From 69fc436635e34bf4ea3b55013a6ea4dfad25b718 Mon Sep 17 00:00:00 2001 From: Or Geva Date: Mon, 13 Nov 2023 17:57:22 +0200 Subject: [PATCH 1/5] Remove JAS scanners timeout --- src/main/java/com/jfrog/ide/idea/scan/ScanManager.java | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/src/main/java/com/jfrog/ide/idea/scan/ScanManager.java b/src/main/java/com/jfrog/ide/idea/scan/ScanManager.java index d849148d..487ec425 100644 --- a/src/main/java/com/jfrog/ide/idea/scan/ScanManager.java +++ b/src/main/java/com/jfrog/ide/idea/scan/ScanManager.java @@ -31,14 +31,12 @@ import static com.jfrog.ide.common.utils.XrayConnectionUtils.createXrayClientBuilder; public class ScanManager { - private final int SCAN_TIMEOUT_MINUTES = 60; private final Project project; private final ScannerFactory factory; private final SourceCodeScannerManager sourceCodeScannerManager; private Map scanners = Maps.newHashMap(); private ExecutorService executor; - private ScanManager(@NotNull Project project) { this.project = project; factory = new ScannerFactory(project); @@ -97,8 +95,8 @@ public void startScan() { scanner.asyncScanAndUpdateResults(); } executor.shutdown(); - if (!executor.awaitTermination(SCAN_TIMEOUT_MINUTES, TimeUnit.MINUTES)) { - logError(Logger.getInstance(), "Scan timeout of " + SCAN_TIMEOUT_MINUTES + " minutes elapsed. The scan is being canceled.", true); + if (!executor.awaitTermination(Long.MAX_VALUE, TimeUnit.MINUTES)) { + logError(Logger.getInstance(), "Scan timeout elapsed. The scan is being canceled.", true); } // Cache tree only if no errors occurred during scan. if (scanners.values().stream().anyMatch(ScannerBase::isScanErrorOccurred)) { From f1bf3886b9cf5fa145087696adae12b36b79eec1 Mon Sep 17 00:00:00 2001 From: Or Geva Date: Tue, 14 Nov 2023 16:30:05 +0200 Subject: [PATCH 2/5] Enhance JAS scanner progress bar and include additional logging --- .../scan/ApplicabilityScannerExecutor.java | 6 +-- .../ide/idea/scan/IACScannerExecutor.java | 6 +-- .../ide/idea/scan/SastScannerExecutor.java | 6 +-- .../ide/idea/scan/ScanBinaryExecutor.java | 41 +++++++++++++++---- .../ide/idea/scan/SecretsScannerExecutor.java | 6 +-- .../idea/scan/SourceCodeScannerManager.java | 17 ++++++-- .../jfrog/ide/idea/scan/data/ScanConfig.java | 13 ++++++ 7 files changed, 70 insertions(+), 25 deletions(-) diff --git a/src/main/java/com/jfrog/ide/idea/scan/ApplicabilityScannerExecutor.java b/src/main/java/com/jfrog/ide/idea/scan/ApplicabilityScannerExecutor.java index 85745f68..17ae2ba0 100644 --- a/src/main/java/com/jfrog/ide/idea/scan/ApplicabilityScannerExecutor.java +++ b/src/main/java/com/jfrog/ide/idea/scan/ApplicabilityScannerExecutor.java @@ -1,6 +1,6 @@ package com.jfrog.ide.idea.scan; -import com.jfrog.ide.common.configuration.ServerConfig; +import com.jfrog.ide.common.log.ProgressIndicator; import com.jfrog.ide.common.nodes.ApplicableIssueNode; import com.jfrog.ide.common.nodes.FileTreeNode; import com.jfrog.ide.common.nodes.VulnerabilityNode; @@ -30,8 +30,8 @@ public ApplicabilityScannerExecutor(Log log) { supportedPackageTypes = SUPPORTED_PACKAGE_TYPES; } - public List execute(ScanConfig.Builder inputFileBuilder, Runnable checkCanceled) throws IOException, InterruptedException { - return super.execute(inputFileBuilder, SCANNER_ARGS, checkCanceled); + public List execute(ScanConfig.Builder inputFileBuilder, Runnable checkCanceled, ProgressIndicator indicator) throws IOException, InterruptedException { + return super.execute(inputFileBuilder, SCANNER_ARGS, checkCanceled, indicator); } @Override diff --git a/src/main/java/com/jfrog/ide/idea/scan/IACScannerExecutor.java b/src/main/java/com/jfrog/ide/idea/scan/IACScannerExecutor.java index b8b964cc..ce31ca2c 100644 --- a/src/main/java/com/jfrog/ide/idea/scan/IACScannerExecutor.java +++ b/src/main/java/com/jfrog/ide/idea/scan/IACScannerExecutor.java @@ -1,6 +1,6 @@ package com.jfrog.ide.idea.scan; -import com.jfrog.ide.common.configuration.ServerConfig; +import com.jfrog.ide.common.log.ProgressIndicator; import com.jfrog.ide.common.nodes.FileIssueNode; import com.jfrog.ide.common.nodes.FileTreeNode; import com.jfrog.ide.common.nodes.subentities.SourceCodeScanType; @@ -26,8 +26,8 @@ public IACScannerExecutor(Log log) { super(SourceCodeScanType.IAC, log); } - public List execute(ScanConfig.Builder inputFileBuilder, Runnable checkCanceled) throws IOException, InterruptedException { - return super.execute(inputFileBuilder, SCANNER_ARGS, checkCanceled); + public List execute(ScanConfig.Builder inputFileBuilder, Runnable checkCanceled, ProgressIndicator indicator) throws IOException, InterruptedException { + return super.execute(inputFileBuilder, SCANNER_ARGS, checkCanceled, indicator); } @Override diff --git a/src/main/java/com/jfrog/ide/idea/scan/SastScannerExecutor.java b/src/main/java/com/jfrog/ide/idea/scan/SastScannerExecutor.java index dd63f96a..31e247af 100644 --- a/src/main/java/com/jfrog/ide/idea/scan/SastScannerExecutor.java +++ b/src/main/java/com/jfrog/ide/idea/scan/SastScannerExecutor.java @@ -1,6 +1,6 @@ package com.jfrog.ide.idea.scan; -import com.jfrog.ide.common.configuration.ServerConfig; +import com.jfrog.ide.common.log.ProgressIndicator; import com.jfrog.ide.common.nodes.FileIssueNode; import com.jfrog.ide.common.nodes.FileTreeNode; import com.jfrog.ide.common.nodes.SastIssueNode; @@ -31,8 +31,8 @@ public SastScannerExecutor(Log log) { super(SourceCodeScanType.SAST, log); } - public List execute(ScanConfig.Builder inputFileBuilder, Runnable checkCanceled) throws IOException, InterruptedException { - return super.execute(inputFileBuilder, SCANNER_ARGS, checkCanceled, RUN_WITH_NEW_CONFIG_FILE); + public List execute(ScanConfig.Builder inputFileBuilder, Runnable checkCanceled, ProgressIndicator indicator) throws IOException, InterruptedException { + return super.execute(inputFileBuilder, SCANNER_ARGS, checkCanceled, RUN_WITH_NEW_CONFIG_FILE, indicator); } @Override diff --git a/src/main/java/com/jfrog/ide/idea/scan/ScanBinaryExecutor.java b/src/main/java/com/jfrog/ide/idea/scan/ScanBinaryExecutor.java index 8c1b9860..eb237764 100644 --- a/src/main/java/com/jfrog/ide/idea/scan/ScanBinaryExecutor.java +++ b/src/main/java/com/jfrog/ide/idea/scan/ScanBinaryExecutor.java @@ -3,13 +3,23 @@ import com.fasterxml.jackson.databind.ObjectMapper; import com.intellij.util.EnvironmentUtil; import com.jfrog.ide.common.configuration.ServerConfig; +import com.jfrog.ide.common.log.ProgressIndicator; import com.jfrog.ide.common.nodes.FileTreeNode; import com.jfrog.ide.common.nodes.subentities.SourceCodeScanType; import com.jfrog.ide.idea.configuration.GlobalSettings; import com.jfrog.ide.idea.configuration.ServerConfigImpl; import com.jfrog.ide.idea.inspections.JFrogSecurityWarning; import com.jfrog.ide.idea.log.Logger; -import com.jfrog.ide.idea.scan.data.*; +import com.jfrog.ide.idea.scan.data.Message; +import com.jfrog.ide.idea.scan.data.NewScanConfig; +import com.jfrog.ide.idea.scan.data.NewScansConfig; +import com.jfrog.ide.idea.scan.data.Output; +import com.jfrog.ide.idea.scan.data.PackageManagerType; +import com.jfrog.ide.idea.scan.data.Rule; +import com.jfrog.ide.idea.scan.data.Run; +import com.jfrog.ide.idea.scan.data.SarifResult; +import com.jfrog.ide.idea.scan.data.ScanConfig; +import com.jfrog.ide.idea.scan.data.ScansConfig; import com.jfrog.xray.client.Xray; import com.jfrog.xray.client.services.entitlements.Feature; import lombok.Getter; @@ -36,7 +46,12 @@ import java.nio.file.Files; import java.nio.file.Path; import java.time.LocalDateTime; -import java.util.