Add jfrog scan

[Krishanx92]

Purpose

Explain why this feature or fix is required. Describe the underlying problems, issues, or needs driving this feature/fix and include links to related issues in the following format: Resolves issue1, issue2, etc.

Goals

Describe what solutions this feature or fix introduces to address the problems outlined above.

Approach

Describe how you are implementing the solutions. Include an animated GIF or screenshot if the change affects the UI. Include a link to a Markdown file or Google doc if the feature write-up is too long to paste here.

User stories

Summary of user stories addressed by this change>

Documentation

Link(s) to product documentation that addresses the changes of this PR. If no doc impact, enter “N/A” plus brief explanation of why there’s no doc impact

Automation tests

• Unit tests

  Code coverage information

• Integration tests

  Details about the test cases and coverage

Security checks

• Followed secure coding standards in http://wso2.com/technical-reports/wso2-secure-engineering-guidelines? yes/no
• Ran FindSecurityBugs plugin and verified report? yes/no
• Confirmed that this PR doesn't commit any keys, passwords, tokens, usernames, or other secrets? yes/no

Samples

Provide high-level details about the samples related to this feature

Related PRs

List any other related PRs

Test environment

List all JDK versions, operating systems, databases, and browser/versions on which this feature/fix was tested

Summary by CodeRabbit

• Chores
  • Added automated Docker image scanning workflow that runs on a schedule and can be triggered manually.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Caution

Review failed

The pull request is closed.

Walkthrough

A new GitHub Actions workflow was added to automatically scan Docker images using JFrog CLI. The workflow runs on a schedule and supports manual triggering, setting up JFrog CLI with credentials and performing vulnerability scans on container images.

Changes

Cohort / File(s)	Change Summary
CI/CD Workflow .github/workflows/jfrog-scan.yaml	New workflow file defining scheduled and manual image scanning via JFrog CLI with steps for JFrog setup and Docker image vulnerability scanning

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

• Single new configuration file with straightforward workflow definition
• No complex logic or public API changes
• Standard GitHub Actions and JFrog CLI integration pattern

Poem

🐰 A scanning workflow hops to life,
JFrog checks the container strife,
Docker images now get their care,
Security vulnerabilities—beware!
Scheduled scans keep threats at bay,
Our gateway fortress saves the day! 🛡️

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

📜 Recent review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5f6e71c and 03b9edc.

📒 Files selected for processing (1)

• .github/workflows/jfrog-scan.yaml (1 hunks)

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}