Merge pull request #26 from scoremedia/allow-fetch-from-jfrog-take-2

SRE-8406: Have Pluto Github workflow grab dependencies from jfrog

.github/workflows/pluto-workflow-kustomize.yaml

@@ -29,7 +29,7 @@ on:
 
 jobs:
   review-k8s-api:
-    runs-on: ubuntu-latest
+    runs-on: non-prod-scorebet-org-runner
     steps:
       - name: Check out repository code
         uses: actions/checkout@v4
@@ -38,11 +38,21 @@ jobs:
         run:
           git fetch && git checkout origin/non-prod -- values
       - name: Download Pluto
-        uses: FairwindsOps/pluto/[email protected]
+        shell: bash
+        run: |
+          image=us-docker.pkg.dev/fairwinds-ops/oss/pluto:v5
+
+          docker pull "$image"
+          docker cp "$(docker create --rm "$image"):/pluto" /tmp/pluto
+          sudo mv /tmp/pluto /usr/local/bin/pluto
       - name: Install all-in-one Kubernetes tools in a package.
         uses: yokawasa/[email protected]
         with:
           kubectl: '1.26.13'
+      - name: Auth with jfrog for deps
+        uses: scorebet/[email protected]
+        with:
+          artifact-type: "helm"
       - name: Run Pluto to scan K8S Manifest and send a report to OpsLevel
         shell: bash
         env:
@@ -61,6 +71,7 @@ jobs:
             # if an user wishes to customize a Helm chart to use
             CHART_NAME=$([ -n "${{ inputs.chart_name }}" ] && echo "${{ inputs.chart_name }}" || echo "${{ inputs.service_name }}")
 
+            helm dependency build "charts/$CHART_NAME"
             helm template "charts/$CHART_NAME" --values "${{ inputs.values_base }}" --values "${{ inputs.values_overlay }}" > "$MANIFEST_FILE"
           fi