From b0fc75518a64dbadab8d1695096d0e70346d1904 Mon Sep 17 00:00:00 2001 From: yahavi Date: Mon, 11 Sep 2023 12:50:19 +0300 Subject: [PATCH] Fix sast --- xray/commands/audit/jas/common.go | 1 + xray/commands/audit/jas/sast/sastscanner.go | 9 +++++++-- xray/utils/analyzermanager.go | 10 ++++++++-- 3 files changed, 16 insertions(+), 4 deletions(-) diff --git a/xray/commands/audit/jas/common.go b/xray/commands/audit/jas/common.go index 0366b582a..1d5c2fc6c 100644 --- a/xray/commands/audit/jas/common.go +++ b/xray/commands/audit/jas/common.go @@ -161,6 +161,7 @@ func CreateScannersConfigFile(fileName string, fileContent interface{}) error { return err } err = os.WriteFile(fileName, yamlData, 0644) + log.Debug("Input YAML:\n" + string(yamlData)) return errorutils.CheckError(err) } diff --git a/xray/commands/audit/jas/sast/sastscanner.go b/xray/commands/audit/jas/sast/sastscanner.go index 00a4ec9a9..eb99e96b1 100644 --- a/xray/commands/audit/jas/sast/sastscanner.go +++ b/xray/commands/audit/jas/sast/sastscanner.go @@ -1,6 +1,8 @@ package sast import ( + "path/filepath" + jfrogappsconfig "github.com/jfrog/jfrog-apps-config/go" "github.com/jfrog/jfrog-cli-core/v2/xray/commands/audit/jas" "github.com/jfrog/jfrog-cli-core/v2/xray/utils" @@ -8,6 +10,7 @@ import ( ) const ( + sastScannerType = "sast" sastScanCommand = "zd" ) @@ -44,7 +47,7 @@ func (ssm *SastScanManager) Run(module jfrogappsconfig.Module) (err error) { if err = ssm.createConfigFile(module); err != nil { return } - if err = ssm.runAnalyzerManager(module.SourceRoot); err != nil { + if err = ssm.runAnalyzerManager(filepath.Dir(ssm.scanner.AnalyzerManager.AnalyzerManagerFullPath)); err != nil { return } var workingDirResults []utils.SourceCodeScanResult @@ -60,6 +63,7 @@ type sastScanConfig struct { } type scanConfiguration struct { + Type string `yaml:"type"` Roots []string `yaml:"roots,omitempty"` Languages []string `yaml:"language,omitempty"` ExcludePatterns []string `yaml:"exclude_patterns,omitempty"` @@ -78,6 +82,7 @@ func (ssm *SastScanManager) createConfigFile(module jfrogappsconfig.Module) erro configFileContent := sastScanConfig{ Scans: []scanConfiguration{ { + Type: sastScannerType, Roots: roots, Languages: []string{sastScanner.Language}, ExcludedRules: sastScanner.ExcludedRules, @@ -89,5 +94,5 @@ func (ssm *SastScanManager) createConfigFile(module jfrogappsconfig.Module) erro } func (ssm *SastScanManager) runAnalyzerManager(wd string) error { - return ssm.scanner.AnalyzerManager.ExecWithOutputFile(ssm.scanner.ResultsFileName, sastScanCommand, wd, ssm.scanner.ResultsFileName, ssm.scanner.ServerDetails) + return ssm.scanner.AnalyzerManager.ExecWithOutputFile(ssm.scanner.ConfigFileName, sastScanCommand, wd, ssm.scanner.ResultsFileName, ssm.scanner.ServerDetails) } diff --git a/xray/utils/analyzermanager.go b/xray/utils/analyzermanager.go index d286e2b6c..7bb23f98b 100644 --- a/xray/utils/analyzermanager.go +++ b/xray/utils/analyzermanager.go @@ -130,8 +130,14 @@ func (am *AnalyzerManager) ExecWithOutputFile(configFile, scanCommand, workingDi if err = SetAnalyzerManagerEnvVariables(serverDetails); err != nil { return err } - log.Debug("Executing", am.AnalyzerManagerFullPath, scanCommand, outputFile, configFile) - cmd := exec.Command(am.AnalyzerManagerFullPath, scanCommand, outputFile, configFile) + var cmd *exec.Cmd + if len(outputFile) > 0 { + log.Debug("Executing", am.AnalyzerManagerFullPath, scanCommand, configFile, outputFile) + cmd = exec.Command(am.AnalyzerManagerFullPath, scanCommand, configFile, outputFile) + } else { + log.Debug("Executing", am.AnalyzerManagerFullPath, scanCommand, configFile) + cmd = exec.Command(am.AnalyzerManagerFullPath, scanCommand, configFile) + } defer func() { if !cmd.ProcessState.Exited() { if killProcessError := cmd.Process.Kill(); errorutils.CheckError(killProcessError) != nil {