Skip to content

Commit

Permalink
Update dependencies (#102)
Browse files Browse the repository at this point in the history
  • Loading branch information
@attiasas
attiasas authored Jul 7, 2024
1 parent dc9df0c commit 99e9404
Show file tree
Hide file tree
Showing 16 changed files with 282 additions and 144 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/test.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,8 +71,8 @@ jobs:
ref: ${{ github.event.pull_request.head.sha }}
# Test
- name: Run security tests (without Docker Scan)
run: go test -v github.com/jfrog/jfrog-cli-security --timeout 0 --test.security --jfrog.url=${{ secrets.PLATFORM_URL }} --jfrog.adminToken=${{ secrets.PLATFORM_ADMIN_TOKEN }} --jfrog.user=${{ secrets.PLATFORM_USER }} --test.containerRegistry=${{ secrets.CONTAINER_REGISTRY }} --ci.runId=${{ runner.os }}-xray
run: go test -v github.com/jfrog/jfrog-cli-security --race --timeout 0 --test.security --jfrog.url=${{ secrets.PLATFORM_URL }} --jfrog.adminToken=${{ secrets.PLATFORM_ADMIN_TOKEN }} --jfrog.user=${{ secrets.PLATFORM_USER }} --test.containerRegistry=${{ secrets.CONTAINER_REGISTRY }} --ci.runId=${{ runner.os }}-xray
if: ${{ matrix.os != 'ubuntu' }}
- name: Run security tests (with Docker Scan, only on Ubuntu)
run: go test -v github.com/jfrog/jfrog-cli-security --timeout 0 --test.security --test.dockerScan --jfrog.url=${{ secrets.PLATFORM_URL }} --jfrog.adminToken=${{ secrets.PLATFORM_ADMIN_TOKEN }} --test.containerRegistry=${{ secrets.CONTAINER_REGISTRY }} --ci.runId=${{ runner.os }}-xray
run: go test -v github.com/jfrog/jfrog-cli-security --race --timeout 0 --test.security --test.dockerScan --jfrog.url=${{ secrets.PLATFORM_URL }} --jfrog.adminToken=${{ secrets.PLATFORM_ADMIN_TOKEN }} --test.containerRegistry=${{ secrets.CONTAINER_REGISTRY }} --ci.runId=${{ runner.os }}-xray
if: ${{ matrix.os == 'ubuntu' }}
4 changes: 2 additions & 2 deletions commands/audit/audit.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -264,11 +264,11 @@ func downloadAnalyzerManagerAndRunScanners(auditParallelRunner *utils.SecurityPa
if err = jas.DownloadAnalyzerManagerIfNeeded(threadId); err != nil {
return fmt.Errorf("%s failed to download analyzer manager: %s", clientutils.GetLogMsgPrefix(threadId, false), err.Error())
}
scanner, err = jas.CreateJasScanner(scanner, jfrogAppsConfig, serverDetails, auditParams.Exclusions()...)
scanner, err = jas.CreateJasScanner(scanner, jfrogAppsConfig, serverDetails, jas.GetAnalyzerManagerXscEnvVars(auditParams.commonGraphScanParams.MultiScanId, scanResults.GetScaScannedTechnologies()...), auditParams.Exclusions()...)
if err != nil {
return fmt.Errorf("failed to create jas scanner: %s", err.Error())
}
if err = runner.AddJasScannersTasks(auditParallelRunner, scanResults, scanResults.GetScaScannedTechnologies(), auditParams.DirectDependencies(), serverDetails, auditParams.thirdPartyApplicabilityScan, auditParams.commonGraphScanParams.MultiScanId, scanner, applicability.ApplicabilityScannerType, secrets.SecretsScannerType, auditParallelRunner.AddErrorToChan, auditParams.ScansToPerform()); err != nil {
