Project key to xray api (jfrog#454)

attiasas · web-flow · commit 1351e158fb00 · 2025-05-27T18:51:28.000+03:00
diff --git a/cli/scancommands.go b/cli/scancommands.go
@@ -542,7 +542,7 @@ func ShouldRunCurationAfterFailure(c *components.Context, tech techutils.Technol
 	if err != nil {
 		return
 	}
-	xrayManager, err := xray.CreateXrayServiceManager(serverDetails)
+	xrayManager, err := xray.CreateXrayServiceManager(serverDetails, xray.WithScopedProjectKey(getProject(c)))
 	if err != nil {
 		return
 	}
diff --git a/commands/audit/audit.go b/commands/audit/audit.go
@@ -393,7 +393,7 @@ func initAuditCmdResults(params *AuditParams) (cmdResults *results.SecurityComma
 	cmdResults.SetStartTime(params.StartTime())
 	cmdResults.SetResultsContext(params.resultsContext)
 
-	xrayManager, err := xrayutils.CreateXrayServiceManager(serverDetails)
+	xrayManager, err := xrayutils.CreateXrayServiceManager(serverDetails, xrayutils.WithScopedProjectKey(params.resultsContext.ProjectKey))
 	if err != nil {
 		return cmdResults.AddGeneralError(err, false)
 	}
diff --git a/commands/audit/audit_test.go b/commands/audit/audit_test.go
@@ -420,7 +420,7 @@ func TestAuditWithConfigProfile(t *testing.T) {
 				}},
 				IsDefault: false,
 			},
-			expectedSastIssues: 3,
+			expectedSastIssues: 4,
 		},
 		{
 			name:        "Sast scanner is enabled with exclusions",
@@ -546,7 +546,7 @@ func TestAuditWithConfigProfile(t *testing.T) {
 				}},
 				IsDefault: false,
 			},
-			expectedSastIssues:      3,
+			expectedSastIssues:      4,
 			expectedSecretsIssues:   16,
 			expectedIacIssues:       9,
 			expectedCaApplicable:    3,
diff --git a/commands/audit/sca/common.go b/commands/audit/sca/common.go
@@ -44,7 +44,7 @@ func GetExcludePattern(params utils.AuditParams) string {
 func RunXrayDependenciesTreeScanGraph(scanGraphParams *scangraph.ScanGraphParams) (results []services.ScanResponse, err error) {
 	var scanResults *services.ScanResponse
 	technology := scanGraphParams.Technology()
-	xrayManager, err := xray.CreateXrayServiceManager(scanGraphParams.ServerDetails())
+	xrayManager, err := xray.CreateXrayServiceManager(scanGraphParams.ServerDetails(), xray.WithScopedProjectKey(scanGraphParams.XrayGraphScanParams().ProjectKey))
 	if err != nil {
 		return nil, err
 	}
diff --git a/commands/scan/buildscan.go b/commands/scan/buildscan.go
@@ -79,7 +79,7 @@ func (bsc *BuildScanCommand) SetRescan(rescan bool) *BuildScanCommand {
 
 // Scan published builds with Xray
 func (bsc *BuildScanCommand) Run() (err error) {
-	xrayManager, xrayVersion, err := xrayutils.CreateXrayServiceManagerAndGetVersion(bsc.serverDetails)
+	xrayManager, xrayVersion, err := xrayutils.CreateXrayServiceManagerAndGetVersion(bsc.serverDetails, xrayutils.WithScopedProjectKey(bsc.buildConfiguration.GetProject()))
 	if err != nil {
 		return err
 	}
diff --git a/commands/scan/scan.go b/commands/scan/scan.go
@@ -447,7 +447,7 @@ func (scanCmd *ScanCommand) createIndexerHandlerFunc(file *spec.File, cmdResults
 					SetXrayGraphScanParams(params).
 					SetFixableOnly(scanCmd.fixableOnly).
