Upgrade JFrog CLI and set usage vars to be captured by JFrog CLI (#237)

action.yml

@@ -4,7 +4,7 @@ author: "JFrog"
 inputs:
     version:
         description: "JFrog CLI Version"
-        default: "2.72.2"
+        default: "2.72.3"
         required: false
     download-repository:
         description: "Remote repository in Artifactory pointing to 'https://releases.jfrog.io/artifactory/jfrog-cli'. Use this parameter in case you don't have an Internet access."

lib/utils.js

@@ -59,6 +59,9 @@ class Utils {
             let jfrogCredentials = this.collectJfrogCredentialsFromEnvVars();
             const oidcProviderName = core.getInput(Utils.OIDC_INTEGRATION_PROVIDER_NAME);
             if (!oidcProviderName) {
+                // Set environment variable to track OIDC usage.
+                core.exportVariable('JFROG_CLI_USAGE_CONFIG_OIDC', '');
+                core.exportVariable('JFROG_CLI_USAGE_OIDC_USED', 'FALSE');
                 // Use JF_ENV or the credentials found in the environment variables
                 return jfrogCredentials;
             }
@@ -78,8 +81,9 @@ class Utils {
             const applicationKey = yield this.getApplicationKey();
             try {
                 jfrogCredentials = yield this.getJfrogAccessTokenThroughOidcProtocol(jfrogCredentials, jsonWebToken, oidcProviderName, applicationKey);
-                // Set environment variable to track OIDC logins in the usage report.
+                // Set environment variable to track OIDC usage.
                 core.exportVariable('JFROG_CLI_USAGE_CONFIG_OIDC', 'TRUE');
+                core.exportVariable('JFROG_CLI_USAGE_OIDC_USED', 'TRUE');
                 return jfrogCredentials;
             }
             catch (error) {
@@ -98,7 +102,7 @@ class Utils {
      */
     static getApplicationKey() {
         return __awaiter(this, void 0, void 0, function* () {
-            const configFilePath = path.join(this.JF_CONFIG_DIR_NAME, this.JF_CONFIG_FILE);
+            const configFilePath = path.join(this.JF_CONFIG_DIR_NAME, this.JF_CONFIG_FILE_NAME);
             try {
                 const config = yield this.readConfigFromFileSystem(configFilePath);
                 if (!config) {
@@ -445,6 +449,23 @@ class Utils {
         if (!core.getBooleanInput(Utils.JOB_SUMMARY_DISABLE)) {
             Utils.enableJobSummaries();
         }
+        Utils.setUsageEnvVars();
+    }
+    // Set usage variables to be captured by JFrog CLI.
+    static setUsageEnvVars() {
+        // Repository name, defaulting to an empty string if undefined.
+        const repoName = process.env.GITHUB_REPOSITORY || '';
+        // Workflow name, defaulting to an empty string if undefined.
+        const jobId = process.env.GITHUB_WORKFLOW || '';
+        // Run ID, defaulting to an empty string if undefined.
+        const runId = process.env.GITHUB_RUN_ID || '';
+        // Boolean flag indicating if JF_GIT_TOKEN is set.
+        const jfGitTokenSet = !!process.env.JF_GIT_TOKEN;
+        // Export environment variables for JFrog CLI usage.
+        core.exportVariable('JFROG_CLI_USAGE_JOB_ID', jobId);
+        core.exportVariable('JFROG_CLI_USAGE_RUN_ID', runId);
+        core.exportVariable('JFROG_CLI_USAGE_GIT_REPO', repoName);
+        core.exportVariable('JFROG_CLI_USAGE_GH_TOKEN_FOR_CODE_SCANNING_ALERTS_PROVIDED', jfGitTokenSet);
     }
     /**
      * Enabling job summary is done by setting the output dir for the summaries.
@@ -885,7 +906,7 @@ Utils.KEY = 'key';
 // Config file directory name
 Utils.JF_CONFIG_DIR_NAME = '.jfrog';
 // Config file name
-Utils.JF_CONFIG_FILE = 'config.yml';
+Utils.JF_CONFIG_FILE_NAME = 'config.yml';
 // Disable Job Summaries feature flag
 Utils.JOB_SUMMARY_DISABLE = 'disable-job-summary';
 // Disable auto build info publish feature flag

