Merge 0213a72b79 into ab1d5364a0

.github/workflows/Petclinic CI

@@ -0,0 +1,64 @@
+name: PetClinic CI
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request: # Added to allow Frogbot to scan incoming PRs
+  workflow_dispatch:
+
+jobs:
+  build-and-publish:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write 
+      pull-requests: write # Required for Frogbot to comment on PRs
+      security-events: write 
+    
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+
+      - name: Set up JDK 17
+        uses: actions/setup-java@v4
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+          cache: 'maven'
+
+      - name: Set up JFrog CLI
+        uses: jfrog/setup-jfrog-cli@v4
+        env:
+          JF_URL: ${{ secrets.JF_URL }}
+        with:
+          version: latest
+          oidc-provider-name: github-oidc
+          oidc-audience: jfrog-github
+
+      # --- START FROGBOT SCAN ---
+      - name: Frogbot Scan
+        uses: jfrog/frogbot@v2
+        env:
+          JF_URL: ${{ secrets.JF_URL }}
+          # Frogbot uses the OIDC configuration from the setup-jfrog-cli step
+          JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }} 
+      # --- END FROGBOT SCAN ---
+
+      - name: Build and Test
+        run: ./mvnw clean test
+
+      - name: Build Docker Image
+        run: |
+          ./mvnw spring-boot:build-image \
+          -Dspring-boot.build-image.imageName=petclinic-app:${{ github.run_number }}
+
+      - name: Publish to JFrog
+        run: |
+          JF_HOST=$(echo "${{ secrets.JF_URL }}" | sed 's|https://||' | sed 's|/||g')
+          DOCKER_REPO="docker-local"
+          IMAGE_NAME="petclinic-app:${{ github.run_number }}"
+          REMOTE_TAG="$JF_HOST/$DOCKER_REPO/$IMAGE_NAME"
+          
+          docker tag "$IMAGE_NAME" "$REMOTE_TAG"
+          jf docker push "$REMOTE_TAG" --build-name=petclinic-trial --build-number=${{ github.run_number }}
+          jf rt bp petclinic-trial ${{ github.run_number }}

.github/workflows/build-publish-scan.yml

@@ -0,0 +1,69 @@
+name: build-publish-scan
+
+on:
+  push:
+    branches:
+      - feature/test-change
+  workflow_dispatch: {}
+
+permissions:
+  contents: read
+  pull-requests: write
+  id-token: write # Required for OIDC handshake
+
+jobs:
+  build-and-scan:
+    name: Build, Publish, and Scan
+    runs-on: ubuntu-latest
+    
+    env:
+      JF_URL: ${{ secrets.JF_URL }}
+      JF_REPO: "maven-repo" # Using your newly created repo
+      BUILD_NAME: "spring-petclinic-build"
+      BUILD_NUMBER: ${{ github.run_number }}
+
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+
+      - name: Set up JDK 17
+        uses: actions/setup-java@v4
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+          cache: maven
+
+      # 1. Setup JFrog CLI with OIDC
+      - name: Set up JFrog CLI
+        uses: jfrog/setup-jfrog-cli@v4
+        with:
+          oidc-provider-name: github-oidc
+          oidc-audience: jfrog-github
+
+      # 2. Build Project
+      - name: Build with Maven
+        run: ./mvnw -B -DskipTests package
+
+      # 3. Publish Artifact (Fixes the 405 error by using the explicit repo key)
+      - name: Publish artifact to Artifactory
+        run: |
+          jf rt upload "target/*.jar" "${{ env.JF_REPO }}/petclinic/${{ env.BUILD_NUMBER }}/" \
+            --build-name="${{ env.BUILD_NAME }}" \
+            --build-number="${{ env.BUILD_NUMBER }}" \
+            --flat=false
+
+      # 4. Publish Build Info (Required for Xray to scan the build)
+      - name: Publish Build Info
+        run: |
+          jf rt build-collect-env ${{ env.BUILD_NAME }} ${{ env.BUILD_NUMBER }}
+          jf rt bp ${{ env.BUILD_NAME }} ${{ env.BUILD_NUMBER }}
+
+      # 5. Run Frogbot Xray Scan
+      - name: Run Frogbot Scan
+        uses: jfrog/frogbot@v2
+        env:
+          JF_URL: ${{ env.JF_URL }}
+          JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          oidc-provider-name: github-oidc
+          oidc-audience: jfrog-github