*; +import java.util.ArrayList; +import java.util.Collection; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Optional; import java.util.concurrent.TimeUnit; import static com.jfrog.ide.common.utils.ArtifactoryConnectionUtils.createAnonymousAccessArtifactoryManagerBuilder; @@ -121,13 +136,13 @@ String getBinaryDownloadURL(String externalResourcesRepo) { abstract Feature getScannerFeatureName(); - abstract List execute(ScanConfig.Builder inputFileBuilder, Runnable checkCanceled) throws IOException, InterruptedException, URISyntaxException; + abstract List execute(ScanConfig.Builder inputFileBuilder, Runnable checkCanceled, ProgressIndicator indicator) throws IOException, InterruptedException, URISyntaxException; - protected List execute(ScanConfig.Builder inputFileBuilder, List args, Runnable checkCanceled) throws IOException, InterruptedException { - return execute(inputFileBuilder, args, checkCanceled, false); + protected List execute(ScanConfig.Builder inputFileBuilder, List args, Runnable checkCanceled, ProgressIndicator indicator) throws IOException, InterruptedException { + return execute(inputFileBuilder, args, checkCanceled, false, indicator); } - protected List execute(ScanConfig.Builder inputFileBuilder, List args, Runnable checkCanceled, boolean newConfigFormat) throws IOException, InterruptedException { + protected List execute(ScanConfig.Builder inputFileBuilder, List args, Runnable checkCanceled, boolean newConfigFormat, ProgressIndicator indicator) throws IOException, InterruptedException { if (!shouldExecute()) { return List.of(); } @@ -151,7 +166,13 @@ protected List execute(ScanConfig.Builder inputFileBuilder Logger log = Logger.getInstance(); // The following logging is done outside the commandExecutor because the commandExecutor log level is set to INFO. // As it is an internal binary execution, the message should be printed for DEBUG use only. - log.debug(String.format("Executing command: %s %s", binaryTargetPath.toString(), join(" ", args))); + indicator.setText(String.format("Running %s scan at %s", scanType.toString().toLowerCase(), String.join(" ", inputParams.getRoots()))); + String cmd = String.format("%s %s", binaryTargetPath.toString(), join(" ", args)); + log.info(String.format(""" + Executing JAS scanner + %s + with config: + %s""", cmd, inputParams)); CommandExecutor commandExecutor = new CommandExecutor(binaryTargetPath.toString(), createEnvWithCredentials()); CommandResults commandResults = commandExecutor.exeCommand(binaryTargetPath.toFile().getParentFile(), args, null, new NullLog(), MAX_EXECUTION_MINUTES, TimeUnit.MINUTES); @@ -159,16 +180,18 @@ protected List execute(ScanConfig.Builder inputFileBuilder checkCanceled.run(); if (commandResults.isOk()) { + log.info(String.format("Finished successfully to run command: %s", cmd)); log.debug(commandResults.getRes()); return parseOutputSarif(outputFilePath); } + log.info(String.format("Failed to run command: %s", cmd)); switch (commandResults.getExitValue()) { case USER_NOT_ENTITLED -> { - log.debug("User not entitled for advance security scan"); + log.info("User not entitled for advance security scan"); return List.of(); } case NOT_SUPPORTED -> { - log.debug(String.format("Scanner %s is not supported in the current Analyzer Manager version.", scanType)); + log.info(String.format("Scanner %s is not supported in the current Analyzer Manager version.", scanType)); return List.of(); } default -> { diff --git a/src/main/java/com/jfrog/ide/idea/scan/SecretsScannerExecutor.java b/src/main/java/com/jfrog/ide/idea/scan/SecretsScannerExecutor.java index 85a014c1..f378283c 100644 --- a/src/main/java/com/jfrog/ide/idea/scan/SecretsScannerExecutor.java +++ b/src/main/java/com/jfrog/ide/idea/scan/SecretsScannerExecutor.java @@ -1,6 +1,6 @@ package com.jfrog.ide.idea.scan; -import com.jfrog.ide.common.configuration.ServerConfig; +import com.jfrog.ide.common.log.ProgressIndicator; import com.jfrog.ide.common.nodes.FileIssueNode; import