if err = runner.AddJasScannersTasks(auditParallelRunner, scanResults, auditParams.DirectDependencies(), serverDetails, auditParams.thirdPartyApplicabilityScan, scanner, applicability.ApplicabilityScannerType, secrets.SecretsScannerType, auditParallelRunner.AddErrorToChan, auditParams.ScansToPerform()); err != nil {
return fmt.Errorf("%s failed to run JAS scanners: %s", clientutils.GetLogMsgPrefix(threadId, false), err.Error())
}
return
Expand Down
4 changes: 2 additions & 2 deletions commands/scan/scan.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -427,12 +427,12 @@ func (scanCmd *ScanCommand) createIndexerHandlerFunc(file *spec.File, entitledFo
indexedFileErrors[threadId] = append(indexedFileErrors[threadId], formats.SimpleJsonError{FilePath: filePath, ErrorMessage: err.Error()})
}
scanner := &jas.JasScanner{}
scanner, err = jas.CreateJasScanner(scanner, jfrogAppsConfig, scanCmd.serverDetails)
scanner, err = jas.CreateJasScanner(scanner, jfrogAppsConfig, scanCmd.serverDetails, jas.GetAnalyzerManagerXscEnvVars("", techutils.Technology(graphScanResults.ScannedPackageType)))
if err != nil {
log.Error(fmt.Sprintf("failed to create jas scanner: %s", err.Error()))
indexedFileErrors[threadId] = append(indexedFileErrors[threadId], formats.SimpleJsonError{FilePath: filePath, ErrorMessage: err.Error()})
}
err = runner.AddJasScannersTasks(jasFileProducerConsumer, &scanResults, []techutils.Technology{techutils.Technology(graphScanResults.ScannedPackageType)}, &depsList, scanCmd.serverDetails, false, "", scanner, applicability.ApplicabilityDockerScanScanType, secrets.SecretsScannerDockerScanType, jasErrHandlerFunc, utils.GetAllSupportedScans())
err = runner.AddJasScannersTasks(jasFileProducerConsumer, &scanResults, &depsList, scanCmd.serverDetails, false, scanner, applicability.ApplicabilityDockerScanScanType, secrets.SecretsScannerDockerScanType, jasErrHandlerFunc, utils.GetAllSupportedScans())
if err != nil {
log.Error(fmt.Sprintf("scanning '%s' failed with error: %s", graph.Id, err.Error()))
indexedFileErrors[threadId] = append(indexedFileErrors[threadId], formats.SimpleJsonError{FilePath: filePath, ErrorMessage: err.Error()})
Expand Down
10 changes: 4 additions & 6 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,11 +6,11 @@ require (
github.com/google/go-github/v56 v56.0.0
github.com/gookit/color v1.5.4
github.com/jfrog/build-info-go v1.9.29
github.com/jfrog/froggit-go v1.15.0
github.com/jfrog/froggit-go v1.16.0
github.com/jfrog/gofrog v1.7.2
github.com/jfrog/jfrog-apps-config v1.0.1
github.com/jfrog/jfrog-cli-core/v2 v2.53.1
github.com/jfrog/jfrog-client-go v1.41.0
github.com/jfrog/jfrog-cli-core/v2 v2.53.2
github.com/jfrog/jfrog-client-go v1.41.1
github.com/magiconair/properties v1.8.7
github.com/owenrumney/go-sarif/v2 v2.3.0
github.com/stretchr/testify v1.9.0
Expand Down Expand Up @@ -119,6 +119,4 @@ require (

//replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go dev

//replace github.com/jfrog/froggit-go => ../froggit-go

replace github.com/jfrog/froggit-go => github.com/jfrog/froggit-go v1.15.1-0.20240630120845-4523262ce5a5
// replace github.com/jfrog/froggit-go => github.com/jfrog/froggit-go dev
12 changes: 6 additions & 6 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -889,16 +889,16 @@ github.com/jfrog/archiver/v3 v3.6.0 h1:OVZ50vudkIQmKMgA8mmFF9S0gA47lcag22N13iV3F
github.com/jfrog/archiver/v3 v3.6.0/go.mod h1:fCAof46C3rAXgZurS8kNRNdSVMKBbZs+bNNhPYxLldI=
github.com/jfrog/build-info-go v1.9.29 h1:3vJ+kbk9PpU6wjisXi9c4qISNpYkISh/NmB5mq1ZlSY=
github.com/jfrog/build-info-go v1.9.29/go.mod h1:AzFJlN/yKfKuKcSBaGy5nNmKN1xzx6+XcRWAswCTLTA=
github.com/jfrog/froggit-go v1.15.1-0.20240630120845-4523262ce5a5 h1:vqTVYBhk/hXoeIt1w5vNXdnxqHPvdjpS6eeh6C0Snuo=
github.com/jfrog/froggit-go v1.15.1-0.20240630120845-4523262ce5a5/go.mod h1:TEJSzgiV+3D/GVGE8Y6j46ut1jrBLD1FL6WdMdKwwCE=
github.com/jfrog/froggit-go v1.16.0 h1:qNcerpWupkisdKf4BuofY/XdcUrQJHscSL7PGM6sETs=
github.com/jfrog/froggit-go v1.16.0/go.mod h1:TEJSzgiV+3D/GVGE8Y6j46ut1jrBLD1FL6WdMdKwwCE=
github.com/jfrog/gofrog v1.7.2 h1:VkAaA/9tmbw27IqgUOmaZWnO6ATUqL3vRzDnsROKATw=
github.com/jfrog/gofrog v1.7.2/go.mod h1:WJFk88SR9Sr9mKl1bQBig7DmSdXiBGKV3WhL9O6jL9w=
github.com/jfrog/jfrog-apps-config v1.0.1 h1:mtv6k7g8A8BVhlHGlSveapqf4mJfonwvXYLipdsOFMY=
github.com/jfrog/jfrog-apps-config v1.0.1/go.mod h1:8AIIr1oY9JuH5dylz2S6f8Ym2MaadPLR6noCBO4C22w=
github.com/jfrog/jfrog-cli-core/v2 v2.53.1 h1:odwPJlrUVw7yKIYctVIn7/8YW/Ynwq4vvsmrXOzAAa8=
github.com/jfrog/jfrog-cli-core/v2 v2.53.1/go.mod h1:4iTSevmlThM1Aw5NAY4WyVxim5US4SkrmxHSHFimaqk=
github.com/jfrog/jfrog-client-go v1.41.0 h1:g5OTFvreOVQ6U/5LUXFJfA3Bc+AZCo2PO/EzCLxLbLE=
github.com/jfrog/jfrog-client-go v1.41.0/go.mod h1:AN+/mT2DIBE4oRZicJojqND2BEKLfA7f73i5rT3Lfcc=
github.com/jfrog/jfrog-cli-core/v2 v2.53.2 h1:gOao1CFLbNlvI18WigUnYNvJMy5CHFSWDD11ZLs19VQ=
github.com/jfrog/jfrog-cli-core/v2 v2.53.2/go.mod h1:AVe+geiQQ4oG+xAh2oBuGcyR6kuQ14Z8s4EObV6YU+4=
github.com/jfrog/jfrog-client-go v1.41.1 h1:AlgEIwEULIrk6CSVgt9gg8fQt3oI+cBqKP+eRNsH2aA=
github.com/jfrog/jfrog-client-go v1.41.1/go.mod h1:AN+/mT2DIBE4oRZicJojqND2BEKLfA7f73i5rT3Lfcc=
github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
github.com/jung-kurt/gofpdf v1.0.0/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes=
Expand Down
41 changes: 14 additions & 27 deletions jas/analyzermanager.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,16 +55,13 @@ type AnalyzerManager struct {
MultiScanId string
}

func (am *AnalyzerManager) Exec(configFile, scanCommand, workingDir string, serverDetails *config.ServerDetails) (err error) {
return am.ExecWithOutputFile(configFile, scanCommand, workingDir, "", serverDetails)
func (am *AnalyzerManager) Exec(configFile, scanCommand, workingDir string, serverDetails *config.ServerDetails, envVars map[string]string) (err error) {
return am.ExecWithOutputFile(configFile, scanCommand, workingDir, "", serverDetails, envVars)
}

func (am *AnalyzerManager) ExecWithOutputFile(configFile, scanCommand, workingDir, outputFile string, serverDetails *config.ServerDetails) (err error) {
if err = SetAnalyzerManagerEnvVariables(serverDetails); err != nil {
return
}
func (am *AnalyzerManager) ExecWithOutputFile(configFile, scanCommand, workingDir, outputFile string, serverDetails *config.ServerDetails, envVars map[string]string) (err error) {
var cmd *exec.Cmd
multiScanId := os.Getenv(utils.JfMsiEnvVariable)
multiScanId := envVars[utils.JfMsiEnvVariable]
if len(outputFile) > 0 {
log.Debug("Executing", am.AnalyzerManagerFullPath, scanCommand, configFile, outputFile, multiScanId)
cmd = exec.Command(am.AnalyzerManagerFullPath, scanCommand, configFile, outputFile)
Expand All @@ -79,6 +76,7 @@ func (am *AnalyzerManager) ExecWithOutputFile(configFile, scanCommand, workingDi
}
}
}()
cmd.Env = utils.ToCommandEnvVars(envVars)
cmd.Dir = workingDir
output, err := cmd.CombinedOutput()
if isCI() || err != nil {
Expand Down Expand Up @@ -141,32 +139,21 @@ func isCI() bool {
return strings.ToLower(os.Getenv(coreutils.CI)) == "true"
}

