Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add logs and add error if serverDetails not provided #189

Merged
merged 5 commits into from
Sep 24, 2024

Conversation

attiasas
Copy link
Contributor

@attiasas attiasas commented Sep 23, 2024

  • The pull request is targeting the dev branch.
  • The code has been validated to compile successfully by running go vet ./....
  • The code has been formatted properly using go fmt ./....
  • All static analysis checks passed.
  • All tests have passed. If this feature is not already covered by the tests, new tests have been added.
  • All changes are detailed at the description. if not already covered at JFrog Documentation, new documentation have been added.

  • Refactor JAS run task to a separate function.
  • Added some logs to report when not entitled / not provided details
  • Return Error if server details are nil at the point of creating the JAS scanner (it should already exists since we ended entitlement request successfully

@attiasas attiasas added bug Something isn't working safe to test Approve running integration tests on a pull request labels Sep 23, 2024
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Sep 23, 2024
@attiasas attiasas added the safe to test Approve running integration tests on a pull request label Sep 23, 2024
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Sep 23, 2024
@attiasas attiasas added the safe to test Approve running integration tests on a pull request label Sep 24, 2024
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Sep 24, 2024
@attiasas attiasas added the safe to test Approve running integration tests on a pull request label Sep 24, 2024
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Sep 24, 2024
Copy link

👍 Frogbot scanned this pull request and did not find any new security issues.


if err != nil {
err = fmt.Errorf("failed to create jas scanner: %s", err.Error())
return
} else if jasScanner == nil {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Under which circumstances that weren't exist before the jasScanner can be nil after we tried to create it? If it is not trivial to infer - please add a comment what can result this

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

look at CreateScanner. if len(serverDetails.Url) == 0 is true we log the usual warning and return nil scanner, we should not continue after that just like the check was at JasRunner. we need a way to separate the case that serverDetails is nil (err, should not be nil at this point) or the user did not configure the right things (URL, warning)

if serverDetails == nil || len(serverDetails.Url) == 0 {
log.Warn("To incorporate the ‘Advanced Security’ scans into the audit output make sure platform url is provided and valid (run 'jf c add' prior to 'jf audit' via CLI, or provide JF_URL via Frogbot)")
// Set the analyzer manager executable path.
if scanner.AnalyzerManager.AnalyzerManagerFullPath, err = jas.GetAnalyzerManagerExecutable(); err != nil {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why are we doing this here? what is changed in the logic that we didn't need it before and now we do?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nothing has changed. the logic was just moved from one place to another. (Refactoring...)

Copy link
Contributor

@eranturgeman eranturgeman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I reviewed the changes, there are few things that are unclear to me (see my comments)
Also, about the serverDetails logs, do you think it would suffice to understand the issue with the POC? We know already they dont have the serverDetails or the ServerUrl at this point. In my PR I wanted to understand what they do have (xrayUrl, artifactoryUrl..) or if they lose this data during the process

@attiasas attiasas merged commit 1aabcef into jfrog:dev Sep 24, 2024
9 checks passed
@attiasas attiasas deleted the add_logs branch September 24, 2024 10:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants