frogbot-scan-and-fix.yml

name: "Frogbot Scan and Fix"
on:
  schedule:
    # The repository will be scanned once a day at 00:00 GMT.
    - cron: "0 0 * * *"
permissions:
  contents: write
  pull-requests: write
  security-events: write
jobs:
  create-fix-pull-requests:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        # The repository scanning will be triggered periodically on the following branches.
        branch: [ "dev" ]
    steps:
      - uses: actions/checkout@v4
        with:
          ref: ${{ matrix.branch }}

      - name: Setup Go with cache
        uses: jfrog/.github/actions/install-go-with-cache@main

      - uses: jfrog/frogbot@v2
        env:
          # [Mandatory]
          # JFrog platform URL
          JF_URL: ${{ secrets.FROGBOT_URL }}

          # [Mandatory if JF_USER and JF_PASSWORD are not provided]
          # JFrog access token with 'read' permissions on Xray service
          JF_ACCESS_TOKEN: ${{ secrets.FROGBOT_ACCESS_TOKEN }}

          # [Mandatory]
          # The GitHub token automatically generated for the job
          JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}