View JFrog Job Summary

JFrog and GitHub Integration Guide

A job summary with build and security information is generated once the build run is complete. You can seamlessly navigate between JFrog and GitHub platforms. Additionally, you can view more details about your artifacts and security scans by clicking on the project package link, which takes you to the JFrog project packages view.

For packages uploaded using generic upload (jf rt upload) as well as Docker, NPM, Maven and Go the Job Summary contains:

  • A link to the corresponding Build page in Artifactory

  • A list of the published modules with their artifact tree.

    Each artifact links to its corresponding artifact in Artifactory.

To view JFrog Job Summary on GitHub, follow these steps:

From the Actions tab, click the corresponding workflow, and then click Summary to view JFrog Job Summary.

You can navigate between the job summary and corresponding JFrog Artifactory areas as follows:

JobSummaryDetails.png
Project Packages

Click the Project Packages to navigate to packages page in the Artifactory.

Build Info Published to Artifactory

Click the build-info link to navigate to the build-info page in the Artifactory. Here, you can view access details such as Published Modules, Environment, Xray Data, and Build Info JSON information. To learn more, refer to View Build Number Information.View Build Number Information

Files Uploaded to Artifactory

Each artifact will link to its corresponding Artifactory artifact.

Security Status

Contains summary of security issues detected by the following in the workflow:

  • jf build-info scan

  • jf scan

  • jf docker scan

You can also view those details in:

  • GitHub Job Console

    JobConsole.png

  • Xray - On-Demand Scanning

    On-DemandScanning.png

  • Xray - Scan List - Builds

    ScanListBuilds.png
Curation

Contains a summary of security issues detected during the workflow.

Build Page Linkage

Click Agent link in the build-info to navigate to GitHub.

To learn more, refer to JFrog Job Summary.

Note

Other supported packages, OCI, Gradle, and Terraform, have a link to the Artifactory build, but not to the artifacts.

Docker packages have a temporary limitation on integration.

To generate the relevant build info and Job Summary, refer to the Manifest List.

Build and push multi platforms image:
> docker login DOCKER_REG_URL
> docker buildx install
> docker buildx create --use --name mybuilder --driver docker-container
> docker buildx build --platform=linux/amd64,linux/arm64,linux/arm/v7 --tag=DOCKER_REG_URL/TARGET_REPO/multiarch-image:1 -f=Dockerfile.Fatmanifest --metadata-file=build-metadata --push .

Configure Artifactory:
> jf c add --url=<JFROG_PLATFORM_URL> [credentials flags]

Collect image build info:
> jf rt build-docker-create TARGET_REPO --server-id=MY_SERVER_ID --image-file build-metadata --build-name myBuild --build-number 1

Publish build info:
> jf rt build-publish --server-id=MY_SERVER_ID  myBuild 1

Remove buildx alias
> docker buildx uninstall