 					SetSeverityLevel(scanCmd.minSeverityFilter.String())
-				xrayManager, err := xray.CreateXrayServiceManager(scanGraphParams.ServerDetails())
+				xrayManager, err := xray.CreateXrayServiceManager(scanGraphParams.ServerDetails(), xray.WithScopedProjectKey(scanCmd.resultsContext.ProjectKey))
 				if err != nil {
 					return targetResults.AddTargetError(fmt.Errorf("%s failed to create Xray service manager: %s", scanLogPrefix, err.Error()), false)
 				}
diff --git a/go.mod b/go.mod
@@ -11,9 +11,9 @@ require (
 	github.com/jfrog/froggit-go v1.17.0
 	github.com/jfrog/gofrog v1.7.6
 	github.com/jfrog/jfrog-apps-config v1.0.1
-	github.com/jfrog/jfrog-cli-artifactory v0.3.0
-	github.com/jfrog/jfrog-cli-core/v2 v2.58.6
-	github.com/jfrog/jfrog-client-go v1.53.0
+	github.com/jfrog/jfrog-cli-artifactory v0.3.1
+	github.com/jfrog/jfrog-cli-core/v2 v2.58.7
+	github.com/jfrog/jfrog-client-go v1.53.1
 	github.com/magiconair/properties v1.8.9
 	github.com/owenrumney/go-sarif/v2 v2.3.0
 	github.com/stretchr/testify v1.10.0
diff --git a/go.sum b/go.sum
@@ -128,12 +128,12 @@ github.com/jfrog/gofrog v1.7.6 h1:QmfAiRzVyaI7JYGsB7cxfAJePAZTzFz0gRWZSE27c6s=
 github.com/jfrog/gofrog v1.7.6/go.mod h1:ntr1txqNOZtHplmaNd7rS4f8jpA5Apx8em70oYEe7+4=
 github.com/jfrog/jfrog-apps-config v1.0.1 h1:mtv6k7g8A8BVhlHGlSveapqf4mJfonwvXYLipdsOFMY=
 github.com/jfrog/jfrog-apps-config v1.0.1/go.mod h1:8AIIr1oY9JuH5dylz2S6f8Ym2MaadPLR6noCBO4C22w=
-github.com/jfrog/jfrog-cli-artifactory v0.3.0 h1:nodmuOauNSx2OKwQChQ1fLcnhNs+tgWpOk9caMdAuoI=
-github.com/jfrog/jfrog-cli-artifactory v0.3.0/go.mod h1:BliRZeMdqVEKHOtREuowYBgNqwVAFcKY0/veOxQDjwo=
-github.com/jfrog/jfrog-cli-core/v2 v2.58.6 h1:cCg9o0M2p52qCnO0Y+Ry8lxbVIJDJy4s948li2UIYaM=
-github.com/jfrog/jfrog-cli-core/v2 v2.58.6/go.mod h1:VjXJpjapnKA0eBoCH9+5+nWQOxQJ+uzADMY2DQPkCzE=
-github.com/jfrog/jfrog-client-go v1.53.0 h1:oCNuxEtN2VWcbqGdIp1tdYupm7PJZP53etX1Pr24kxY=
-github.com/jfrog/jfrog-client-go v1.53.0/go.mod h1:IKmGx4sYeaiSKBnVzp/j6lVrmyRAXTABfo3B02SPxXI=
+github.com/jfrog/jfrog-cli-artifactory v0.3.1 h1:0F5CgS8iR7o0PoQWcjyLWWnZVrfruNstLezzRaAb9EY=
+github.com/jfrog/jfrog-cli-artifactory v0.3.1/go.mod h1:6QUvZ7US2VVUWzixh/ofn6LHhBelzLkAK+v5FqBvwZ4=
+github.com/jfrog/jfrog-cli-core/v2 v2.58.7 h1:njRlkJjNZ1cvG25S/6T4h+ouI+ZRABN6xZN87UIzB/M=
+github.com/jfrog/jfrog-cli-core/v2 v2.58.7/go.mod h1:ZXcipUeTTEQ/phqHdbCh4wJ5Oo4QVDxzQBREQ0J9mDc=
+github.com/jfrog/jfrog-client-go v1.53.1 h1:GDRLUDs6hhfGNjqbI+bjc3ApgBHnpVwURM+f26PVfyw=
+github.com/jfrog/jfrog-client-go v1.53.1/go.mod h1:XxYs2QtlTm92yqJ5O4j4vzWI8d4sDtKQUT1miNHMgnw=
 github.com/k0kubun/colorstring v0.0.0-20150214042306-9440f1994b88/go.mod h1:3w7q1U84EfirKl04SVQ/s7nPm1ZPhiXd34z40TNz36k=
 github.com/k0kubun/pp v3.0.1+incompatible/go.mod h1:GWse8YhT0p8pT4ir3ZgBbfZild3tgzSScAn6HmfYukg=
 github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4=
