Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding Xray Source Control Service #2141

Closed
wants to merge 50 commits into from
Closed

Adding Xray Source Control Service #2141

wants to merge 50 commits into from

Conversation

EyalDelarea
Copy link
Contributor

@EyalDelarea EyalDelarea commented Aug 17, 2023
edited
Loading

  • All tests have passed. If this feature is not already covered by the tests, new tests have been added.
  • The pull request is targeting the dev branch.
  • The code has been validated to compile successfully by running go vet ./....
  • The code has been formatted properly using go fmt ./....

Adding XSC support to JFrog Cli and it's components

  • For users who have XSC enabled in their system, will refer to XSC server instead of Xray.
  • Refactor to allow the future development of XSC service with fallback to Xray.
  • XSC is build on-top of Xray service, meaning unimplemented XSC functions will fallback to default Xray service functions.
  • For start, jf-audit command is implemented to work with XSC, sending extra GitInfoContext object to allow linking scan data to repositories.
  • XSC url is not provided from flag or config. We build it by either taking the platform url and adding suffix, or replace Xray url suffix with /xsc suffix.

How to use

No action from the user is needed, as this is optional.
If the server has XSC, it will query it.

In order to use the new functionality of linking scan information to repository, need to set the XscGitinfoContext object when calling audit command:

auditParams.xrayGraphScanParams.XscGitInfoContext = &scan.XscGitInfoContext{
		GitRepoUrl:    "https://github.com/EyalDelarea/npmexample",
		GitRepoName:   "npmexample",
		GitProject:    "myproject",
		GitProvider:   "github",
		BranchName:    "main",
		LastCommit:    "https://github.com/EyalDelarea/npmexample/commit/02c4eb4065e293d96fdfc70e64a58244eabed399",
		CommitHash:    "02c4eb4065e293d96fdfc70e64a58244eabed399",
		CommitMessage: "test dev deps",
		CommitAuthor:  "eyaldelarea",
		Date:         "2006-01-02T15:04:05Z07:00",
	}

Depends on
JFrog client go jfrog/jfrog-client-go#811
JFrog cli-core jfrog/jfrog-cli-core#896

@EyalDelarea EyalDelarea changed the title Xsc Adding Xray Source Control Service Aug 17, 2023
@EyalDelarea EyalDelarea marked this pull request as ready for review August 17, 2023 11:53
@EyalDelarea EyalDelarea mentioned this pull request Sep 7, 2023
Merged
3 tasks
@EyalDelarea EyalDelarea added the safe to test Approve running integration tests on a pull request label Sep 7, 2023
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Sep 7, 2023
sverdlov93
sverdlov93 reviewed Sep 9, 2023
View reviewed changes
.github/workflows/xrayTests.yml Outdated Show resolved Hide resolved
xray_test.go Outdated
Comment on lines 152 to 155
if !isXsc {
initXrayTest(t, scangraph.GraphScanMinXrayVersion)
}
initXrayTest(t, scangraph.GraphScanMinXrayVersion)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

?

xsc_test.go Outdated Show resolved Hide resolved
xsc_test.go Outdated Show resolved Hide resolved
@EyalDelarea EyalDelarea added the safe to test Approve running integration tests on a pull request label Sep 10, 2023
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Sep 10, 2023
@EyalDelarea
Copy link
Contributor Author

XSC shouldn't be tested via the CLI at this point.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sverdlov93 sverdlov93 sverdlov93 left review comments

Assignees
No one assigned
Labels
improvement Automatically generated release notes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@EyalDelarea @sverdlov93 @omerzi @eyalbe4