com.jfrog.ide.common.nodes.FileTreeNode; import com.jfrog.ide.common.nodes.subentities.SourceCodeScanType; @@ -26,8 +26,8 @@ public SecretsScannerExecutor(Log log) { super(SourceCodeScanType.SECRETS, log); } - public List execute(ScanConfig.Builder inputFileBuilder, Runnable checkCanceled) throws IOException, InterruptedException { - return super.execute(inputFileBuilder, SCANNER_ARGS, checkCanceled); + public List execute(ScanConfig.Builder inputFileBuilder, Runnable checkCanceled, ProgressIndicator indicator) throws IOException, InterruptedException { + return super.execute(inputFileBuilder, SCANNER_ARGS, checkCanceled, indicator); } @Override diff --git a/src/main/java/com/jfrog/ide/idea/scan/SourceCodeScannerManager.java b/src/main/java/com/jfrog/ide/idea/scan/SourceCodeScannerManager.java index 72e8ef30..071df92c 100644 --- a/src/main/java/com/jfrog/ide/idea/scan/SourceCodeScannerManager.java +++ b/src/main/java/com/jfrog/ide/idea/scan/SourceCodeScannerManager.java @@ -31,7 +31,14 @@ import java.net.URISyntaxException; import java.nio.file.Path; import java.nio.file.Paths; -import java.util.*; +import java.util.ArrayList; +import java.util.Collection; +import java.util.Collections; +import java.util.Enumeration; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Set; import java.util.concurrent.CountDownLatch; import java.util.concurrent.ExecutorService; import java.util.concurrent.atomic.AtomicBoolean; @@ -41,7 +48,9 @@ import static com.jfrog.ide.common.utils.Utils.createYAMLMapper; import static com.jfrog.ide.idea.scan.ScannerBase.createRunnable; import static com.jfrog.ide.idea.scan.data.applications.JFrogApplicationsConfig.createApplicationConfigWithDefaultModule; -import static com.jfrog.ide.idea.ui.configuration.ConfigVerificationUtils.*; +import static com.jfrog.ide.idea.ui.configuration.ConfigVerificationUtils.EXCLUSIONS_PREFIX; +import static com.jfrog.ide.idea.ui.configuration.ConfigVerificationUtils.EXCLUSIONS_REGEX_PATTERN; +import static com.jfrog.ide.idea.ui.configuration.ConfigVerificationUtils.EXCLUSIONS_SUFFIX; import static com.jfrog.ide.idea.utils.Utils.getProjectBasePath; import static org.apache.commons.lang3.StringUtils.defaultIfEmpty; @@ -90,7 +99,7 @@ public List applicabilityScan(ProgressIndicator indicator, Collect Set directIssuesCVEs = issuesMap.keySet(); // If no direct dependencies with issues are found by Xray, the applicability scan is irrelevant. if (!directIssuesCVEs.isEmpty()) { - List applicabilityResults = applicability.execute(createBasicScannerInput().cves(List.copyOf(directIssuesCVEs)), checkCanceled); + List applicabilityResults = applicability.execute(createBasicScannerInput().cves(List.copyOf(directIssuesCVEs)), checkCanceled, indicator); scanResults.addAll(applicabilityResults); } } @@ -183,7 +192,7 @@ private void scan(ModuleConfig moduleConfig, ProgressIndicator indicator, Runnab } } try { - List scanResults = scanner.execute(createBasicScannerInput(moduleConfig, scannerConfig), checkCanceled); + List scanResults = scanner.execute(createBasicScannerInput(moduleConfig, scannerConfig), checkCanceled, indicator); addSourceCodeScanResults(scanner.createSpecificFileIssueNodes(scanResults)); } catch (IOException | URISyntaxException | InterruptedException e) { logError(log, "", e, true); diff --git a/src/main/java/com/jfrog/ide/idea/scan/data/ScanConfig.java b/src/main/java/com/jfrog/ide/idea/scan/data/ScanConfig.java index 94426c71..e7526e7d 100644 --- a/src/main/java/com/jfrog/ide/idea/scan/data/ScanConfig.java +++ b/src/main/java/com/jfrog/ide/idea/scan/data/ScanConfig.java @@ -95,6 +95,19 @@ public void setSkippedFolders(List skippedFolders) { this.skippedFolders = skippedFolders; } + @Override + public String toString() { + return "ScanConfig{" + + "scanType=" + scanType + + ", language='" + language + '\'' + + ", roots=" + roots + + ", output='" + output + '\'' + + ", grepDisable=" + grepDisable + + ", cves=" + cves + + ", skippedFolders=" + skippedFolders + + ", excludedRules=" + excludedRules + + '}'; + } public static class Builder { private SourceCodeScanType scanType; From b288181b2583d8c39b2bde08b80efb49baff49f5 Mon Sep 17 00:00:00 2001 From: Or Geva Date: Tue, 14 Nov 2023 17:34:07 +0200 Subject: [PATCH 3/5] Fix tests --- .../ApplicabilityScannerIntegrationTests.java | 18 +++++++++++++----- .../ExternalResourcesRepoIntegrationTests.java | 10 ++++++++-- .../IACScannerIntegrationTests.java | 6 +++++- .../SecretsScannerIntegrationTests.java | 10 ++++++++-- 4 files changed, 34 insertions(+), 10 deletions(-) diff --git a/src/test/java/com/jfrog/ide/idea/integration/ApplicabilityScannerIntegrationTests.java b/src/test/java/com/jfrog/ide/idea/integration/ApplicabilityScannerIntegrationTests.java index 55ed94db..5e6d7602 100644 --- a/src/test/java/com/jfrog/ide/idea/integration/ApplicabilityScannerIntegrationTests.java +++ b/src/test/java/com/jfrog/ide/idea/integration/ApplicabilityScannerIntegrationTests.java @@ -1,5 +1,6 @@ package com.jfrog.ide.idea.integration; +import com.jfrog.ide.common.log.ProgressIndicator; import com.jfrog.ide.common.nodes.subentities.SourceCodeScanType; import com.jfrog.ide.idea.inspections.JFrogSecurityWarning; import com.jfrog.ide.idea.log.Logger; @@ -9,6 +10,8 @@ import java.io.IOException; import java.util.List; +import static org.mockito.Mockito.mock; + public class ApplicabilityScannerIntegrationTests extends BaseIntegrationTest { private ApplicabilityScannerExecutor scanner; private final static String TEST_PROJECT_PREFIX = "sourceCode/testProjects/"; @@ -22,7 +25,8 @@ protected void setUp() throws Exception { public void testApplicabilityScannerJsProjectNotApplicable() throws IOException, InterruptedException { String testProjectRoot = createTempProjectDir("npm"); ScanConfig.Builder input = new ScanConfig.Builder().roots(List.of(testProjectRoot)).cves(List.of("CVE-2021-3918", "CVE-2021-3807")); - List results = scanner.execute(input, this::dummyCheckCanceled); + ProgressIndicator indicator = mock(ProgressIndicator.class); + List results = scanner.execute(input, this::dummyCheckCanceled, indicator); assertEquals(2, results.size()); // Expect all issues to be not applicable to this test project assertFalse(results.stream().anyMatch(JFrogSecurityWarning::isApplicable)); @@ -31,7 +35,8 @@ public void testApplicabilityScannerJsProjectNotApplicable() throws IOException, public void testApplicabilityScannerJsProject() throws IOException, InterruptedException { String testProjectRoot = createTempProjectDir("npm"); ScanConfig.Builder input = new ScanConfig.Builder().roots(List.of(testProjectRoot)).cves(List.of("CVE-2022-25878")); - List results = scanner.execute(input, this::dummyCheckCanceled); + ProgressIndicator indicator = mock(ProgressIndicator.class); + List results = scanner.execute(input, this::dummyCheckCanceled, indicator); assertEquals(2, results.size()); // Expect all issues to be applicable. assertTrue(results.stream().allMatch(JFrogSecurityWarning::isApplicable)); @@ -49,7 +54,8 @@ public void testApplicabilityScannerJsProject() throws IOException, InterruptedE public void testApplicabilityScannerPythonProjectNotApplicable() throws IOException, InterruptedException { String testProjectRoot = createTempProjectDir("python"); ScanConfig.Builder input = new ScanConfig.Builder().roots(List.of(testProjectRoot)).cves(List.of("CVE-2021-3918", "CVE-2019-15605")); - List results = scanner.execute(input, this::dummyCheckCanceled); + ProgressIndicator indicator = mock(ProgressIndicator.class); + List results = scanner.execute(input, this::dummyCheckCanceled, indicator); assertEquals(2, results.size()); // Expect all issues to be not applicable to this test project