diff --git a/jas/analyzermanager.go b/jas/analyzermanager.go
@@ -25,7 +25,7 @@ import (
 const (
 	ApplicabilityFeatureId                    = "contextual_analysis"
 	AnalyzerManagerZipName                    = "analyzerManager.zip"
-	defaultAnalyzerManagerVersion             = "1.19.1"
+	defaultAnalyzerManagerVersion             = "1.20.2"
 	analyzerManagerDownloadPath               = "xsc-gen-exe-analyzer-manager-local/v1"
 	analyzerManagerDirName                    = "analyzerManager"
 	analyzerManagerExecutableName             = "analyzerManager"
@@ -37,7 +37,7 @@ const (
 	jfPlatformXrayUrlEnvVariable              = "JF_PLATFORM_XRAY_URL"
 	logDirEnvVariable                         = "AM_LOG_DIRECTORY"
 	watchesEnvVariable                        = "AM_WATCHES"
-	projectEnvVariable                        = "AM_PROJECT_VIOLATIONS"
+	projectEnvVariable                        = "AM_PROJECT_KEY"
 	gitRepoEnvVariable                        = "AM_GIT_REPO_VIOLATIONS"
 	notEntitledExitCode                       = 31
 	unsupportedCommandExitCode                = 13
diff --git a/utils/xray/xraymanager.go b/utils/xray/xraymanager.go
@@ -7,28 +7,45 @@ import (
 	"github.com/jfrog/jfrog-client-go/xray"
 )
 
-func CreateXrayServiceManager(serverDetails *config.ServerDetails) (*xray.XrayServicesManager, error) {
+// Options for creating an Xray service manager.
+type XrayManagerOption func(f *xray.XrayServicesManager)
+
+// Global reference to the project key, used for API endpoints that require it for authentication
+func WithScopedProjectKey(projectKey string) XrayManagerOption {
+	return func(f *xray.XrayServicesManager) {
+		f.SetProjectKey(projectKey)
+	}
+}
+
+func CreateXrayServiceManager(serverDetails *config.ServerDetails, options ...XrayManagerOption) (manager *xray.XrayServicesManager, err error) {
 	certsPath, err := coreutils.GetJfrogCertsDir()
 	if err != nil {
-		return nil, err
+		return
 	}
 	xrayDetails, err := serverDetails.CreateXrayAuthConfig()
 	if err != nil {
-		return nil, err
+		return
 	}
 	serviceConfig, err := clientconfig.NewConfigBuilder().
 		SetServiceDetails(xrayDetails).
 		SetCertificatesPath(certsPath).
 		SetInsecureTls(serverDetails.InsecureTls).
 		Build()
+	if err != nil {
+		return
+	}
+	manager, err = xray.New(serviceConfig)
 	if err != nil {
 		return nil, err
 	}
-	return xray.New(serviceConfig)
+	for _, option := range options {
+		option(manager)
+	}
+	return
 }
 
-func CreateXrayServiceManagerAndGetVersion(serviceDetails *config.ServerDetails) (*xray.XrayServicesManager, string, error) {
-	xrayManager, err := CreateXrayServiceManager(serviceDetails)
+func CreateXrayServiceManagerAndGetVersion(serviceDetails *config.ServerDetails, options ...XrayManagerOption) (*xray.XrayServicesManager, string, error) {
+	xrayManager, err := CreateXrayServiceManager(serviceDetails, options...)
