For SaaS tools, there is no way to embed a binary in all the builds without altering references in the CI/CD pipeline. Because every CI/CD engine has its own syntax and vocabulary, this topic explains a script-based approach that you must adapt for every solution.

Set up for script execution

Execute these CLI commands at the end of the build of the default or main branch:

...download and extract the advisor CLI…
export GIT_TOKEN_FOR_PRS = **WRITE_GIT_ACCESS_TOKEN**

advisor build-config get
advisor build-config publish --url=${ADVISOR_SERVER}
advisor upgrade-plan apply --push --from-yml –-url=${ADVISOR_SERVER}

The steps for setting this up:

  1. Configure the GIT_TOKEN_FOR_PRS environment variable. This must be an access token with write access to the analyzed repository. This is to allow creation of automatic pull requests for upgrading your Spring dependencies, if needed. Developers decide if they want to receive these pull requests by adding a file named .spring-app-advisor.yml in the root directory. For more information, see Enable continuous and incremental upgrades with automatic pull requests.

  2. Replace ${ADVISOR_SERVER} with the full URL of your server. For example: https://advisor.acme.com.

GitHub Actions

This section shows how to apply the script-based approach in the context of GitHub Actions. There is no concrete Java version requirement for running Application Advisor. It just needs to be consistent with the project requirements.

name: Spring App Advisor Workflow

on:
  push:
    branches: [ "main" ]

jobs:
  build:

    runs-on: ubuntu-latest
    permissions:
      contents: read

    steps:
    - uses: actions/checkout@v4
    - name: Set up JDK
      uses: actions/setup-java@v4
      with:
        java-version: '17'
        distribution: 'temurin'
    - name: Generates Maven Settings
      uses: 's4u/[email protected]'
      with:
        servers: '[{"id": "tanzu-spring-release", "username":  "${{ secrets.BC_USER }}", "password": "${{ secrets.$BC_PWD }}"}]'
        repositories: '[{"id":"tanzu-spring-release", "name":"Spring Commercial Releases","url":"https://packages.broadcom.com/artifactory/spring-enterprise","snapshots":{"enabled":false}}]'
    - name: Runs Spring Application Advisor
          env:
           GIT_TOKEN_FOR_PRS: ${{ secrets.advisor_git_token_for_prs }}
           ADVISOR_SERVER: ${{ secrets.advisor_server }}
           ARTIFACTORY_TOKEN: ${{ secrets.advisor_artifactory_token }}
          run: |
            curl -L -H "Authorization: Bearer $ARTIFACTORY_TOKEN"  -o advisor-linux.tar -X GET https://packages.broadcom.com/artifactory/spring-enterprise/com/vmware/tanzu/spring/application-advisor-cli-linux/1.0.1/application-advisor-cli-linux-1.0.1.tar
            tar -xf advisor-linux.tar --strip-components=1 --exclude=./META-INF
            ./advisor build-config get
            ./advisor build-config publish --url=$ADVISOR_SERVER
            ./advisor upgrade-plan apply --push --from-yml --url=$ADVISOR_SERVER --token=$GIT_TOKEN_FOR_PRS
    - name: Get errors if exist
      if: ${{ hashFiles('.advisor/errors/') != '' }}
      run: |
        cat .advisor/errors/*
check-circle-line exclamation-circle-line close-line
Scroll to top icon