.github/workflows/frogbot-scan-pull-request.yaml

@@ -0,0 +1,73 @@
+name: build-publish-scan
+
+on:
+  push:
+    branches:
+      - feature/test-change
+  workflow_dispatch: {}
+
+permissions:
+  contents: read
+  pull-requests: write
+  id-token: write # Required for OIDC authentication
+
+jobs:
+  build-and-scan:
+    name: Build, Publish, and Scan
+    runs-on: ubuntu-latest
+    
+    # Setting environment variables at the job level for consistency
+    env:
+      JF_URL: ${{ secrets.JF_URL }}
+      JF_REPO: ${{ secrets.JF_REPO }}
+      BUILD_NAME: "maven-build-scan"
+      BUILD_NUMBER: ${{ github.run_number }}
+
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+
+      - name: Set up JDK 17
+        uses: actions/setup-java@v4
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+          cache: maven
+
+      # 1. Setup JFrog CLI using OIDC
+      - name: Set up JFrog CLI
+        uses: jfrog/setup-jfrog-cli@v4
+        with:
+          oidc-provider-name: github-oidc
+          oidc-audience: jfrog-github
+
+      - name: Build with Maven
+        run: ./mvnw -B -DskipTests package
+
+      # 2. Upload Artifacts (Fixes the 405 error by using clean paths)
+      - name: Publish artifact to Artifactory
+        run: |
+          # We use jf rt upload. 
+          # The target path should be: REPO_NAME/FOLDER_NAME/
+          # If JF_REPO is "maven-dev-local", this uploads to maven-dev-local/builds/3/
+          jf rt upload "target/*.jar" "${{ secrets.JF_REPO }}/builds/${{ github.run_number }}/" \
+            --build-name="${{ env.BUILD_NAME }}" \
+            --build-number="${{ env.BUILD_NUMBER }}" \
+            --flat=false
+
+      # 3. Publish Build Info (Tells Xray exactly what to scan)
+      - name: Publish Build Info
+        run: |
+          jf rt build-collect-env ${{ env.BUILD_NAME }} ${{ env.BUILD_NUMBER }}
+          jf rt bp ${{ env.BUILD_NAME }} ${{ env.BUILD_NUMBER }}
+
+      # 4. Trigger Frogbot Scan
+      # This will scan the PR/Branch and post security findings
+      - name: Run Frogbot Scan
+        uses: jfrog/frogbot@v2
+        env:
+          JF_URL: ${{ env.JF_URL }}
+          JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          oidc-provider-name: github-oidc
+          oidc-audience: jfrog-github

.github/workflows/main.yml

@@ -0,0 +1,57 @@
+name: PetClinic to Artifactory
+
+on:
+  push:
+    branches: [ "main" ]
+  workflow_dispatch:
+
+jobs:
+  build-and-publish:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write 
+    
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+
+      - name: Set up JDK 17
+        uses: actions/setup-java@v4
+        with:
+          java-version: '17'
+          distribution: 'temurin'
+          cache: 'maven'
+
+      - name: Set up JFrog CLI
+        uses: jfrog/setup-jfrog-cli@v4
+        env:
+          JF_URL: ${{ secrets.JF_URL }}
+        with:
+          version: latest
+          oidc-provider-name: github-oidc
+          oidc-audience: jfrog-github
+
+      - name: Build and Test
+        run: ./mvnw clean test
+
+      - name: Build Docker Image
+        run: |
+          ./mvnw spring-boot:build-image \
+          -Dspring-boot.build-image.imageName=petclinic-app:${{ github.run_number }}
+
+      - name: Publish to JFrog
+        run: |
+          # Clean URL to get Hostname (e.g., myinstance.jfrog.io)
+          JF_HOST=$(echo "${{ secrets.JF_URL }}" | sed 's|https://||' | sed 's|/||g')
+          
+          DOCKER_REPO="docker-local"
+          IMAGE_NAME="petclinic-app:${{ github.run_number }}"
+          REMOTE_TAG="$JF_HOST/$DOCKER_REPO/$IMAGE_NAME"
+          
+          # Tag, Push, and Publish Build Info
+          docker tag "$IMAGE_NAME" "$REMOTE_TAG"
+          
+          jf docker push "$REMOTE_TAG" --build-name=petclinic-trial --build-number=${{ github.run_number }}
+          
+          jf rt bp petclinic-trial ${{ github.run_number }}

src/main/java/org/springframework/samples/petclinic/model/BaseEntity.java

@@ -48,4 +48,8 @@ public class BaseEntity implements Serializable {
 		return this.id == null;
 	}
 
+	public void helloWorld() {
+		System.out.println("Hello World!");
+	}
+
 }