This section illustrates GitHub and JFrog Integration Developer workflow diagram and the sequence of steps to be followed.
Prerequisites
The following are the prerequisites for the developer's workflow:
The following table describes GitHub and JFrog Integration Developer workflow steps:
# | Task | Description | For more information, see... |
---|---|---|---|
# | Configure JFrog GitHub Copilot Extension in IDE | Configures JFrog GitHub Copilot Extension in IDE | |
1 | Clone Repository | Clones repository | |
2 | Create Feature Branch | Creates feature branch | |
3 | Write Code | Writes code. Use Configure JFrog GitHub Copilot Extension in IDE to speed up development activity. | |
4 | Commit Feature Code | Commits feature code to their branch repository | |
4.1 | Trigger Workflows | Triggers workflows if configured for the commit | NA |
5 | Create Pull Request (PR) | Creates PR on GitHub and adds reviewers to review their code | |
6 | Trigger Workflows | Triggers corresponding workflows. Frogbot scan PR workflow waits for the maintainer's approval | |
7 | Approve Frogbot Scan Workflow | Maintainer approves Frogbot Scan Workflow | |
8 | Trigger Frogbot Scan Workflow | On maintainer's approval, Frogbot scan PR workflow scans code for security vulnerabilities | NA |
8.1 | Security Vulnerabilities | If there are any security vulnerabilities, Frogbot opens a PR for resolving the vulnerabilities | |
9 | Review PR and Approve | Reviewer reviews the PR and approves it | |
10 | Merge PR | Developer merges PR with the main branch. | |
11 | Trigger Workflows | Triggers workflows, builds artifacts, scans, pushes to Artifactory as per the configuration | |
11.1 | Resolve Dependencies | Resolves dependencies as required by the workflow | N/A |
11.2 | Generates Job Summary | Generates Job Summary | NA |
12 | View Job Summary | On successful merging, workflows are triggered and pushes build artifacts to Artifactory and Security results to Xray as configured. The workflow generates a job summary. | |
13 | View Security vulnerabilities | View scan results on GitHub Advanced Security Dashboard | |
14 | View Build Artifacts and Xray Scans in Artifactory | Refer Artifactory and Xray on JPD platform to learn about the produced artifacts and security results. NoteFrom the Job Summary, you can navigate between the job summary and corresponding JFrog Artifactory areas. |