src/utils.ts

@@ -93,6 +93,10 @@ export class Utils {
         let jfrogCredentials: JfrogCredentials = this.collectJfrogCredentialsFromEnvVars();
         const oidcProviderName: string = core.getInput(Utils.OIDC_INTEGRATION_PROVIDER_NAME);
         if (!oidcProviderName) {
+            // Set environment variable to track OIDC usage.
+            core.exportVariable('JFROG_CLI_USAGE_CONFIG_OIDC', '');
+            core.exportVariable('JFROG_CLI_USAGE_OIDC_USED', 'FALSE');
+
             // Use JF_ENV or the credentials found in the environment variables
             return jfrogCredentials;
         }
@@ -113,8 +117,10 @@ export class Utils {
         const applicationKey: string = await this.getApplicationKey();
         try {
             jfrogCredentials = await this.getJfrogAccessTokenThroughOidcProtocol(jfrogCredentials, jsonWebToken, oidcProviderName, applicationKey);
-            // Set environment variable to track OIDC logins in the usage report.
+
+            // Set environment variable to track OIDC usage.
             core.exportVariable('JFROG_CLI_USAGE_CONFIG_OIDC', 'TRUE');
+            core.exportVariable('JFROG_CLI_USAGE_OIDC_USED', 'TRUE');
             return jfrogCredentials;
         } catch (error: any) {
             throw new Error(`Exchanging JSON web token with an access token failed: ${error.message}`);
@@ -513,6 +519,20 @@ export class Utils {
         if (!core.getBooleanInput(Utils.JOB_SUMMARY_DISABLE)) {
             Utils.enableJobSummaries();
         }
+
+        Utils.setUsageEnvVars()
+    }
+
+    // Set usage variables to be captured by JFrog CLI visibility metric service.
+    public static setUsageEnvVars(): void {
+        // Set the GitHub repository name or default to an empty string.
+        core.exportVariable('JFROG_CLI_USAGE_GIT_REPO', process.env.GITHUB_REPOSITORY ?? '');
+        // Set the GitHub workflow name or default to an empty string.
+        core.exportVariable('JFROG_CLI_USAGE_JOB_ID', process.env.GITHUB_WORKFLOW ?? '');
+        // Set the GitHub run ID or default to an empty string.
+        core.exportVariable('JFROG_CLI_USAGE_RUN_ID', process.env.GITHUB_RUN_ID ?? '');
+        // Indicate if JF_GIT_TOKEN is provided as an environment variable.
+        core.exportVariable('JFROG_CLI_USAGE_GH_TOKEN_FOR_CODE_SCANNING_ALERTS_PROVIDED', !!process.env.JF_GIT_TOKEN);
     }
 
     /**

test/main.spec.ts

@@ -528,3 +528,44 @@ describe('getApplicationKey', () => {
         expect(result).toBe('');
     });
 });
+
+describe('setUsageEnvVars', () => {
+    beforeEach(() => {
+        // Clear environment variables before each test
+        delete process.env.GITHUB_REPOSITORY;
+        delete process.env.GITHUB_WORKFLOW;
+        delete process.env.GITHUB_RUN_ID;
+        delete process.env.JF_GIT_TOKEN;
+
+        jest.clearAllMocks();
+    });
+
+    it('should export the correct environment variables when all inputs are set', () => {
+        // Mock environment variables
+        process.env.GITHUB_REPOSITORY = 'owner/repo';
+        process.env.GITHUB_WORKFLOW = 'test-workflow';
+        process.env.GITHUB_RUN_ID = '12345';
+        process.env.JF_GIT_TOKEN = 'dummy-token';
+
+        // Call the function
+        Utils.setUsageEnvVars();
+
+        // Verify exported variables
+        expect(core.exportVariable).toHaveBeenCalledWith('JFROG_CLI_USAGE_JOB_ID', 'test-workflow');
+        expect(core.exportVariable).toHaveBeenCalledWith('JFROG_CLI_USAGE_RUN_ID', '12345');
+        expect(core.exportVariable).toHaveBeenCalledWith('JFROG_CLI_USAGE_GIT_REPO', 'owner/repo');
+        expect(core.exportVariable).toHaveBeenCalledWith('JFROG_CLI_USAGE_GH_TOKEN_FOR_CODE_SCANNING_ALERTS_PROVIDED', true);
+    });
+
+    it('should export empty strings for missing environment variables', () => {
+        // Call the function with no environment variables set
+        Utils.setUsageEnvVars();
+
+        // Verify exported variables
+        expect(core.exportVariable).toHaveBeenCalledWith('JFROG_CLI_USAGE_JOB_ID', '');
+        expect(core.exportVariable).toHaveBeenCalledWith('JFROG_CLI_USAGE_RUN_ID', '');
+        expect(core.exportVariable).toHaveBeenCalledWith('JFROG_CLI_USAGE_GIT_REPO', '');
+        expect(core.exportVariable).toHaveBeenCalledWith('JFROG_CLI_USAGE_GH_TOKEN_FOR_CODE_SCANNING_ALERTS_PROVIDED', false);
+    });
+});
+