Move security content and use Jfrog-CLI-Security embedded plugin (#2413)

jfrog · Jan 18, 2024 · 56b291b · 56b291b
1 parent b1416e8
commit 56b291b
Show file tree

Hide file tree

Showing 25 changed files with 206 additions and 2,177 deletions.
diff --git a/.github/workflows/xrayTests.yml b/.github/workflows/xrayTests.yml
diff --git a/buildtools/cli.go b/buildtools/cli.go
@@ -24,8 +24,12 @@ import (
 	outputFormat "github.com/jfrog/jfrog-cli-core/v2/common/format"
 	"github.com/jfrog/jfrog-cli-core/v2/common/project"
 	corecommon "github.com/jfrog/jfrog-cli-core/v2/docs/common"
+	"github.com/jfrog/jfrog-cli-core/v2/plugins/components"
 	coreConfig "github.com/jfrog/jfrog-cli-core/v2/utils/config"
 	"github.com/jfrog/jfrog-cli-core/v2/utils/coreutils"
+	securityCLI "github.com/jfrog/jfrog-cli-security/cli"
+	securityDocs "github.com/jfrog/jfrog-cli-security/cli/docs"
+	"github.com/jfrog/jfrog-cli-security/commands/scan"
 	terraformdocs "github.com/jfrog/jfrog-cli/docs/artifactory/terraform"
 	"github.com/jfrog/jfrog-cli/docs/artifactory/terraformconfig"
 	"github.com/jfrog/jfrog-cli/docs/buildtools/docker"
@@ -51,7 +55,6 @@ import (
 	yarndocs "github.com/jfrog/jfrog-cli/docs/buildtools/yarn"
 	"github.com/jfrog/jfrog-cli/docs/buildtools/yarnconfig"
 	"github.com/jfrog/jfrog-cli/docs/common"
-	"github.com/jfrog/jfrog-cli/scan"
 	"github.com/jfrog/jfrog-cli/utils/cliutils"
 	"github.com/jfrog/jfrog-client-go/utils/errorutils"
 	"github.com/jfrog/jfrog-client-go/utils/log"
@@ -411,6 +414,9 @@ func MvnCmd(c *cli.Context) (err error) {
 	if err != nil {
 		return err
 	}
+	if xrayScan {
+		commandsUtils.ConditionalUploadScanFunc = scan.ConditionalUploadDefaultScanFunc
+	}
 	filteredMavenArgs, format, err := coreutils.ExtractXrayOutputFormatFromArgs(filteredMavenArgs)
 	if err != nil {
 		return err
@@ -464,6 +470,9 @@ func GradleCmd(c *cli.Context) (err error) {
 	if err != nil {
 		return err
 	}
+	if xrayScan {
+		commandsUtils.ConditionalUploadScanFunc = scan.ConditionalUploadDefaultScanFunc
+	}
 	filteredGradleArgs, format, err := coreutils.ExtractXrayOutputFormatFromArgs(filteredGradleArgs)
 	if err != nil {
 		return err
@@ -687,7 +696,7 @@ func dockerCmd(c *cli.Context) error {
 	case "push":
 		err = pushCmd(c, image)
 	case "scan":
-		return scan.DockerScan(c, image)
+		return dockerScanCmd(c, image)
 	default:
 		err = dockerNativeCmd(c)
 	}
@@ -745,6 +754,14 @@ func pushCmd(c *cli.Context, image string) (err error) {
 	return
 }
 
+func dockerScanCmd(c *cli.Context, imageTag string) error {
+	convertedCtx, err := components.ConvertContext(c, securityDocs.GetCommandFlags(securityDocs.DockerScan)...)
+	if err != nil {
+		return err
+	}
+	return securityCLI.DockerScan(convertedCtx, imageTag)
+}
+
 func dockerNativeCmd(c *cli.Context) error {
 	if show, err := cliutils.ShowCmdHelpIfNeeded(c, c.Args()); show || err != nil {
 		return err
@@ -827,6 +844,9 @@ func NpmPublishCmd(c *cli.Context) (err error) {
 	if err = npmCmd.Init(); err != nil {
 		return err
 	}
+	if npmCmd.GetXrayScan() {
+		commandsUtils.ConditionalUploadScanFunc = scan.ConditionalUploadDefaultScanFunc
+	}
 	printDeploymentView, detailedSummary := log.IsStdErrTerminal(), npmCmd.IsDetailedSummary()
 	if !detailedSummary {
 		npmCmd.SetDetailedSummary(printDeploymentView)

