diff --git a/go.mod b/go.mod index cf334f972..6c154e54f 100644 --- a/go.mod +++ b/go.mod @@ -97,6 +97,6 @@ require ( replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go v1.28.1-0.20230906115540-2c3c91d271d6 -replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20230905120411-62d1bdd4eb38 +replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20230907115821-300055da003e // replace github.com/jfrog/gofrog => github.com/jfrog/gofrog v1.2.6-0.20230418122323-2bf299dd6d27 diff --git a/go.sum b/go.sum index c05d1c7f1..a15cb21df 100644 --- a/go.sum +++ b/go.sum @@ -194,8 +194,8 @@ github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOl github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= github.com/jedib0t/go-pretty/v6 v6.4.7 h1:lwiTJr1DEkAgzljsUsORmWsVn5MQjt1BPJdPCtJ6KXE= github.com/jedib0t/go-pretty/v6 v6.4.7/go.mod h1:Ndk3ase2CkQbXLLNf5QDHoYb6J9WtVfmHZu9n8rk2xs= -github.com/jfrog/build-info-go v1.8.9-0.20230905120411-62d1bdd4eb38 h1:XyAcwWP2a6a5RL861gkfgQ7MUaQ7mmDkUVoD6kMtUtQ= -github.com/jfrog/build-info-go v1.8.9-0.20230905120411-62d1bdd4eb38/go.mod h1:QEskae5fQpjeY2PBzsjWtUQVskYSNDF2sSmw/Gx44dQ= +github.com/jfrog/build-info-go v1.8.9-0.20230907115821-300055da003e h1:m2XFar8L02NwUoG66rZzVwLopgfxoeOAvOca7bIFtTw= +github.com/jfrog/build-info-go v1.8.9-0.20230907115821-300055da003e/go.mod h1:QEskae5fQpjeY2PBzsjWtUQVskYSNDF2sSmw/Gx44dQ= github.com/jfrog/gofrog v1.3.0 h1:o4zgsBZE4QyDbz2M7D4K6fXPTBJht+8lE87mS9bw7Gk= github.com/jfrog/gofrog v1.3.0/go.mod h1:IFMc+V/yf7rA5WZ74CSbXe+Lgf0iApEQLxRZVzKRUR0= github.com/jfrog/jfrog-apps-config v1.0.1 h1:mtv6k7g8A8BVhlHGlSveapqf4mJfonwvXYLipdsOFMY= diff --git a/xray/commands/audit/jas/common.go b/xray/commands/audit/jas/common.go index 21e37fb76..0366b582a 100644 --- a/xray/commands/audit/jas/common.go +++ b/xray/commands/audit/jas/common.go @@ -215,15 +215,19 @@ func ShouldSkipScanner(module jfrogappsconfig.Module, scanType utils.JasScanType return false } -func GetSourceRoots(module jfrogappsconfig.Module, scanner *jfrogappsconfig.Scanner) []string { +func GetSourceRoots(module jfrogappsconfig.Module, scanner *jfrogappsconfig.Scanner) ([]string, error) { + root, err := filepath.Abs(module.SourceRoot) + if err != nil { + return []string{}, errorutils.CheckError(err) + } if scanner == nil || len(scanner.WorkingDirs) == 0 { - return []string{module.SourceRoot} + return []string{root}, errorutils.CheckError(err) } var roots []string for _, workingDir := range scanner.WorkingDirs { - roots = append(roots, filepath.Join(module.SourceRoot, workingDir)) + roots = append(roots, filepath.Join(root, workingDir)) } - return roots + return roots, nil } func GetExcludePatterns(module jfrogappsconfig.Module, scanner *jfrogappsconfig.Scanner) []string { diff --git a/xray/commands/audit/jas/common_test.go b/xray/commands/audit/jas/common_test.go index 6a4ccfa6a..eaa1e1056 100644 --- a/xray/commands/audit/jas/common_test.go +++ b/xray/commands/audit/jas/common_test.go @@ -90,11 +90,22 @@ var getSourceRootsCases = []struct { } func TestGetSourceRoots(t *testing.T) { - module := jfrogappsconfig.Module{SourceRoot: "source-root"} + testGetSourceRoots(t, "source-root") +} + +func TestGetSourceRootsEmptySourceRoot(t *testing.T) { + testGetSourceRoots(t, "") +} + +func testGetSourceRoots(t *testing.T, sourceRoot string) { + sourceRoot, err := filepath.Abs(sourceRoot) + assert.NoError(t, err) + module := jfrogappsconfig.Module{SourceRoot: sourceRoot} for _, testCase := range getSourceRootsCases { t.Run("", func(t *testing.T) { scanner := testCase.scanner - actualSourceRoots := GetSourceRoots(module, scanner) + actualSourceRoots, err := GetSourceRoots(module, scanner) + assert.NoError(t, err) if scanner == nil { assert.ElementsMatch(t, []string{module.SourceRoot}, actualSourceRoots) return diff --git a/xray/commands/audit/jas/iac/iacscanner.go b/xray/commands/audit/jas/iac/iacscanner.go index f47016273..23cbc9e32 100644 --- a/xray/commands/audit/jas/iac/iacscanner.go +++ b/xray/commands/audit/jas/iac/iacscanner.go @@ -79,10 +79,14 @@ type iacScanConfiguration struct { } func (iac *IacScanManager) createConfigFile(module jfrogappsconfig.Module) error { + roots, err := jas.GetSourceRoots(module, module.Scanners.Iac) + if err != nil { + return err + } configFileContent := iacScanConfig{ Scans: []iacScanConfiguration{ { - Roots: jas.GetSourceRoots(module, module.Scanners.Iac), + Roots: roots, Output: iac.scanner.ResultsFileName, Type: iacScannerType, SkippedDirs: jas.GetExcludePatterns(module, module.Scanners.Iac), diff --git a/xray/commands/audit/jas/sast/sastscanner.go b/xray/commands/audit/jas/sast/sastscanner.go index 1aa7c954b..00a4ec9a9 100644 --- a/xray/commands/audit/jas/sast/sastscanner.go +++ b/xray/commands/audit/jas/sast/sastscanner.go @@ -71,10 +71,14 @@ func (ssm *SastScanManager) createConfigFile(module jfrogappsconfig.Module) erro if sastScanner == nil { sastScanner = &jfrogappsconfig.SastScanner{} } + roots, err := jas.GetSourceRoots(module, &sastScanner.Scanner) + if err != nil { + return err + } configFileContent := sastScanConfig{ Scans: []scanConfiguration{ { - Roots: jas.GetSourceRoots(module, &sastScanner.Scanner), + Roots: roots, Languages: []string{sastScanner.Language}, ExcludedRules: sastScanner.ExcludedRules, ExcludePatterns: jas.GetExcludePatterns(module, &sastScanner.Scanner), diff --git a/xray/commands/audit/jas/secrets/secretsscanner.go b/xray/commands/audit/jas/secrets/secretsscanner.go index c05b14341..2e744b33e 100644 --- a/xray/commands/audit/jas/secrets/secretsscanner.go +++ b/xray/commands/audit/jas/secrets/secretsscanner.go @@ -77,10 +77,14 @@ type secretsScanConfiguration struct { } func (s *SecretScanManager) createConfigFile(module jfrogappsconfig.Module) error { + roots, err := jas.GetSourceRoots(module, module.Scanners.Secrets) + if err != nil { + return err + } configFileContent := secretsScanConfig{ Scans: []secretsScanConfiguration{ { - Roots: jas.GetSourceRoots(module, module.Scanners.Iac), + Roots: roots, Output: s.scanner.ResultsFileName, Type: secretsScannerType, SkippedDirs: jas.GetExcludePatterns(module, module.Scanners.Secrets),