Skip to content

Commit

Permalink
Add skip-auto-install capability in Scan-Repository flow (#758)
Browse files Browse the repository at this point in the history
  • Loading branch information
@eranturgeman
eranturgeman authored Oct 10, 2024
1 parent 1f5619f commit c134d47
Show file tree
Hide file tree
Showing 7 changed files with 25 additions and 9 deletions.
4 changes: 2 additions & 2 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ require (
github.com/go-git/go-git/v5 v5.12.0
github.com/golang/mock v1.6.0
github.com/google/go-github/v45 v45.2.0
github.com/jfrog/build-info-go v1.10.1
github.com/jfrog/build-info-go v1.10.2
github.com/jfrog/froggit-go v1.16.1
github.com/jfrog/gofrog v1.7.6
github.com/jfrog/jfrog-cli-core/v2 v2.56.0
Expand Down Expand Up @@ -119,7 +119,7 @@ require (
gopkg.in/warnings.v0 v0.1.2 // indirect
)

// replace github.com/jfrog/jfrog-cli-security => github.com/jfrog/jfrog-cli-security dev
replace github.com/jfrog/jfrog-cli-security => github.com/jfrog/jfrog-cli-security v1.11.2-0.20241010143603-1ddff2afcc68

// replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 dev

Expand Down
8 changes: 4 additions & 4 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -891,8 +891,8 @@ github.com/jedib0t/go-pretty/v6 v6.5.9 h1:ACteMBRrrmm1gMsXe9PSTOClQ63IXDUt03H5U+
github.com/jedib0t/go-pretty/v6 v6.5.9/go.mod h1:zbn98qrYlh95FIhwwsbIip0LYpwSG8SUOScs+v9/t0E=
github.com/jfrog/archiver/v3 v3.6.1 h1:LOxnkw9pOn45DzCbZNFV6K0+6dCsQ0L8mR3ZcujO5eI=
github.com/jfrog/archiver/v3 v3.6.1/go.mod h1:VgR+3WZS4N+i9FaDwLZbq+jeU4B4zctXL+gL4EMzfLw=
github.com/jfrog/build-info-go v1.10.1 h1:5nLrpFjbV2zuBdmJXW2nybAz5vyu+qDkOtR7v0ehi8s=
github.com/jfrog/build-info-go v1.10.1/go.mod h1:JcISnovFXKx3wWf3p1fcMmlPdt6adxScXvoJN4WXqIE=
github.com/jfrog/build-info-go v1.10.2 h1:RCCBsahRNYOm3W7Z9tAL/ixBLzrOzm4mTgI2N6jvqsw=
github.com/jfrog/build-info-go v1.10.2/go.mod h1:JcISnovFXKx3wWf3p1fcMmlPdt6adxScXvoJN4WXqIE=
github.com/jfrog/froggit-go v1.16.1 h1:FBIM1qevX/ag9unfmpGzfmZ36D8ulOJ+DPTSFUk3l5U=
github.com/jfrog/froggit-go v1.16.1/go.mod h1:TEJSzgiV+3D/GVGE8Y6j46ut1jrBLD1FL6WdMdKwwCE=
github.com/jfrog/gofrog v1.7.6 h1:QmfAiRzVyaI7JYGsB7cxfAJePAZTzFz0gRWZSE27c6s=
Expand All @@ -901,8 +901,8 @@ github.com/jfrog/jfrog-apps-config v1.0.1 h1:mtv6k7g8A8BVhlHGlSveapqf4mJfonwvXYL
github.com/jfrog/jfrog-apps-config v1.0.1/go.mod h1:8AIIr1oY9JuH5dylz2S6f8Ym2MaadPLR6noCBO4C22w=
github.com/jfrog/jfrog-cli-core/v2 v2.56.0 h1:rCNKhfESgsq0o6//gU1mNCvuCboE5BMfycj/RM/gq8k=
github.com/jfrog/jfrog-cli-core/v2 v2.56.0/go.mod h1:D8m0L8GCZiYCY9MjhnWY4egCqyVlU2iZsVA0yysBsVw=
github.com/jfrog/jfrog-cli-security v1.11.1 h1:UoOY0XtlTfgp1szeE9+i5SE791VoafMK+TeySMHSFic=
github.com/jfrog/jfrog-cli-security v1.11.1/go.mod h1:0vBYBP1jztDf5e25Ww3CkQAA1C609CAccz9NJLoSoRk=
github.com/jfrog/jfrog-cli-security v1.11.2-0.20241010143603-1ddff2afcc68 h1:RHnbGo11hpGgXi0lqHjWdzE+WBa3FME6JoTzlXgLrKs=
github.com/jfrog/jfrog-cli-security v1.11.2-0.20241010143603-1ddff2afcc68/go.mod h1:/HEP53u2qnAtgOQMZR30lGrQH0s45kFhzP5NDII1fOo=
github.com/jfrog/jfrog-client-go v1.47.0 h1:OBMB6TxqziBByjuk6hm0BM30pQwOb3XzjZKf/cmwCeM=
github.com/jfrog/jfrog-client-go v1.47.0/go.mod h1:UxzL9Q4pDoM+HQjSuQiGNakyoJNuxqPSs35/amBJvdY=
github.com/jordan-wright/email v4.0.1-0.20210109023952-943e75fe5223+incompatible h1:jdpOPRN1zP63Td1hDQbZW73xKmzDvZHzVdNYxhnTMDA=
Expand Down
3 changes: 2 additions & 1 deletion scanpullrequest/scanpullrequest.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -133,7 +133,8 @@ func auditPullRequest(repoConfig *utils.Repository, client vcsclient.VcsClient,
SetXrayGraphScanParams(repoConfig.Watches, repoConfig.JFrogProjectKey, len(repoConfig.AllowedLicenses) > 0).
SetFixableOnly(repoConfig.FixableOnly).
SetFailOnInstallationErrors(*repoConfig.FailOnSecurityIssues).
SetConfigProfile(repoConfig.ConfigProfile)
SetConfigProfile(repoConfig.ConfigProfile).
SetSkipAutoInstall(repoConfig.SkipAutoInstall)
if scanDetails, err = scanDetails.SetMinSeverity(repoConfig.MinSeverity); err != nil {
return
}
Expand Down
3 changes: 2 additions & 1 deletion scanrepository/scanrepository.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,8 @@ func (cfp *ScanRepositoryCmd) setCommandPrerequisites(repository *utils.Reposito
cfp.scanDetails = utils.NewScanDetails(client, &repository.Server, &repository.Git).
SetXrayGraphScanParams(repository.Watches, repository.JFrogProjectKey, len(repository.AllowedLicenses) > 0).
SetFailOnInstallationErrors(*repository.FailOnSecurityIssues).
SetFixableOnly(repository.FixableOnly)
SetFixableOnly(repository.FixableOnly).
SetSkipAutoInstall(repository.SkipAutoInstall)
if cfp.scanDetails, err = cfp.scanDetails.SetMinSeverity(repository.MinSeverity); err != nil {
return
}
Expand Down
1 change: 1 addition & 0 deletions utils/consts.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,7 @@ const (
FixableOnlyEnv = "JF_FIXABLE_ONLY"
DetectionOnlyEnv = "JF_SKIP_AUTOFIX"
AllowedLicensesEnv = "JF_ALLOWED_LICENSES"
SkipAutoInstallEnv = "JF_SKIP_AUTO_INSTALL"
WatchesDelimiter = ","

