davidka91 · shashwathrai · Mar 25, 2025 · May 3, 2025 · May 3, 2025 · May 3, 2025
diff --git a/.github/workflows/frogbot-scan-pull-request.yml b/.github/workflows/frogbot-scan-pull-request.yml
@@ -11,7 +11,7 @@ jobs:
   scan-pull-request:
     runs-on: ubuntu-latest
     # A pull request needs to be approved before Frogbot scans it. Any GitHub user who is associated with the
-    # "frogbot" GitHub environment can approve the pull request to be scanned.
+    # "frogbot" GitHub environment can approve the pull request to be scanned. Dummy
     environment: frogbot
     steps:
       - uses: jfrog/frogbot@v2
@@ -42,3 +42,18 @@ jobs:
         # Insert to oidc-provider-name the 'Provider Name' defined in the OIDC integration configured in the JPD
         # with:
         #   oidc-provider-name: ""
+        # [Optional]
+          # Xray Watches. Learn more about them here: https://www.jfrog.com/confluence/display/JFROG/Configuring+Xray+Watches
+          JF_WATCHES: srs
+
+          # [Optional]
+          # JFrog project. Learn more about it here: https://www.jfrog.com/confluence/display/JFROG/Projects
+          #JF_PROJECT: genai
+
+          # [Optional, default: "TRUE"]
+          # Fails the Frogbot task if any security issue is found.
+          JF_FAIL: "FALSE"
+
+          # [Optional, default: "FALSE"]
+          # Displays all existing vulnerabilities, including the ones that were added by the pull request.
+          JF_INCLUDE_ALL_VULNERABILITIES: "TRUE"
diff --git a/.github/workflows/frogbot-scan-repository.yml b/.github/workflows/frogbot-scan-repository.yml
@@ -8,8 +8,6 @@ permissions:
   contents: write
   pull-requests: write
   security-events: write
-  # [Mandatory If using OIDC authentication protocol instead of JF_ACCESS_TOKEN]
-  # id-token: write
 jobs:
   scan-repository:
     runs-on: ubuntu-latest
@@ -35,6 +33,7 @@ jobs:
           # [Mandatory if JF_ACCESS_TOKEN is not provided]
           # JFrog password. Must be provided with JF_USER
           # JF_PASSWORD: ${{ secrets.JF_PASSWORD }}
+          #JFROG_CLI_CA_CERT_PATH: "/builds/$CI_PROJECT_PATH/xray-root-ca.pem"
 
           # [Mandatory]
           # The GitHub token is automatically generated for the job
@@ -43,8 +42,11 @@ jobs:
           # [Mandatory]
           # The name of the branch on which Frogbot will perform the scan
           JF_GIT_BASE_BRANCH: ${{ matrix.branch }}
+          JF_WATCHES: srs
 
         # [Mandatory if using OIDC authentication protocol instead of JF_ACCESS_TOKEN]
         # Insert to oidc-provider-name the 'Provider Name' defined in the OIDC integration configured in the JPD
         # with:
         #   oidc-provider-name: ""
+        #with:
+         # oidc-provider-name: "shashwathr"
diff --git a/azure-pipelines.yml b/azure-pipelines.yml