diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index b7f4183b..fce6c3e1 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -18,7 +18,7 @@ concurrency: # Environment variables shared across all jobs. env: GOPROXY: direct - GO_COMMON_TEST_ARGS: "-v github.com/jfrog/jfrog-cli-security --race --timeout 30m --jfrog.url=${{ secrets.PLATFORM_URL }} --jfrog.adminToken=${{ secrets.PLATFORM_ADMIN_TOKEN }}" + GO_COMMON_TEST_ARGS: "-v github.com/jfrog/jfrog-cli-security --race --timeout 30m --jfrog.url=${{ secrets.PLATFORM_URL }} --jfrog.adminToken=${{ secrets.PLATFORM_ADMIN_TOKEN }} --test.containerRegistry=${{ secrets.CONTAINER_REGISTRY }}" GRADLE_OPTS: -Dorg.gradle.daemon=false CI: true JFROG_CLI_LOG_LEVEL: DEBUG @@ -180,6 +180,10 @@ jobs: # Test - name: Run tests run: go test ${{ env.GO_COMMON_TEST_ARGS }} --test.xsc + if: ${{ matrix.os != 'ubuntu' }} + - name: Run security tests (with Docker Scan) + run: go test ${{ env.GO_COMMON_TEST_ARGS }} --test.xsc --test.dockerScan --ci.runId=${{ runner.os }}-sec-test + if: ${{ matrix.os == 'ubuntu' }} Other_Scan_Commands_Integration_Tests: name: "[${{ matrix.os }}] Other Scan Commands Integration Tests" @@ -204,7 +208,7 @@ jobs: run: go test ${{ env.GO_COMMON_TEST_ARGS }} --test.scan if: ${{ matrix.os != 'ubuntu' }} - name: Run security tests (with Docker Scan) - run: go test ${{ env.GO_COMMON_TEST_ARGS }} --test.scan --test.dockerScan --test.containerRegistry=${{ secrets.CONTAINER_REGISTRY }} --ci.runId=${{ runner.os }}-sec-test + run: go test ${{ env.GO_COMMON_TEST_ARGS }} --test.scan --test.dockerScan --ci.runId=${{ runner.os }}-sec-test if: ${{ matrix.os == 'ubuntu' }} Other_Commands_Integration_Tests: diff --git a/audit_test.go b/audit_test.go index 52d43724..cc8692e3 100644 --- a/audit_test.go +++ b/audit_test.go @@ -38,6 +38,7 @@ import ( ) func TestXrayAuditNpmJson(t *testing.T) { + integration.InitAuditJavaScriptTest(t, scangraph.GraphScanMinXrayVersion) output := testAuditNpm(t, string(format.Json), false) validations.VerifyJsonResults(t, output, validations.ValidationParams{ SecurityViolations: 1, @@ -46,6 +47,7 @@ func TestXrayAuditNpmJson(t *testing.T) { } func TestXrayAuditNpmSimpleJson(t *testing.T) { + integration.InitAuditJavaScriptTest(t, scangraph.GraphScanMinXrayVersion) output := testAuditNpm(t, string(format.SimpleJson), true) validations.VerifySimpleJsonResults(t, output, validations.ValidationParams{ SecurityViolations: 1, @@ -55,7 +57,6 @@ func TestXrayAuditNpmSimpleJson(t *testing.T) { } func testAuditNpm(t *testing.T, format string, withVuln bool) string { - integration.InitAuditJavaScriptTest(t, scangraph.GraphScanMinXrayVersion) _, cleanUp := securityTestUtils.CreateTestProjectEnvAndChdir(t, filepath.Join(filepath.FromSlash(securityTests.GetTestResourcesPath()), "projects", "package-managers", "npm", "npm")) defer cleanUp() // Run npm install before executing jfrog xr npm-audit @@ -337,7 +338,8 @@ func testXrayAuditGradle(t *testing.T, format string) string { } func TestXrayAuditMavenJson(t *testing.T) { - output := testXscAuditMaven(t, string(format.Json)) + integration.InitAuditJavaTest(t, scangraph.GraphScanMinXrayVersion) + output := testAuditMaven(t, string(format.Json)) validations.VerifyJsonResults(t, output, validations.ValidationParams{ Vulnerabilities: 1, Licenses: 1, @@ -345,15 +347,15 @@ func TestXrayAuditMavenJson(t *testing.T) { } func TestXrayAuditMavenSimpleJson(t *testing.T) { - output := testXscAuditMaven(t, string(format.SimpleJson)) + integration.InitAuditJavaTest(t, scangraph.GraphScanMinXrayVersion) + output := testAuditMaven(t, string(format.SimpleJson)) validations.VerifySimpleJsonResults(t, output, validations.ValidationParams{ Vulnerabilities: 1, Licenses: 1, }) } -func testXscAuditMaven(t *testing.T, format string) string { - integration.InitAuditJavaTest(t, scangraph.GraphScanMinXrayVersion) +func testAuditMaven(t *testing.T, format string) string { _, cleanUp := securityTestUtils.CreateTestProjectEnvAndChdir(t, filepath.Join(filepath.FromSlash(securityTests.GetTestResourcesPath()), "projects", "package-managers", "maven", "maven")) defer cleanUp() // Add dummy descriptor file to check that we run only specific audit diff --git a/commands/scan/scan.go b/commands/scan/scan.go index a661d8dd..23b24f97 100644 --- a/commands/scan/scan.go +++ b/commands/scan/scan.go @@ -450,9 +450,11 @@ func (scanCmd *ScanCommand) createIndexerHandlerFunc(file *spec.File, cmdResults IncludeVulnerabilities: scanCmd.includeVulnerabilities, ProjectKey: scanCmd.projectKey, ScanType: services.Binary, + MultiScanId: cmdResults.MultiScanId, + XscVersion: cmdResults.XscVersion, + XrayVersion: cmdResults.XrayVersion, } - params.MultiScanId = cmdResults.MultiScanId - params.XscVersion = cmdResults.XscVersion + if scanCmd.progress != nil { scanCmd.progress.SetHeadlineMsg("Scanning 🔍") } diff --git a/xsc_test.go b/xsc_test.go index 2f1265f6..0368eebc 100644 --- a/xsc_test.go +++ b/xsc_test.go @@ -52,7 +52,7 @@ func TestXscAuditNpmSimpleJsonWithWatch(t *testing.T) { func TestXscAuditMavenJson(t *testing.T) { _, _, cleanUp := integration.InitXscTest(t) defer cleanUp() - output := testXscAuditMaven(t, string(format.Json)) + output := testAuditMaven(t, string(format.Json)) validations.VerifyJsonResults(t, output, validations.ValidationParams{ Vulnerabilities: 1, Licenses: 1, @@ -62,7 +62,7 @@ func TestXscAuditMavenJson(t *testing.T) { func TestXscAuditMavenSimpleJson(t *testing.T) { _, _, cleanUp := integration.InitXscTest(t) defer cleanUp() - output := testXscAuditMaven(t, string(format.SimpleJson)) + output := testAuditMaven(t, string(format.SimpleJson)) validations.VerifySimpleJsonResults(t, output, validations.ValidationParams{ Vulnerabilities: 1, Licenses: 1,