From 3c53052313296d519a073b52737b63eec7f109e7 Mon Sep 17 00:00:00 2001
From: Takara Baumbach <takara.baumbach@heigit.org>
Date: Thu, 1 Feb 2024 10:05:10 +0100
Subject: [PATCH] ci: vulnerability-scanning for both jar and war

---
 .github/workflows/vulnerability-scanning.yml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/vulnerability-scanning.yml b/.github/workflows/vulnerability-scanning.yml
index 4ddf755fb6..3c16cc8e2b 100644
--- a/.github/workflows/vulnerability-scanning.yml
+++ b/.github/workflows/vulnerability-scanning.yml
@@ -54,8 +54,10 @@ jobs:
       - name: Build war file
         run: |
           mvn -B package -DskipTests -DCI=true
-          # Copy the .war file to a custom location where grype can find it
+          # Copy the .jar file to a custom location where grype can find it
           mkdir -p ors-api/target/grype
+          cp ors-api/target/ors.jar ors-api/target/grype/ors.jar
+          mvn -B package -DskipTests -PbuildWar -DCI=true
           cp ors-api/target/ors.war ors-api/target/grype/ors.war
       - name: Run the Anchore Grype scan action to console
         uses: anchore/scan-action@v3