 	if err != nil {
 		return nil, "", err
 	}

Original file line number	Diff line number	Diff line change
`@@ -542,7 +542,7 @@ func ShouldRunCurationAfterFailure(c *components.Context, tech techutils.Technol`
`542`	`542`	`if err != nil {`
`543`	`543`	`return`
`544`	`544`	`}`
`545`		`- xrayManager, err := xray.CreateXrayServiceManager(serverDetails)`
	`545`	`+ xrayManager, err := xray.CreateXrayServiceManager(serverDetails, xray.WithScopedProjectKey(getProject(c)))`
`546`	`546`	`if err != nil {`
`547`	`547`	`return`
`548`	`548`	`}`
Original file line number	Diff line number	Diff line change
`@@ -393,7 +393,7 @@ func initAuditCmdResults(params AuditParams) (cmdResults results.SecurityComma`
`393`	`393`	`cmdResults.SetStartTime(params.StartTime())`
`394`	`394`	`cmdResults.SetResultsContext(params.resultsContext)`
`395`	`395`
`396`		`- xrayManager, err := xrayutils.CreateXrayServiceManager(serverDetails)`
	`396`	`+ xrayManager, err := xrayutils.CreateXrayServiceManager(serverDetails, xrayutils.WithScopedProjectKey(params.resultsContext.ProjectKey))`
`397`	`397`	`if err != nil {`
`398`	`398`	`return cmdResults.AddGeneralError(err, false)`
`399`	`399`	`}`
Original file line number	Diff line number	Diff line change
`@@ -44,7 +44,7 @@ func GetExcludePattern(params utils.AuditParams) string {`
`44`	`44`	`func RunXrayDependenciesTreeScanGraph(scanGraphParams *scangraph.ScanGraphParams) (results []services.ScanResponse, err error) {`
`45`	`45`	`var scanResults *services.ScanResponse`
`46`	`46`	`technology := scanGraphParams.Technology()`
`47`		`- xrayManager, err := xray.CreateXrayServiceManager(scanGraphParams.ServerDetails())`
	`47`	`+ xrayManager, err := xray.CreateXrayServiceManager(scanGraphParams.ServerDetails(), xray.WithScopedProjectKey(scanGraphParams.XrayGraphScanParams().ProjectKey))`
`48`	`48`	`if err != nil {`
`49`	`49`	`return nil, err`
`50`	`50`	`}`
Original file line number	Diff line number	Diff line change
`@@ -79,7 +79,7 @@ func (bsc BuildScanCommand) SetRescan(rescan bool) BuildScanCommand {`
`79`	`79`
`80`	`80`	`// Scan published builds with Xray`
`81`	`81`	`func (bsc *BuildScanCommand) Run() (err error) {`
`82`		`- xrayManager, xrayVersion, err := xrayutils.CreateXrayServiceManagerAndGetVersion(bsc.serverDetails)`
	`82`	`+ xrayManager, xrayVersion, err := xrayutils.CreateXrayServiceManagerAndGetVersion(bsc.serverDetails, xrayutils.WithScopedProjectKey(bsc.buildConfiguration.GetProject()))`
`83`	`83`	`if err != nil {`
`84`	`84`	`return err`
`85`	`85`	`}`
Original file line number	Diff line number	Diff line change
`@@ -447,7 +447,7 @@ func (scanCmd ScanCommand) createIndexerHandlerFunc(file spec.File, cmdResults`
`447`	`447`	`SetXrayGraphScanParams(params).`
`448`	`448`	`SetFixableOnly(scanCmd.fixableOnly).`
`449`	`449`	`SetSeverityLevel(scanCmd.minSeverityFilter.String())`
`450`		`- xrayManager, err := xray.CreateXrayServiceManager(scanGraphParams.ServerDetails())`
	`450`	`+ xrayManager, err := xray.CreateXrayServiceManager(scanGraphParams.ServerDetails(), xray.WithScopedProjectKey(scanCmd.resultsContext.ProjectKey))`
`451`	`451`	`if err != nil {`
`452`	`452`	`return targetResults.AddTargetError(fmt.Errorf("%s failed to create Xray service manager: %s", scanLogPrefix, err.Error()), false)`
`453`	`453`	`}`