment
-      #################################################
       - name: Set up JDK 17
         uses: actions/setup-java@v3
         with:
-          distribution: 'temurin'  # Use Eclipse Temurin JDK (OpenJDK)
-          java-version: '17'  # Ensure Java 17 is installed
+          distribution: 'temurin'
+          java-version: '17'
 
-      #################################################
-      # 3) Install and Configure JFrog CLI
-      #################################################
       - name: Setup JFrog CLI
-        uses: jfrog/setup-jfrog-cli@v4  # Official JFrog CLI GitHub Action
-        id: setup-cli
+        uses: jfrog/setup-jfrog-cli@v4
         env:
-          JF_URL: ${{secrets.JF_RT_URL}}  # Artifactory base URL (stored as a GitHub secret)
-          JFROG_CLI_RELEASES_REPO: 'https://soleng.jfrog.io/artifactory/jesseh-maven-dev-virtual/'
-          JFROG_CLI_EXTRACTORS_REMOTE: 'https://soleng.jfrog.io/artifactory/jesseh-maven-dev-virtual/'
-          JF_GIT_TOKEN: ${{secrets.GH_TOKEN}}  # GitHub token for authentication
-          JF_USER: ${{secrets.ARTIFACTORY_USERNAME}}  # Artifactory username
-          JF_PASSWORD: ${{secrets.ARTIFACTORY_IDENTITY_TOKEN}}  # Artifactory identity token
+          JF_URL: ${{ secrets.JF_URL }}
+          JF_USER: ${{ secrets.JF_USER }}
+          JF_PASSWORD: ${{ secrets.JF_PASSWORD }}
 
-      #################################################
-      # 4) Clean the local Maven cache (optional but recommended)
-      #################################################
-      - name: Clear local Maven cache
-        run: rm -rf ~/.m2/repository  # Ensures a clean build by removing old dependencies
-      
-      - name: Ensure mvnw is executable
-        run: chmod +x mvnw  # Make the Maven wrapper script executable
-
-      #################################################
-      # 5) Verify JFrog connection
-      #################################################
-      - name: ping jfrog
-        run: jf rt ping
-
-      #################################################
-      # 6) Configure Maven to use JFrog as a repository
-      #################################################
-      - name: configure maven
-        run: jf mvnc --global --repo-resolve-releases jesseh-maven-dev-virtual/ --repo-resolve-snapshots jesseh-maven-dev-virtual/
-        # This sets up JFrog CLI to resolve dependencies from Artifactory
-
-      #################################################
-      # 7) Build project using JFrog CLI with Maven
-      #################################################
-      - name: Maven Build With JFrog CLI
+      - name: Configure Maven Repositories
+        run: |
+          jf mvnc --repo-resolve-releases jesseh-maven-dev-virtual --repo-deploy-releases jesseh-maven-dev-local
+          
+      - name: Run Maven Build
         run: |
           jf mvn clean install \
-            -DskipTests=true -Denforcer.skip=true \
-            --build-name="spring-petclinic" \
-            --build-number="${{ github.run_id }}"
+            --build-name=${{ env.BUILD_NAME }} \
+            --build-number=${{ env.BUILD_NUMBER }}
 
-      #################################################
-      # 8) Scan with XRay
-      #################################################
-      - name: Scan Artifact
-        run: |
-          latest_jar=$(find target -name "*.jar" | sort | tail -n 1)
-          echo "Scanning: $latest_jar"
-          jf scan "$latest_jar"
-      
-      #################################################
-      # 9) Build Docker image with local Docker
-      #################################################
-      - name: Login to JFrog Docker Repo
+      - name: Login to JFrog Docker Registry
         uses: docker/login-action@v3
         with:
-          registry: ${{ secrets.JF_RT_URL }}
-          username: ${{ secrets.ARTIFACTORY_USERNAME }}
-          password: ${{ secrets.ARTIFACTORY_IDENTITY_TOKEN }}
-      
-      - name: Build Docker Image
-        run: |
-          docker build -t soleng.jfrog.io/jesseh-docker-dev-local/spring-petclinic:${{ github.run_id }} .
+          registry: ${{ secrets.JF_URL }}
+          username: ${{ secrets.JF_USER }}
+          password: ${{ secrets.JF_PASSWORD }}
 
-      #################################################
-      # 10) Push Docker image using JFrog CLI
-      #################################################
-      - name: Push Docker Image to Artifactory
+      - name: Build and Push Docker Image
         run: |
-          jf docker push \
-            soleng.jfrog.io/jesseh-docker-dev-local/spring-petclinic:${{ github.run_id }} \
-            --build-name="spring-petclinic" \
-            --build-number="${{ github.run_id }}"
+          export DOCKER_IMAGE_TAG="${{ secrets.JF_URL }}/jesseh-docker-dev-local/spring-petclinic:${{ env.BUILD_NUMBER }}"
+          docker build -t $DOCKER_IMAGE_TAG .
+          jf docker push $DOCKER_IMAGE_TAG \
+            --build-name=${{ env.BUILD_NAME }} \
+            --build-number=${{ env.BUILD_NUMBER }}
 
-      #################################################
-      # 9) Publish Build Information to JFrog
-      #################################################
-      - name: Publish Build Info
+      - name: Publish and Scan Build Info
         run: |
-          jfrog rt build-collect-env           # Collect environment variables
-          jfrog rt build-add-dependencies .     # Add dependencies found in the current directory
-          jfrog rt build-add-git                # Add Git commit information
-          jfrog rt build-publish "spring-petclinic" "${{ github.run_id }}"
-        # Publishes build metadata (dependencies, artifacts, environment) to JFrog
+          jf rt build-publish ${{ env.BUILD_NAME }} ${{ env.BUILD_NUMBER }}
+          jf bs --fail-build=true ${{ env.BUILD_NAME }} ${{ env.BUILD_NUMBER }}
\ No newline at end of file