From 78446b86907077757e393cedc66acf69b1838d1e Mon Sep 17 00:00:00 2001
From: shashwathrai <113433596+shashwathrai@users.noreply.github.com>
Date: Tue, 13 Sep 2022 17:04:40 +0530
Subject: [PATCH 1/5] Create frogbot-scan-pull-request.yml

---
 .../workflows/frogbot-scan-pull-request.yml   | 71 +++++++++++++++++++
 1 file changed, 71 insertions(+)
 create mode 100644 .github/workflows/frogbot-scan-pull-request.yml

diff --git a/.github/workflows/frogbot-scan-pull-request.yml b/.github/workflows/frogbot-scan-pull-request.yml
new file mode 100644
index 00000000..0977cff0
--- /dev/null
+++ b/.github/workflows/frogbot-scan-pull-request.yml
@@ -0,0 +1,71 @@
+name: "Frogbot Scan Pull Request"
+on:
+  pull_request_target:
+    types: [opened, synchronize]
+permissions:
+  pull-requests: write
+  contents: read
+jobs:
+  scan-pull-request:
+    runs-on: ubuntu-latest
+    # A pull request needs to be approved, before Frogbot scans it. Any GitHub user who is associated with the
+    # "frogbot" GitHub environment can approve the pull request to be scanned.
+    environment: frogbot
+    steps:
+      - uses: actions/checkout@v2
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}
+
+      # Install prerequisites
+      - name: Setup NodeJS
+        uses: actions/setup-node@v3
+        with:
+          node-version: "16.x"
+
+      - uses: jfrog/frogbot@v2
+        env:
+          # [Mandatory]
+          # The command that installs the dependencies
+          JF_INSTALL_DEPS_CMD: "npm i"
+
+          # [Mandatory]
+          # JFrog platform URL (This functionality requires version 3.29.0 or above of Xray)
+          JF_URL: ${{ secrets.JF_URL }}
+
+          # [Mandatory if JF_ACCESS_TOKEN is not provided]
+          # JFrog username with 'read' permissions for Xray. Must be provided with JF_PASSWORD
+          JF_USER: ${{ secrets.JF_USER }}
+
+          # [Mandatory if JF_ACCESS_TOKEN is not provided]
+          # JFrog password. Must be provided with JF_USER
+          JF_PASSWORD: ${{ secrets.JF_PASSWORD }}
+
+          # [Mandatory]
+          # The GitHub token automatically generated for the job
+          JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+          # Uncomment the below options if you'd like to use them.
+
+          # [Optional, default: https://api.github.com]
+          # API endpoint to GitHub
+          # JF_GIT_API_ENDPOINT: https://github.example.com
+
+          # [Mandatory if JF_USER and JF_PASSWORD are not provided]
+          # JFrog access token with 'read' permissions on Xray service
+          # JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
+
+          # [Optional, default: "."]
+          # Relative path to the project in the git repository
+          # JF_WORKING_DIR: path/to/package.json/dir
+
+          # [Optional]
+          # Xray Watches. Learn more about them here: https://www.jfrog.com/confluence/display/JFROG/Configuring+Xray+Watches
+          # JF_WATCHES: <watch-1>,<watch-2>...<watch-n>
+
+          # [Optional]
+          # JFrog project. Learn more about it here: https://www.jfrog.com/confluence/display/JFROG/Projects
+          # JF_PROJECT: <project-key>
+
+          # [Optional, default: "FALSE"]
+          # Displays all existing vulnerabilities, including the ones that were added by the pull request.
+          # JF_INCLUDE_ALL_VULNERABILITIES: "TRUE"

From 128535376f4752f7eddd1adca27c0fe6b7518dce Mon Sep 17 00:00:00 2001
From: shashwathrai <113433596+shashwathrai@users.noreply.github.com>
Date: Tue, 13 Sep 2022 17:06:50 +0530
Subject: [PATCH 2/5] Create frogbot-scan-and-fix.yml

---
 .github/workflows/frogbot-scan-and-fix.yml | 67 ++++++++++++++++++++++
 1 file changed, 67 insertions(+)
 create mode 100644 .github/workflows/frogbot-scan-and-fix.yml