func SetAnalyzerManagerEnvVariables(serverDetails *config.ServerDetails) error {
if serverDetails == nil {
return errors.New("cant get xray server details")
}
if err := os.Setenv(jfUserEnvVariable, serverDetails.User); errorutils.CheckError(err) != nil {
return err
}
if err := os.Setenv(jfPasswordEnvVariable, serverDetails.Password); errorutils.CheckError(err) != nil {
return err
}
if err := os.Setenv(jfPlatformUrlEnvVariable, serverDetails.Url); errorutils.CheckError(err) != nil {
return err
}
if err := os.Setenv(jfTokenEnvVariable, serverDetails.AccessToken); errorutils.CheckError(err) != nil {
return err
func GetAnalyzerManagerEnvVariables(serverDetails *config.ServerDetails) (envVars map[string]string, err error) {
envVars = map[string]string{
jfUserEnvVariable: serverDetails.User,
jfPasswordEnvVariable: serverDetails.Password,
jfPlatformUrlEnvVariable: serverDetails.Url,
jfTokenEnvVariable: serverDetails.AccessToken,
}
if !isCI() {
analyzerManagerLogFolder, err := coreutils.CreateDirInJfrogHome(filepath.Join(coreutils.JfrogLogsDirName, analyzerManagerLogDirName))
if err != nil {
return err
}
if err = os.Setenv(logDirEnvVariable, analyzerManagerLogFolder); errorutils.CheckError(err) != nil {
return err
return nil, err
}
envVars[logDirEnvVariable] = analyzerManagerLogFolder
}
return nil
return
}

func ParseAnalyzerManagerError(scanner jasutils.JasScanType, err error) (formatErr error) {
Expand Down
2 changes: 1 addition & 1 deletion jas/applicability/applicabilitymanager.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -191,7 +191,7 @@ func (asm *ApplicabilityScanManager) createConfigFile(module jfrogappsconfig.Mod
// Runs the analyzerManager app and returns a boolean to indicate whether the user is entitled for
// advance security feature
func (asm *ApplicabilityScanManager) runAnalyzerManager() error {
return asm.scanner.AnalyzerManager.Exec(asm.configFileName, applicabilityScanCommand, filepath.Dir(asm.scanner.AnalyzerManager.AnalyzerManagerFullPath), asm.scanner.ServerDetails)
return asm.scanner.AnalyzerManager.Exec(asm.configFileName, applicabilityScanCommand, filepath.Dir(asm.scanner.AnalyzerManager.AnalyzerManagerFullPath), asm.scanner.ServerDetails, asm.scanner.EnvVars)
}

func removeElementFromSlice(skipDirs []string, element string) []string {
Expand Down
60 changes: 21 additions & 39 deletions jas/common.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,6 @@ import (
"time"
"unicode"

clientutils "github.com/jfrog/jfrog-client-go/utils"

jfrogappsconfig "github.com/jfrog/jfrog-apps-config/go"
"github.com/jfrog/jfrog-cli-core/v2/utils/config"
"github.com/jfrog/jfrog-cli-core/v2/utils/coreutils"
Expand All @@ -39,14 +37,18 @@ type JasScanner struct {
ServerDetails *config.ServerDetails
JFrogAppsConfig *jfrogappsconfig.JFrogAppsConfig
ScannerDirCleanupFunc func() error
EnvVars map[string]string
Exclusions []string
}

func CreateJasScanner(scanner *JasScanner, jfrogAppsConfig *jfrogappsconfig.JFrogAppsConfig, serverDetails *config.ServerDetails, exclusions ...string) (*JasScanner, error) {
func CreateJasScanner(scanner *JasScanner, jfrogAppsConfig *jfrogappsconfig.JFrogAppsConfig, serverDetails *config.ServerDetails, envVars map[string]string, exclusions ...string) (*JasScanner, error) {
var err error
if scanner.AnalyzerManager.AnalyzerManagerFullPath, err = GetAnalyzerManagerExecutable(); err != nil {
return scanner, err
}
if scanner.EnvVars, err = getJasEnvVars(serverDetails, envVars); err != nil {
return scanner, err
}
var tempDir string
if tempDir, err = fileutils.CreateTempDir(); err != nil {
return scanner, err
Expand All @@ -61,6 +63,14 @@ func CreateJasScanner(scanner *JasScanner, jfrogAppsConfig *jfrogappsconfig.JFro
return scanner, err
}

