diff --git a/.github/workflows/frogbot-scan-and-fix.yml b/.github/workflows/frogbot-scan-and-fix.yml deleted file mode 100644 index b28d946c2e..0000000000 --- a/.github/workflows/frogbot-scan-and-fix.yml +++ /dev/null @@ -1,50 +0,0 @@ -name: "Frogbot Scan and Fix" -on: - push: - # Creating fix pull requests will be triggered by any push to one of the these branches. - # You can add or replace to any branch you want to open fix pull requests for. - branches: - - "main" - - "v1-maint" - - "v2-maint" - schedule: - # The job will run once a day at 00:00 GMT. - - cron: "0 0 * * *" -permissions: - contents: write - pull-requests: write - security-events: write -jobs: - create-fix-pull-requests: - runs-on: ubuntu-latest - environment: frogbot - steps: - - uses: actions/checkout@v3 - - # Install prerequisites - - name: Setup Go - uses: actions/setup-go@v3 - with: - go-version: 1.20.x - - - uses: jfrog/frogbot@v2 - env: - # [Mandatory] - # JFrog platform URL - JF_URL: ${{ secrets.JF_URL }} - - # [Mandatory if JF_USER and JF_PASSWORD are not provided] - # JFrog access token with 'read' permissions on Xray service - JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} - - # [Mandatory if JF_ACCESS_TOKEN is not provided] - # JFrog username with 'read' permissions for Xray. Must be provided with JF_PASSWORD - # JF_USER: ${{ secrets.JF_USER }} - - # [Mandatory if JF_ACCESS_TOKEN is not provided] - # JFrog password. Must be provided with JF_USER - # JF_PASSWORD: ${{ secrets.JF_PASSWORD }} - - # [Manadatory] - # The GitHub token automatically generated for the job - JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/frogbot-scan-pr.yml b/.github/workflows/frogbot-scan-pr.yml deleted file mode 100644 index 02d68ebc45..0000000000 --- a/.github/workflows/frogbot-scan-pr.yml +++ /dev/null @@ -1,102 +0,0 @@ -name: "Frogbot Scan Pull Request" -on: - pull_request_target: - types: [opened, synchronize] -permissions: - pull-requests: write - contents: read -jobs: - scan-pull-request: - runs-on: ubuntu-latest - # A pull request needs to be approved, before Frogbot scans it. Any GitHub user who is associated with the - # "frogbot" GitHub environment can approve the pull request to be scanned. - environment: frogbot - steps: - - uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.sha }} - - # Install prerequisites - - name: Setup Go - uses: actions/setup-go@v3 - with: - go-version: 1.20.x - - - uses: jfrog/frogbot@v2 - env: - # [Mandatory] - # JFrog platform URL - JF_URL: ${{ secrets.JF_URL }} - - # [Mandatory if JF_USER and JF_PASSWORD are not provided] - # JFrog access token with 'read' permissions on Xray service - JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }} - - # [Mandatory if JF_ACCESS_TOKEN is not provided] - # JFrog username with 'read' permissions for Xray. Must be provided with JF_PASSWORD - # JF_USER: ${{ secrets.JF_USER }} - - # [Mandatory if JF_ACCESS_TOKEN is not provided] - # JFrog password. Must be provided with JF_USER - # JF_PASSWORD: ${{ secrets.JF_PASSWORD }} - - # [Mandatory] - # The GitHub token automatically generated for the job - JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - # [Optional, default: https://api.github.com] - # API endpoint to GitHub - # JF_GIT_API_ENDPOINT: https://github.example.com - - # [Optional] - # If the machine that runs Frogbot has no access to the internet, set the name of a remote repository - # in Artifactory, which proxies https://releases.jfrog.io - # The 'frogbot' executable and other tools it needs will be downloaded through this repository. - # JF_RELEASES_REPO: "" - - - - ########################################################################## - ## If your project uses a 'frogbot-config.yml' file, you can define ## - ## the following variables inside the file, instead of here. ## - ########################################################################## - - # [Optional, default: "."] - # Relative path to the root of the project in the Git repository - # JF_WORKING_DIR: path/to/project/dir - - # [Optional] - # Xray Watches. Learn more about them here: https://www.jfrog.com/confluence/display/JFROG/Configuring+Xray+Watches - # JF_WATCHES: ,... - - # [Optional] - # JFrog project. Learn more about it here: https://www.jfrog.com/confluence/display/JFROG/Projects - # JF_PROJECT: - - # [Optional, default: "FALSE"] - # Displays all existing vulnerabilities, including the ones that were added by the pull request. - # JF_INCLUDE_ALL_VULNERABILITIES: "TRUE" - - # [Optional, default: "TRUE"] - # Fails the Frogbot task if any security issue is found. - # JF_FAIL: "FALSE" - - # [Optional] - # Frogbot will download the project dependencies if they're not cached locally. To download the - # dependencies from a virtual repository in Artifactory, set the name of the repository. There's no - # need to set this value, if it is set in the frogbot-config.yml file. - # JF_DEPS_REPO: "" - - # [Optional, Default: "FALSE"] - # If TRUE, Frogbot creates a single pull request with all the fixes. - # If FALSE, Frogbot creates a separate pull request for each fix. - # JF_GIT_AGGREGATE_FIXES: "FALSE" - - # [Optional, Default: "FALSE"] - # Handle vulnerabilities with fix versions only - # JF_FIXABLE_ONLY: "TRUE" - - # [Optional] - # Set the minimum severity for vulnerabilities that should be fixed and commented on in pull requests - # The following values are accepted: Low, Medium, High or Critical - # JF_MIN_SEVERITY: ""