diff --git a/.github/workflows/frogbot-scan-and-fix.yml b/.github/workflows/frogbot-scan-and-fix.yml
new file mode 100644
index 00000000..b7e7e1ca
--- /dev/null
+++ b/.github/workflows/frogbot-scan-and-fix.yml
@@ -0,0 +1,67 @@
+name: "Frogbot Scan and Fix"
+on:
+  push:
+    # Creating fix pull requests will be triggered by any push to one of the these branches.
+    # You can add or replace to any branch you want to open fix pull requests for.
+    branches:
+      - "main"
+      - "master"
+permissions:
+  contents: write
+  pull-requests: write
+  security-events: write
+jobs:
+  create-fix-pull-requests:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+
+      # Install prerequisites
+      - name: Setup NodeJS
+        uses: actions/setup-node@v3
+        with:
+          node-version: "16.x"
+
+      - uses: jfrog/frogbot@v2
+        env:
+          # [Mandatory]
+          # The command that installs the dependencies
+          JF_INSTALL_DEPS_CMD: "npm i"
+
+          # [Mandatory]
+          # JFrog platform URL (This functionality requires version 3.29.0 or above of Xray)
+          JF_URL: ${{ secrets.JF_URL }}
+
+          # [Mandatory if JF_ACCESS_TOKEN is not provided]
+          # JFrog username with 'read' permissions for Xray. Must be provided with JF_PASSWORD
+          JF_USER: ${{ secrets.JF_USER }}
+
+          # [Mandatory if JF_ACCESS_TOKEN is not provided]
+          # JFrog password. Must be provided with JF_USER
+          JF_PASSWORD: ${{ secrets.JF_PASSWORD }}
+
+          # [Mandatory]
+          # The GitHub token automatically generated for the job
+          JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+          # Uncomment the below options if you'd like to use them.
+
+          # [Optional, default: https://api.github.com]
+          # API endpoint to GitHub
+          # JF_GIT_API_ENDPOINT: https://github.example.com
+
+          # [Mandatory if JF_USER and JF_PASSWORD are not provided]
+          # JFrog access token with 'read' permissions on Xray service
+          # JF_ACCESS_TOKEN: ${{ secrets.JF_ACCESS_TOKEN }}
+
+          # [Optional, default: "."]
+          # Relative path to the project in the git repository
+          # JF_WORKING_DIR: path/to/package.json/dir
+
+          # [Optional]
+          # Xray Watches. Learn more about them here: https://www.jfrog.com/confluence/display/JFROG/Configuring+Xray+Watches
+          # JF_WATCHES: <watch-1>,<watch-2>...<watch-n>
+
+          # [Optional]
+          # JFrog project. Learn more about it here: https://www.jfrog.com/confluence/display/JFROG/Projects
+          # JF_PROJECT: <project-key>

From 58237badc7a5afe9e0d589dea14a8fd3ebe26243 Mon Sep 17 00:00:00 2001
From: shashwathrai <113433596+shashwathrai@users.noreply.github.com>
Date: Thu, 10 Nov 2022 13:17:43 +0530
Subject: [PATCH 3/5] Set up CI with Azure Pipelines

[skip ci]
---
 azure-pipelines.yml | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 azure-pipelines.yml

diff --git a/azure-pipelines.yml b/azure-pipelines.yml
new file mode 100644
index 00000000..dc4bf792
--- /dev/null
+++ b/azure-pipelines.yml
@@ -0,0 +1,25 @@
+# Starter pipeline
+# Start with a minimal pipeline that you can customize to build and deploy your code.
+# Add steps that build, run tests, deploy, and more:
+# https://aka.ms/yaml
+
+trigger:
+- master
+
+pool:
+  vmImage: ubuntu-latest
+
+steps:
+- script: echo Hello, world!
+  displayName: 'Run a one-line script'
+
+- script: |
+    echo Add other tasks to build, test, and deploy your project.
+    echo See https://aka.ms/yaml
+  displayName: 'Run a multi-line script'
+- task: ArtifactoryGenericDownload@3
+  inputs:
+    connection: 'jfrog'
+    specSource: 'file'
+    file: 'https://muddanajv.jfrog.io/artifactory/generic-local/test.json'
+    failNoOp: true
\ No newline at end of file

From e3523aad27b4c25402724b014ffbc310e5241ade Mon Sep 17 00:00:00 2001
From: shashwathrai <113433596+shashwathrai@users.noreply.github.com>
Date: Thu, 10 Nov 2022 17:21:25 +0530
Subject: [PATCH 4/5] Publish build Info

[skip ci]
---
 azure-pipelines-1.yml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 azure-pipelines-1.yml

diff --git a/azure-pipelines-1.yml b/azure-pipelines-1.yml
new file mode 100644
index 00000000..5af9db68
--- /dev/null
+++ b/azure-pipelines-1.yml
@@ -0,0 +1,24 @@
+# Starter pipeline
+- task: ArtifactoryPublishBuildInfo@1
+  inputs:
+    artifactoryService: 'jfrog'
+    buildName: 'srs'
+    buildNumber: '1'
+# Start with a minimal pipeline that you can customize to build and deploy your code.
+# Add steps that build, run tests, deploy, and more:
+# https://aka.ms/yaml
+
+trigger:
+- master
+
+pool:
+  vmImage: ubuntu-latest
+
+steps:
+- script: echo Hello, world!
+  displayName: 'Run a one-line script'
+
+- script: |
+    echo Add other tasks to build, test, and deploy your project.
+    echo See https://aka.ms/yaml
+  displayName: 'Run a multi-line script'

From e77b48933a3a676b5789f3149d7527bcf535eb5e Mon Sep 17 00:00:00 2001
From: shashwathrai <113433596+shashwathrai@users.noreply.github.com>
Date: Thu, 10 Nov 2022 17:27:34 +0530
Subject: [PATCH 5/5] build [ublish

[skip ci]
---
 azure-pipelines-2.yml | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 azure-pipelines-2.yml

diff --git a/azure-pipelines-2.yml b/azure-pipelines-2.yml
new file mode 100644
index 00000000..c317da9e
--- /dev/null
+++ b/azure-pipelines-2.yml
@@ -0,0 +1,5 @@
+- task: ArtifactoryPublishBuildInfo@1
+  inputs:
+    artifactoryService: 'jfrog'
+    buildName: 'srs'
+    buildNumber: '1'
\ No newline at end of file