Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added centralized config resolution and utilization for Scan-PR flow #740

Merged
merged 20 commits into from
Sep 5, 2024
Merged

Added centralized config resolution and utilization for Scan-PR flow #740

merged 20 commits into from
Sep 5, 2024

Conversation

eranturgeman
Copy link
Contributor

@eranturgeman eranturgeman commented Aug 15, 2024
edited
Loading

  • All tests passed. If this feature is not already covered by the tests, I added new tests.
  • This pull request is on the dev branch.
  • I used gofmt for formatting the code before submitting the pull request.
  • Update documentation about new features / new supported technologies

IMPORTANT NOTE: This new capability is currently intended for use by JFrog internal processes ONLY! It will not be supported for customers until the official release!

This PR introduces the integration of a new config profile into the Frogbot Scan-PR flow.
Note: Currently, we only support a single-module profile with a '.' as the path_from_root. Profiles with different settings will be rejected, causing the flow to fail.

As an initial integration step, the only fields considered from the config profile, if provided, are enable_sast_scan and enable_secrets_scan. All other scan-related configurations in the profile will be ignored.

When a config profile is used for the scan, only the SAST and Secrets scanners can be activated. Other requested scanners, such as SCA, IaC, and CA, will not be executed.

If a config profile is provided, it takes priority over the jfrog-apps-config.yml file.

@eranturgeman eranturgeman added safe to test Approve running integration tests on a pull request ignore for release Automatically generated release notes labels Aug 19, 2024
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Aug 19, 2024
@eranturgeman eranturgeman added the safe to test Approve running integration tests on a pull request label Aug 19, 2024
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Aug 19, 2024
@eranturgeman eranturgeman added the safe to test Approve running integration tests on a pull request label Aug 20, 2024
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Aug 20, 2024
@eranturgeman eranturgeman added the safe to test Approve running integration tests on a pull request label Aug 21, 2024
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Aug 21, 2024
@eranturgeman eranturgeman added the safe to test Approve running integration tests on a pull request label Aug 21, 2024
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Aug 21, 2024
hadarshjfrog
hadarshjfrog reviewed Aug 25, 2024
View reviewed changes
utils/consts.go Outdated Show resolved Hide resolved
attiasas
attiasas requested changes Aug 29, 2024
View reviewed changes
Copy link
Contributor

@attiasas attiasas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, take a look at my comments

utils/consts.go Outdated Show resolved Hide resolved
utils/params.go Outdated Show resolved Hide resolved
utils/params_test.go Outdated Show resolved Hide resolved
utils/testsutils.go Outdated Show resolved Hide resolved
utils/testsutils.go Outdated Show resolved Hide resolved
@eranturgeman eranturgeman added the safe to test Approve running integration tests on a pull request label Sep 4, 2024
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Sep 4, 2024
@eranturgeman eranturgeman added the safe to test Approve running integration tests on a pull request label Sep 5, 2024
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Sep 5, 2024
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Sep 5, 2024

👍 Frogbot scanned this pull request and did not find any new security issues.

@eranturgeman eranturgeman merged commit bce4aee into jfrog:dev Sep 5, 2024
33 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hadarshjfrog hadarshjfrog hadarshjfrog left review comments

@attiasas attiasas attiasas requested changes

Assignees
No one assigned
Labels
ignore for release Automatically generated release notes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@eranturgeman @attiasas @hadarshjfrog