Sync and scan p4jenkins #2333

	name: Sync and scan p4jenkins

	on:
	schedule:
	- cron: '0 /2 * *' # every 30 minutes
	workflow_dispatch: # on button click

	jobs:
	sync:
	runs-on: ubuntu-latest

	steps:
	- name: Sync p4jenking from upstream jenkins github
	uses: tgymnich/[email protected]
	with:
	token: ${{ secrets.SYNC_TOKEN }}
	owner: jenkinsci
	base: master
	head: master
	repo: p4-plugin

	scan:
	needs: sync
	runs-on: ubuntu-latest
	if: always()
	steps:
	- name: Checkout source code
	uses: actions/checkout@v2

	- name: Login to docker hub
	uses: docker/login-action@v1
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_TOKEN }}

	- name: Mend scan
	run: \|
	ls ${{ github.workspace }}
	docker pull perforce/ubuntu22-mend
	docker run -v ${{ github.workspace }}:/scan \
	perforce/ubuntu22-mend bash -c "java -jar /opt/white-source/wss-unified-agent.jar \
	-noConfig true \
	-d /scan \
	-project p4jenkins-main \
	-apiKey ${{ secrets.MEND_API_KEY }} \
	-userKey ${{ secrets.MEND_USER_KEY }} \
	-product p4jenkins \
	-wss.url https://saas-eu.whitesourcesoftware.com/agent \
	-resolveAllDependencies false \
	-maven.resolveDependencies true \
	-maven.runPreStep true"

	- name: CVE scan
	run: \|
	python3 ${{ github.workspace }}/build_tools/cve-finder.py \
	-m p4jenkins \
	-b main \
	-j P4Jenkins \
	-o ${{ secrets.MEND_API_KEY }} \
	-k ${{ secrets.MEND_USER_KEY }} \
	-u ${{ secrets.JIRA_USER }} \
	-p ${{ secrets.JIRA_PASS }}

Provide feedback