assertFalse(results.stream().anyMatch(JFrogSecurityWarning::isApplicable)); @@ -58,7 +64,8 @@ public void testApplicabilityScannerPythonProjectNotApplicable() throws IOExcept public void testApplicabilityScannerPythonProject() throws IOException, InterruptedException { String testProjectRoot = createTempProjectDir("python"); ScanConfig.Builder input = new ScanConfig.Builder().roots(List.of(testProjectRoot)).cves(List.of("CVE-2019-20907")); - List results = scanner.execute(input, this::dummyCheckCanceled); + ProgressIndicator indicator = mock(ProgressIndicator.class); + List results = scanner.execute(input, this::dummyCheckCanceled, indicator); assertEquals(1, results.size()); // Expect specific indications assertTrue(results.get(0).isApplicable()); @@ -74,7 +81,8 @@ public void testApplicabilityScannerPythonProject() throws IOException, Interrup public void testApplicabilityScannerJavaProject() throws IOException, InterruptedException { String testProjectRoot = createTempProjectDir("maven"); ScanConfig.Builder input = new ScanConfig.Builder().roots(List.of(testProjectRoot)).cves(List.of("CVE-2013-7285")); - List results = scanner.execute(input, this::dummyCheckCanceled); + ProgressIndicator indicator = mock(ProgressIndicator.class); + List results = scanner.execute(input, this::dummyCheckCanceled, indicator); assertEquals(2, results.size()); // Expect specific indications assertTrue(results.get(0).isApplicable()); diff --git a/src/test/java/com/jfrog/ide/idea/integration/ExternalResourcesRepoIntegrationTests.java b/src/test/java/com/jfrog/ide/idea/integration/ExternalResourcesRepoIntegrationTests.java index de79356b..bc986fbd 100644 --- a/src/test/java/com/jfrog/ide/idea/integration/ExternalResourcesRepoIntegrationTests.java +++ b/src/test/java/com/jfrog/ide/idea/integration/ExternalResourcesRepoIntegrationTests.java @@ -1,5 +1,6 @@ package com.jfrog.ide.idea.integration; +import com.jfrog.ide.common.log.ProgressIndicator; import com.jfrog.ide.idea.configuration.GlobalSettings; import com.jfrog.ide.idea.configuration.ServerConfigImpl; import com.jfrog.ide.idea.inspections.JFrogSecurityWarning; @@ -16,6 +17,8 @@ import java.nio.file.Files; import java.util.List; +import static org.mockito.Mockito.mock; + public class ExternalResourcesRepoIntegrationTests extends BaseIntegrationTest { private static final String TEST_PROJECT_PREFIX = "secrets/testProjects/"; private static final String ENV_EXTERNAL_RESOURCES_REPO = "JFROG_IDE_TEST_EXTERNAL_RESOURCES_REPO"; @@ -42,7 +45,9 @@ public void testDownloadScannersFromExternalRepo() throws IOException, Interrupt String testProjectRoot = createTempProjectDir("exposedSecrets"); ScanConfig.Builder input = new ScanConfig.Builder() .roots(List.of(testProjectRoot)); - List results = scanner.execute(input, this::dummyCheckCanceled); + + ProgressIndicator indicator = mock(ProgressIndicator.class); + List results = scanner.execute(input, this::dummyCheckCanceled, indicator); assertEquals(8, results.size()); // Restore the original ServerConfig in GlobalSettings @@ -61,7 +66,8 @@ public void testDownloadScannersFromExternalRepoNotExist() throws IOException { String testProjectRoot = createTempProjectDir("exposedSecrets"); ScanConfig.Builder input = new ScanConfig.Builder() .roots(List.of(testProjectRoot)); - assertThrows(FileNotFoundException.class, () -> scanner.execute(input, this::dummyCheckCanceled)); + ProgressIndicator indicator = mock(ProgressIndicator.class); + assertThrows(FileNotFoundException.class, () -> scanner.execute(input, this::dummyCheckCanceled, indicator)); // Restore the original ServerConfig in GlobalSettings GlobalSettings.getInstance().setServerConfig(originalServerConfig); } diff --git a/src/test/java/com/jfrog/ide/idea/integration/IACScannerIntegrationTests.java b/src/test/java/com/jfrog/ide/idea/integration/IACScannerIntegrationTests.java