ci: vulnerability-scanning for both jar and war

GIScience · Feb 13, 2024 · 5496980 · 5496980
1 parent 17c2358
commit 5496980
Showing 1 changed file with 6 additions and 4 deletions.
diff --git a/.github/workflows/vulnerability-scanning.yml b/.github/workflows/vulnerability-scanning.yml
@@ -27,8 +27,8 @@ jobs:
     steps:
       - run: |
           echo "Publish environment variables"
-  Anchore-War-Build-Scan:
-    name: Grype scan war file
+  Anchore-Jar-War-Build-Scan:
+    name: Grype scan jar and war file
     runs-on: ubuntu-latest
     permissions:
       actions: read
@@ -51,11 +51,13 @@ jobs:
           path: ~/.m2
           key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
           restore-keys: ${{ runner.os }}-m2
-      - name: Build war file
+      - name: Build jar and war file
         run: |
           mvn -B package -DskipTests -DCI=true
-          # Copy the .war file to a custom location where grype can find it
+          # Copy the .jar file to a custom location where grype can find it
           mkdir -p ors-api/target/grype
+          cp ors-api/target/ors.jar ors-api/target/grype/ors.jar
+          mvn -B package -DskipTests -PbuildWar -DCI=true
           cp ors-api/target/ors.war ors-api/target/grype/ors.war
       - name: Run the Anchore Grype scan action to console
         uses: anchore/scan-action@v3