func getJasEnvVars(serverDetails *config.ServerDetails, vars map[string]string) (map[string]string, error) {
amBasicVars, err := GetAnalyzerManagerEnvVariables(serverDetails)
if err != nil {
return nil, err
}
return utils.MergeMaps(utils.ToEnvVarsMap(os.Environ()), amBasicVars, vars), nil
}

func CreateJFrogAppsConfig(workingDirs []string) (*jfrogappsconfig.JFrogAppsConfig, error) {
if jfrogAppsConfig, err := jfrogappsconfig.LoadConfigIfExist(); err != nil {
return nil, errorutils.CheckError(err)
Expand Down Expand Up @@ -203,7 +213,7 @@ func InitJasTest(t *testing.T, workingDirs ...string) (*JasScanner, func()) {
jfrogAppsConfigForTest, err := CreateJFrogAppsConfig(workingDirs)
assert.NoError(t, err)
scanner := &JasScanner{}
scanner, err = CreateJasScanner(scanner, jfrogAppsConfigForTest, &FakeServerDetails)
scanner, err = CreateJasScanner(scanner, jfrogAppsConfigForTest, &FakeServerDetails, GetAnalyzerManagerXscEnvVars(""))
assert.NoError(t, err)
return scanner, func() {
assert.NoError(t, scanner.ScannerDirCleanupFunc())
Expand Down Expand Up @@ -260,44 +270,16 @@ func convertToFilesExcludePatterns(excludePatterns []string) []string {
return patterns
}

func SetAnalyticsMetricsDataForAnalyzerManager(msi string, technologies []techutils.Technology) func() {
errMsg := "failed %s %s environment variable. Cause: %s"
resetAnalyzerManageJfMsiVar, err := clientutils.SetEnvWithResetCallback(utils.JfMsiEnvVariable, msi)
if err != nil {
log.Debug(fmt.Sprintf(errMsg, "setting", utils.JfMsiEnvVariable, err.Error()))
}
func GetAnalyzerManagerXscEnvVars(msi string, technologies ...techutils.Technology) map[string]string {
envVars := map[string]string{utils.JfMsiEnvVariable: msi}
if len(technologies) != 1 {
// Only report analytics for one technology at a time.
return func() {
err = resetAnalyzerManageJfMsiVar()
if err != nil {
log.Debug(fmt.Sprintf(errMsg, "restoring", utils.JfMsiEnvVariable, err.Error()))
}
}
return envVars
}
technology := technologies[0]
resetAnalyzerManagerPackageManagerVar, err := clientutils.SetEnvWithResetCallback(JfPackageManagerEnvVariable, technology.String())
if err != nil {
log.Debug(fmt.Sprintf(errMsg, "setting", JfPackageManagerEnvVariable, err.Error()))
}
resetAnalyzerManagerLanguageVar, err := clientutils.SetEnvWithResetCallback(JfLanguageEnvVariable, string(techutils.TechnologyToLanguage(technology)))
if err != nil {
log.Debug(fmt.Sprintf(errMsg, "setting", JfLanguageEnvVariable, err.Error()))
}
return func() {
err = resetAnalyzerManageJfMsiVar()
if err != nil {
log.Debug(fmt.Sprintf(errMsg, "restoring", utils.JfMsiEnvVariable, err.Error()))
}
err = resetAnalyzerManagerPackageManagerVar()
if err != nil {
log.Debug(fmt.Sprintf(errMsg, "restoring", JfPackageManagerEnvVariable, err.Error()))
}
err = resetAnalyzerManagerLanguageVar()
if err != nil {
log.Debug(fmt.Sprintf(errMsg, "restoring", JfLanguageEnvVariable, err.Error()))
}
}
envVars[JfPackageManagerEnvVariable] = technology.String()
envVars[JfLanguageEnvVariable] = string(techutils.TechnologyToLanguage(technology))
return envVars

}

func IsEntitledForJas(xrayManager *xray.XrayServicesManager, xrayVersion string) (entitled bool, err error) {
Expand Down
Loading

0 comments on commit 99e9404

Please sign in to comment.