index 996b4a1d..9351a55d 100644 --- a/src/test/java/com/jfrog/ide/idea/integration/IACScannerIntegrationTests.java +++ b/src/test/java/com/jfrog/ide/idea/integration/IACScannerIntegrationTests.java @@ -1,5 +1,6 @@ package com.jfrog.ide.idea.integration; +import com.jfrog.ide.common.log.ProgressIndicator; import com.jfrog.ide.common.nodes.subentities.SourceCodeScanType; import com.jfrog.ide.idea.inspections.JFrogSecurityWarning; import com.jfrog.ide.idea.log.Logger; @@ -10,6 +11,8 @@ import java.io.IOException; import java.util.List; +import static org.mockito.Mockito.mock; + public class IACScannerIntegrationTests extends BaseIntegrationTest { private IACScannerExecutor scanner; @@ -25,7 +28,8 @@ public void testIACScanner() throws IOException, InterruptedException { String testProjectRoot = createTempProjectDir("exposedIac"); ScanConfig.Builder input = new ScanConfig.Builder() .roots(List.of(testProjectRoot)); - List results = scanner.execute(input, this::dummyCheckCanceled); + ProgressIndicator indicator = mock(ProgressIndicator.class); + List results = scanner.execute(input, this::dummyCheckCanceled, indicator); assertEquals(11, results.size()); // Expect specific indications JFrogSecurityWarning iacIndication = results.get(0); diff --git a/src/test/java/com/jfrog/ide/idea/integration/SecretsScannerIntegrationTests.java b/src/test/java/com/jfrog/ide/idea/integration/SecretsScannerIntegrationTests.java index a07daa32..f37bc79a 100644 --- a/src/test/java/com/jfrog/ide/idea/integration/SecretsScannerIntegrationTests.java +++ b/src/test/java/com/jfrog/ide/idea/integration/SecretsScannerIntegrationTests.java @@ -1,5 +1,6 @@ package com.jfrog.ide.idea.integration; +import com.jfrog.ide.common.log.ProgressIndicator; import com.jfrog.ide.common.nodes.subentities.SourceCodeScanType; import com.jfrog.ide.idea.inspections.JFrogSecurityWarning; import com.jfrog.ide.idea.log.Logger; @@ -10,6 +11,8 @@ import java.io.IOException; import java.util.List; +import static org.mockito.Mockito.mock; + public class SecretsScannerIntegrationTests extends BaseIntegrationTest { private SecretsScannerExecutor scanner; @@ -25,7 +28,9 @@ public void testSecretsScanner() throws IOException, InterruptedException { String testProjectRoot = createTempProjectDir("exposedSecrets"); ScanConfig.Builder input = new ScanConfig.Builder() .roots(List.of(testProjectRoot)); - List results = scanner.execute(input, this::dummyCheckCanceled); + ProgressIndicator indicator = mock(ProgressIndicator.class); + + List results = scanner.execute(input, this::dummyCheckCanceled, indicator); assertEquals(8, results.size()); // Expect specific indications JFrogSecurityWarning secretIndication = results.get(0); @@ -43,7 +48,8 @@ public void testSecretsScannerNoSecrets() throws IOException, InterruptedExcepti String testProjectRoot = createTempProjectDir("dummy"); ScanConfig.Builder input = new ScanConfig.Builder() .roots(List.of(testProjectRoot)); - List results = scanner.execute(input, this::dummyCheckCanceled); + ProgressIndicator indicator = mock(ProgressIndicator.class); + List results = scanner.execute(input, this::dummyCheckCanceled, indicator); assertEquals(0, results.size()); } From ba75b2ecce61344f5576c2caa2c6ab07a95dc013 Mon Sep 17 00:00:00 2001 From: Or Geva Date: Wed, 15 Nov 2023 11:51:40 +0200 Subject: [PATCH 4/5] Remove timout from scan binary executor --- src/main/java/com/jfrog/ide/idea/scan/ScanBinaryExecutor.