github.com/jfrog/frogbot/v2@v2.21.0/utils/scandetails.go (about) 1 package utils 2 3 import ( 4 "context" 5 "errors" 6 "fmt" 7 "github.com/jfrog/froggit-go/vcsclient" 8 "github.com/jfrog/jfrog-cli-core/v2/utils/config" 9 "github.com/jfrog/jfrog-cli-security/commands/audit" 10 xrayutils "github.com/jfrog/jfrog-cli-security/utils" 11 "github.com/jfrog/jfrog-client-go/utils/log" 12 "github.com/jfrog/jfrog-client-go/xray/services" 13 "path/filepath" 14 ) 15 16 type ScanDetails struct { 17 *Project 18 *Git 19 *services.XrayGraphScanParams 20 *config.ServerDetails 21 client vcsclient.VcsClient 22 failOnInstallationErrors bool 23 fixableOnly bool 24 minSeverityFilter string 25 baseBranch string 26 } 27 28 func NewScanDetails(client vcsclient.VcsClient, server *config.ServerDetails, git *Git) *ScanDetails { 29 return &ScanDetails{client: client, ServerDetails: server, Git: git} 30 } 31 32 func (sc *ScanDetails) SetFailOnInstallationErrors(toFail bool) *ScanDetails { 33 sc.failOnInstallationErrors = toFail 34 return sc 35 } 36 37 func (sc *ScanDetails) SetProject(project *Project) *ScanDetails { 38 sc.Project = project 39 return sc 40 } 41 42 func (sc *ScanDetails) SetXrayGraphScanParams(watches []string, jfrogProjectKey string, includeLicenses bool) *ScanDetails { 43 sc.XrayGraphScanParams = createXrayScanParams(watches, jfrogProjectKey, includeLicenses) 44 return sc 45 } 46 47 func (sc *ScanDetails) SetFixableOnly(fixable bool) *ScanDetails { 48 sc.fixableOnly = fixable 49 return sc 50 } 51 52 func (sc *ScanDetails) SetMinSeverity(minSeverity string) *ScanDetails { 53 sc.minSeverityFilter = minSeverity 54 return sc 55 } 56 57 func (sc *ScanDetails) SetBaseBranch(branch string) *ScanDetails { 58 sc.baseBranch = branch 59 return sc 60 } 61 62 func (sc *ScanDetails) Client() vcsclient.VcsClient { 63 return sc.client 64 } 65 66 func (sc *ScanDetails) BaseBranch() string { 67 return sc.baseBranch 68 } 69 70 func (sc *ScanDetails) FailOnInstallationErrors() bool { 71 return sc.failOnInstallationErrors 72 } 73 74 func (sc *ScanDetails) FixableOnly() bool { 75 return sc.fixableOnly 76 } 77 78 func (sc *ScanDetails) MinSeverityFilter() string { 79 return sc.minSeverityFilter 80 } 81 82 func (sc *ScanDetails) SetRepoOwner(owner string) *ScanDetails { 83 sc.RepoOwner = owner 84 return sc 85 } 86 87 func (sc *ScanDetails) SetRepoName(repoName string) *ScanDetails { 88 sc.RepoName = repoName 89 return sc 90 } 91 92 func createXrayScanParams(watches []string, project string, includeLicenses bool) (params *services.XrayGraphScanParams) { 93 params = &services.XrayGraphScanParams{ 94 ScanType: services.Dependency, 95 IncludeLicenses: includeLicenses, 96 } 97 if len(watches) > 0 { 98 params.Watches = watches 99 return 100 } 101 if project != "" { 102 params.ProjectKey = project 103 return 104 } 105 params.IncludeVulnerabilities = true 106 return 107 } 108 109 func (sc *ScanDetails) RunInstallAndAudit(workDirs ...string) (auditResults *xrayutils.Results, err error) { 110 auditBasicParams := (&xrayutils.AuditBasicParams{}). 111 SetPipRequirementsFile(sc.PipRequirementsFile). 112 SetUseWrapper(*sc.UseWrapper). 113 SetDepsRepo(sc.DepsRepo). 114 SetIgnoreConfigFile(true). 115 SetServerDetails(sc.ServerDetails). 116 SetInstallCommandName(sc.InstallCommandName). 117 SetInstallCommandArgs(sc.InstallCommandArgs) 118 119 auditParams := audit.NewAuditParams(). 120 SetXrayGraphScanParams(sc.XrayGraphScanParams). 121 SetWorkingDirs(workDirs). 122 SetMinSeverityFilter(sc.MinSeverityFilter()). 123 SetFixableOnly(sc.FixableOnly()). 124 SetGraphBasicParams(auditBasicParams) 125 126 auditParams.SetExclusions(sc.PathExclusions).SetIsRecursiveScan(sc.IsRecursiveScan) 127 128 auditResults, err = audit.RunAudit(auditParams) 129 if auditResults != nil { 130 err = errors.Join(err, auditResults.ScaError, auditResults.JasError) 131 } 132 return 133 } 134 135 func (sc *ScanDetails) SetXscGitInfoContext(scannedBranch, gitProject string, client vcsclient.VcsClient) *ScanDetails { 136 XscGitInfoContext, err := sc.createGitInfoContext(scannedBranch, gitProject, client) 137 if err != nil { 138 log.Debug("Failed to create a GitInfoContext for Xsc due to the following error:", err.Error()) 139 return sc 140 } 141 sc.XscGitInfoContext = XscGitInfoContext 142 return sc 143 } 144 145 // CreateGitInfoContext Creates GitInfoContext for XSC scans, this is optional. 146 // ScannedBranch - name of the branch we are scanning. 147 // GitProject - [Optional] relevant for azure repos and Bitbucket server. 148 // Client vscClient 149 func (sc *ScanDetails) createGitInfoContext(scannedBranch, gitProject string, client vcsclient.VcsClient) (gitInfo *services.XscGitInfoContext, err error) { 150 latestCommit, err := client.GetLatestCommit(context.Background(), sc.RepoOwner, sc.RepoName, scannedBranch) 151 if err != nil { 152 return nil, fmt.Errorf("failed getting latest commit, repository: %s, branch: %s. error: %s ", sc.RepoName, scannedBranch, err.Error()) 153 } 154 // In some VCS providers, there are no git projects, fallback to the repository owner. 155 if gitProject == "" { 156 gitProject = sc.RepoOwner 157 } 158 gitInfo = &services.XscGitInfoContext{ 159 // Use Clone URLs as Repo Url, on browsers it will redirect to repository URLS. 160 GitRepoUrl: sc.Git.RepositoryCloneUrl, 161 GitRepoName: sc.RepoName, 162 GitProvider: sc.GitProvider.String(), 163 GitProject: gitProject, 164 BranchName: scannedBranch, 165 LastCommit: latestCommit.Url, 166 CommitHash: latestCommit.Hash, 167 CommitMessage: latestCommit.Message, 168 CommitAuthor: latestCommit.AuthorName, 169 } 170 return 171 } 172 173 func GetFullPathWorkingDirs(workingDirs []string, baseWd string) []string { 174 var fullPathWds []string 175 if len(workingDirs) != 0 { 176 for _, workDir := range workingDirs { 177 if workDir == RootDir { 178 fullPathWds = append(fullPathWds, baseWd) 179 continue 180 } 181 fullPathWds = append(fullPathWds, filepath.Join(baseWd, workDir)) 182 } 183 } else { 184 fullPathWds = append(fullPathWds, baseWd) 185 } 186 return fullPathWds 187 }