diff --git a/buildtools/help.go b/buildtools/help.go
@@ -4,7 +4,6 @@ import (
 	corecommon "github.com/jfrog/jfrog-cli-core/v2/docs/common"
 	"github.com/jfrog/jfrog-cli/docs/buildtools/dockerpull"
 	"github.com/jfrog/jfrog-cli/docs/buildtools/dockerpush"
-	"github.com/jfrog/jfrog-cli/docs/buildtools/dockerscan"
 	"github.com/jfrog/jfrog-cli/docs/buildtools/npmci"
 	"github.com/jfrog/jfrog-cli/docs/buildtools/npminstall"
 	"github.com/jfrog/jfrog-cli/docs/buildtools/npmpublish"
@@ -35,15 +34,6 @@ func GetBuildToolsHelpCommands() []cli.Command {
 			ArgsUsage: common.CreateEnvVars(),
 			Hidden:    true,
 		},
-		{
-			Name:      "dockerscanhelp",
-			Flags:     cliutils.GetCommandFlags(cliutils.DockerScan),
-			Usage:     dockerscan.GetDescription(),
-			HelpName:  corecommon.CreateUsage("docker scan", dockerscan.GetDescription(), dockerscan.Usage),
-			UsageText: dockerscan.GetArguments(),
-			ArgsUsage: common.CreateEnvVars(),
-			Hidden:    true,
-		},
 		{
 			Name:      "npminstallhelp",
 			Flags:     cliutils.GetCommandFlags(cliutils.NpmInstallCi),

diff --git a/docs/buildtools/dockerscan/help.go b/docs/buildtools/dockerscan/help.go
diff --git a/docs/xray/auditgo/help.go b/docs/xray/auditgo/help.go
diff --git a/docs/xray/auditgradle/help.go b/docs/xray/auditgradle/help.go
diff --git a/docs/xray/auditmvn/help.go b/docs/xray/auditmvn/help.go
diff --git a/docs/xray/auditnpm/help.go b/docs/xray/auditnpm/help.go
diff --git a/docs/xray/auditpip/help.go b/docs/xray/auditpip/help.go
diff --git a/docs/xray/curl/help.go b/docs/xray/curl/help.go
diff --git a/docs/xray/offlineupdate/help.go b/docs/xray/offlineupdate/help.go
diff --git a/docs/xray/scan/help.go b/docs/xray/scan/help.go
diff --git a/go.mod b/go.mod
@@ -10,14 +10,15 @@ require (
 	github.com/jfrog/build-info-go v1.9.20
 	github.com/jfrog/gofrog v1.5.0
 	github.com/jfrog/jfrog-cli-core/v2 v2.47.10
+	github.com/jfrog/jfrog-cli-security v1.0.0
 	github.com/jfrog/jfrog-client-go v1.35.6
 	github.com/jszwec/csvutil v1.9.0
 	github.com/mholt/archiver/v3 v3.5.1
 	github.com/stretchr/testify v1.8.4
 	github.com/testcontainers/testcontainers-go v0.23.0
 	github.com/urfave/cli v1.22.14
 	github.com/xeipuuv/gojsonschema v1.2.0
-	golang.org/x/exp v0.0.0-20240103183307-be819d1f06fc
+	golang.org/x/exp v0.0.0-20240112132812-db7319d0e0e3
 	golang.org/x/term v0.16.0
 	gopkg.in/yaml.v2 v2.4.0
 )
@@ -60,7 +61,7 @@ require (
 	github.com/gookit/color v1.5.4 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
 	github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
-	github.com/jedib0t/go-pretty/v6 v6.5.0 // indirect
+	github.com/jedib0t/go-pretty/v6 v6.5.3 // indirect
 	github.com/jfrog/archiver/v3 v3.5.3 // indirect
 	github.com/jfrog/jfrog-apps-config v1.0.1 // indirect
 	github.com/kevinburke/ssh_config v1.2.0 // indirect
@@ -71,7 +72,7 @@ require (
 	github.com/manifoldco/promptui v0.9.0 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.17 // indirect
-	github.com/mattn/go-runewidth v0.0.13 // indirect
+	github.com/mattn/go-runewidth v0.0.15 // indirect
 	github.com/mattn/go-tty v0.0.3 // indirect
 	github.com/minio/sha256-simd v1.0.1 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
@@ -113,13 +114,13 @@ require (
 	github.com/xo/terminfo v0.0.0-20210125001918-ca9a967f8778 // indirect
 	go.uber.org/atomic v1.9.0 // indirect
 	go.uber.org/multierr v1.9.0 // indirect
-	golang.org/x/crypto v0.17.0 // indirect
+	golang.org/x/crypto v0.18.0 // indirect
 	golang.org/x/mod v0.14.0 // indirect
-	golang.org/x/net v0.19.0 // indirect
-	golang.org/x/sync v0.5.0 // indirect
+	golang.org/x/net v0.20.0 // indirect
+	golang.org/x/sync v0.6.0 // indirect
 	golang.org/x/sys v0.16.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
-	golang.org/x/tools v0.16.0 // indirect
+	golang.org/x/tools v0.17.0 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20231120223509-83a465c0220f // indirect
 	google.golang.org/grpc v1.59.0 // indirect
 	google.golang.org/protobuf v1.31.0 // indirect
@@ -128,7 +129,9 @@ require (
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
 
-replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240116074500-2653d8805fcc
+replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240118100957-b4e1537e91dd
+
+replace github.com/jfrog/jfrog-cli-security => github.com/jfrog/jfrog-cli-security v0.0.0-20240118110600-d44be676f906
 
 // replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20231220102935-c8776c613ad8