Skip to content

Commit

Permalink
Add technologies contextual analysis support flag (jfrog#863)
Browse files Browse the repository at this point in the history
  • Loading branch information
omerzi authored Jul 20, 2023
1 parent 981ab0a commit 4befe41
Show file tree
Hide file tree
Showing 11 changed files with 235 additions and 314 deletions.
2 changes: 1 addition & 1 deletion artifactory/utils/dependenciesutils.go
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ func DownloadAnalyzerManagerIfNeeded() error {
}
}
// Download & unzip the analyzer manager files
log.Info("The 'Analyzer Manager' app is not cached locally. Downloading it now...")
log.Debug("The 'Analyzer Manager' app is not cached locally. Downloading it now...")
if err = DownloadDependency(artDetails, remotePath, filepath.Join(analyzerManagerDir, xrayutils.AnalyzerManagerZipName), true); err != nil {
return err
}
Expand Down
42 changes: 32 additions & 10 deletions utils/coreutils/techutils.go
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,8 @@ type TechData struct {
exclude []string
// Whether this technology is supported by the 'jf ci-setup' command.
ciSetupSupport bool
// Whether Contextual Analysis supported in this technology.
applicabilityScannable bool
// The file that handles the project's dependencies.
packageDescriptor string
// Formal name of the technology
Expand All @@ -52,15 +54,17 @@ type TechData struct {

var technologiesData = map[Technology]TechData{
Maven: {
indicators: []string{"pom.xml"},
ciSetupSupport: true,
packageDescriptor: "pom.xml",
execCommand: "mvn",
indicators: []string{"pom.xml"},
ciSetupSupport: true,
packageDescriptor: "pom.xml",
execCommand: "mvn",
applicabilityScannable: true,
},
Gradle: {
indicators: []string{".gradle", ".gradle.kts"},
ciSetupSupport: true,
packageDescriptor: "build.gradle, build.gradle.kts",
indicators: []string{".gradle", ".gradle.kts"},
ciSetupSupport: true,
packageDescriptor: "build.gradle, build.gradle.kts",
applicabilityScannable: true,
},
Npm: {
indicators: []string{"package.json", "package-lock.json", "npm-shrinkwrap.json"},
Expand All @@ -70,12 +74,14 @@ var technologiesData = map[Technology]TechData{
formal: string(Npm),
packageVersionOperator: "@",
packageInstallationCommand: "install",
applicabilityScannable: true,
},
Yarn: {
indicators: []string{".yarnrc.yml", "yarn.lock", ".yarn"},
packageDescriptor: "package.json",
packageVersionOperator: "@",
packageInstallationCommand: "up",
applicabilityScannable: true,
},
Go: {
indicators: []string{"go.mod"},
Expand All @@ -84,22 +90,25 @@ var technologiesData = map[Technology]TechData{
packageInstallationCommand: "get",
},
Pip: {
packageType: Pypi,
indicators: []string{"setup.py", "requirements.txt"},
exclude: []string{"Pipfile", "Pipfile.lock", "pyproject.toml", "poetry.lock"},
packageType: Pypi,
indicators: []string{"setup.py", "requirements.txt"},
exclude: []string{"Pipfile", "Pipfile.lock", "pyproject.toml", "poetry.lock"},
applicabilityScannable: true,
},
Pipenv: {
packageType: Pypi,
indicators: []string{"Pipfile", "Pipfile.lock"},
packageDescriptor: "Pipfile",
packageVersionOperator: "==",
packageInstallationCommand: "install",
applicabilityScannable: true,
},
Poetry: {
packageType: Pypi,
indicators: []string{"pyproject.toml", "poetry.lock"},
packageInstallationCommand: "add",
packageVersionOperator: "==",
applicabilityScannable: true,
},
Nuget: {
indicators: []string{".sln", ".csproj"},
Expand Down Expand Up @@ -155,6 +164,10 @@ func (tech Technology) GetPackageInstallOperator() string {
return technologiesData[tech].packageInstallationCommand
}

func (tech Technology) ApplicabilityScannable() bool {
return technologiesData[tech].applicabilityScannable
}

// DetectTechnologies tries to detect all technologies types according to the files in the given path.
// 'isCiSetup' will limit the search of possible techs to Maven, Gradle, and npm.
// 'recursive' will determine if the search will be limited to files in the root path or not.
Expand Down Expand Up @@ -240,3 +253,12 @@ func GetAllTechnologiesList() (technologies []Technology) {
}
return
}

func ContainsApplicabilityScannableTech(technologies []Technology) bool {
for _, technology := range technologies {
if technology.ApplicabilityScannable() {
return true
}
}
return false
}
17 changes: 17 additions & 0 deletions utils/coreutils/techutils_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -30,3 +30,20 @@ func TestDetectTechnologiesByFilePaths(t *testing.T) {
})
}
}

func TestContainsApplicabilityScannableTech(t *testing.T) {
tests := []struct {
name string
technologies []Technology
want bool
}{
{name: "contains supported and unsupported techs", technologies: []Technology{Nuget, Go, Npm}, want: true},
{name: "contains supported techs only", technologies: []Technology{Maven, Yarn, Npm}, want: true},
{name: "contains unsupported techs only", technologies: []Technology{Dotnet, Nuget, Go}, want: false},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
assert.Equal(t, tt.want, ContainsApplicabilityScannableTech(tt.technologies))
})
}
}
Loading

0 comments on commit 4befe41

Please sign in to comment.