// Email related environment variables
Expand Down
6 changes: 6 additions & 0 deletions utils/params.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -157,6 +157,7 @@ type Scan struct {
Projects []Project `yaml:"projects,omitempty"`
EmailDetails `yaml:",inline"`
ConfigProfile *services.ConfigProfile
SkipAutoInstall bool
}

type EmailDetails struct {
Expand Down Expand Up @@ -235,6 +236,11 @@ func (s *Scan) setDefaultsIfNeeded() (err error) {
}
s.MinSeverity = severity.String()
}
if !s.SkipAutoInstall {
if s.SkipAutoInstall, err = getBoolEnv(SkipAutoInstallEnv, false); err != nil {
return
}
}
if len(s.Projects) == 0 {
s.Projects = append(s.Projects, Project{})
}
Expand Down
9 changes: 8 additions & 1 deletion utils/scandetails.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ type ScanDetails struct {
client vcsclient.VcsClient
failOnInstallationErrors bool
fixableOnly bool
skipAutoInstall bool
minSeverityFilter severityutils.Severity
baseBranch string
configProfile *clientservices.ConfigProfile
Expand Down Expand Up @@ -56,6 +57,11 @@ func (sc *ScanDetails) SetFixableOnly(fixable bool) *ScanDetails {
return sc
}

func (sc *ScanDetails) SetSkipAutoInstall(skipAutoInstall bool) *ScanDetails {
sc.skipAutoInstall = skipAutoInstall
return sc
}

func (sc *ScanDetails) SetMinSeverity(minSeverity string) (*ScanDetails, error) {
if minSeverity == "" {
return sc, nil
Expand Down Expand Up @@ -154,7 +160,8 @@ func (sc *ScanDetails) RunInstallAndAudit(workDirs ...string) (auditResults *xra
SetServerDetails(sc.ServerDetails).
SetInstallCommandName(sc.InstallCommandName).
SetInstallCommandArgs(sc.InstallCommandArgs).SetUseJas(true).
SetTechnologies(sc.GetTechFromInstallCmdIfExists())
SetTechnologies(sc.GetTechFromInstallCmdIfExists()).
SetSkipAutoInstall(sc.skipAutoInstall)

auditParams := audit.NewAuditParams().
SetWorkingDirs(workDirs).
Expand Down

0 comments on commit c134d47

Please sign in to comment.