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/main/java/com/jfrog/ide/idea/scan/ScanBinaryExecutor.java b/src/main/java/com/jfrog/ide/idea/scan/ScanBinaryExecutor.java index eb237764..deea0425 100644 --- a/src/main/java/com/jfrog/ide/idea/scan/ScanBinaryExecutor.java +++ b/src/main/java/com/jfrog/ide/idea/scan/ScanBinaryExecutor.java @@ -68,7 +68,6 @@ */ public abstract class ScanBinaryExecutor { public static final Path BINARIES_DIR = HOME_PATH.resolve("dependencies").resolve("jfrog-security"); - private static final long MAX_EXECUTION_MINUTES = 10; private static final int UPDATE_INTERVAL = 1; private static final int USER_NOT_ENTITLED = 31; private static final int NOT_SUPPORTED = 13; @@ -175,7 +174,7 @@ protected List execute(ScanConfig.Builder inputFileBuilder %s""", cmd, inputParams)); CommandExecutor commandExecutor = new CommandExecutor(binaryTargetPath.toString(), createEnvWithCredentials()); CommandResults commandResults = commandExecutor.exeCommand(binaryTargetPath.toFile().getParentFile(), args, - null, new NullLog(), MAX_EXECUTION_MINUTES, TimeUnit.MINUTES); + null, new NullLog(), Long.MAX_VALUE, TimeUnit.MINUTES); checkCanceled.run(); From 7c7a6f5b79738cb900988926fc3fc2f6e8c78f3d Mon Sep 17 00:00:00 2001 From: Or Geva Date: Sun, 26 Nov 2023 16:47:47 +0200 Subject: [PATCH 5/5] Fix Cr comments --- .../jfrog/ide/idea/scan/ScanBinaryExecutor.java | 8 ++------ .../com/jfrog/ide/idea/scan/data/ScanConfig.java | 16 ++-------------- 2 files changed, 4 insertions(+), 20 deletions(-) diff --git a/src/main/java/com/jfrog/ide/idea/scan/ScanBinaryExecutor.java b/src/main/java/com/jfrog/ide/idea/scan/ScanBinaryExecutor.java index deea0425..5880f3cc 100644 --- a/src/main/java/com/jfrog/ide/idea/scan/ScanBinaryExecutor.java +++ b/src/main/java/com/jfrog/ide/idea/scan/ScanBinaryExecutor.java @@ -167,11 +167,7 @@ protected List execute(ScanConfig.Builder inputFileBuilder // As it is an internal binary execution, the message should be printed for DEBUG use only. indicator.setText(String.format("Running %s scan at %s", scanType.toString().toLowerCase(), String.join(" ", inputParams.getRoots()))); String cmd = String.format("%s %s", binaryTargetPath.toString(), join(" ", args)); - log.info(String.format(""" - Executing JAS scanner - %s - with config: - %s""", cmd, inputParams)); + log.info(String.format("Executing JAS scanner %s with config: %s", cmd, inputParams)); CommandExecutor commandExecutor = new CommandExecutor(binaryTargetPath.toString(), createEnvWithCredentials()); CommandResults commandResults = commandExecutor.exeCommand(binaryTargetPath.toFile().getParentFile(), args, null, new NullLog(), Long.MAX_VALUE, TimeUnit.MINUTES); @@ -186,7 +182,7 @@ protected List execute(ScanConfig.Builder inputFileBuilder log.info(String.format("Failed to run command: %s", cmd)); switch (commandResults.getExitValue()) { case USER_NOT_ENTITLED -> { - log.info("User not entitled for advance security scan"); + log.debug("User not entitled for advance security scan"); return List.of(); } case NOT_SUPPORTED -> { diff --git a/src/main/java/com/jfrog/ide/idea/scan/data/ScanConfig.java b/src/main/java/com/jfrog/ide/idea/scan/data/ScanConfig.java index e7526e7d..78501bdb 100644 --- a/src/main/java/com/jfrog/ide/idea/scan/data/ScanConfig.java +++ b/src/main/java/com/jfrog/ide/idea/scan/data/ScanConfig.java @@ -3,11 +3,13 @@ import com.fasterxml.jackson.annotation.JsonProperty; import com.jfrog.ide.common.nodes.subentities.SourceCodeScanType; import lombok.Getter; +import lombok.ToString; import java.util.ArrayList; import java.util.List; @Getter +@ToString public class ScanConfig { @JsonProperty("type") private SourceCodeScanType scanType; @@ -95,20 +97,6 @@ public void setSkippedFolders(List skippedFolders) { this.skippedFolders = skippedFolders; } - @Override - public String toString() { - return "ScanConfig{" + - "scanType=" + scanType + - ", language='" + language + '\'' + - ", roots=" + roots + - ", output='" + output + '\'' + - ", grepDisable=" + grepDisable + - ", cves=" + cves + - ", skippedFolders=" + skippedFolders + - ", excludedRules=" + excludedRules + - '}'; - } - public static class Builder { private SourceCodeScanType scanType; private String language;