better log with threadId

attiasas · attiasas · commit 2597ad28e760 · 2025-11-06T12:09:08.000+02:00
diff --git a/jas/iac/iacscanner.go b/jas/iac/iacscanner.go
@@ -9,7 +9,6 @@ import (
 	"github.com/jfrog/jfrog-cli-security/utils"
 	"github.com/jfrog/jfrog-cli-security/utils/formats/sarifutils"
 	"github.com/jfrog/jfrog-cli-security/utils/jasutils"
-	clientutils "github.com/jfrog/jfrog-client-go/utils"
 
 	"github.com/jfrog/jfrog-client-go/utils/log"
 	"github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif"
@@ -47,7 +46,7 @@ func RunIacScan(scanner *jas.JasScanner, module jfrogappsconfig.Module, targetCo
 	if vulnerabilitiesResults, violationsResults, err = iacScanManager.scanner.Run(iacScanManager, module); err != nil {
 		return
 	}
-	log.Info(clientutils.GetLogMsgPrefix(threadId, false) + utils.GetScanFindingsLog(utils.IacScan, sarifutils.GetResultsLocationCount(vulnerabilitiesResults...), startTime))
+	log.Info(utils.GetScanFindingsLog(utils.IacScan, sarifutils.GetResultsLocationCount(vulnerabilitiesResults...), startTime, threadId))
 	return
 }
 
diff --git a/jas/sast/sastscanner.go b/jas/sast/sastscanner.go
@@ -10,7 +10,6 @@ import (
 	"github.com/jfrog/jfrog-cli-security/utils"
 	"github.com/jfrog/jfrog-cli-security/utils/formats/sarifutils"
 	"github.com/jfrog/jfrog-cli-security/utils/jasutils"
-	clientutils "github.com/jfrog/jfrog-client-go/utils"
 	"github.com/jfrog/jfrog-client-go/utils/log"
 	"github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif"
 	"golang.org/x/exp/maps"
@@ -46,7 +45,7 @@ func RunSastScan(scanner *jas.JasScanner, module jfrogappsconfig.Module, signedD
 	if vulnerabilitiesResults, violationsResults, err = sastScanManager.scanner.Run(sastScanManager, module); err != nil {
 		return
 	}
-	log.Info(clientutils.GetLogMsgPrefix(threadId, false) + utils.GetScanFindingsLog(utils.SastScan, sarifutils.GetResultsLocationCount(vulnerabilitiesResults...), startTime))
+	log.Info(utils.GetScanFindingsLog(utils.SastScan, sarifutils.GetResultsLocationCount(vulnerabilitiesResults...), startTime, threadId))
 	return
 }
 
diff --git a/jas/secrets/secretsscanner.go b/jas/secrets/secretsscanner.go
@@ -5,8 +5,6 @@ import (
 	"strings"
 	"time"
 
-	clientutils "github.com/jfrog/jfrog-client-go/utils"
-
 	jfrogappsconfig "github.com/jfrog/jfrog-apps-config/go"
 	"github.com/jfrog/jfrog-cli-security/jas"
 	"github.com/jfrog/jfrog-cli-security/utils"
@@ -54,7 +52,7 @@ func RunSecretsScan(scanner *jas.JasScanner, scanType SecretsScanType, module jf
 	if vulnerabilitiesResults, violationsResults, err = secretScanManager.scanner.Run(secretScanManager, module); err != nil {
 		return
 	}
-	log.Info(clientutils.GetLogMsgPrefix(threadId, false) + utils.GetScanFindingsLog(utils.SecretsScan, sarifutils.GetResultsLocationCount(vulnerabilitiesResults...), startTime))
+	log.Info(utils.GetScanFindingsLog(utils.SecretsScan, sarifutils.GetResultsLocationCount(vulnerabilitiesResults...), startTime, threadId))
 	return
 }
 
diff --git a/policy/enforcer/policyenforcer.go b/policy/enforcer/policyenforcer.go
@@ -37,6 +37,8 @@ type PolicyEnforcerViolationGenerator struct {
 	// Filters
 	projectKey string
 	watches    []string
+	// Run options
+	threadId int
 }
 
 func NewPolicyEnforcerViolationGenerator() *PolicyEnforcerViolationGenerator {
diff --git a/sca/scan/enrich/runner.go b/sca/scan/enrich/runner.go
@@ -19,6 +19,8 @@ import (
 type EnrichScanStrategy struct {
 	serverDetails *config.ServerDetails
 	projectKey    string
+	// Run Options
+	threadId int
 }
 
 func NewEnrichScanStrategy() *EnrichScanStrategy {
diff --git a/sca/scan/scascan.go b/sca/scan/scascan.go
@@ -149,11 +149,7 @@ func hasDependenciesToScan(targetResults *results.TargetResults, logPrefix strin
 }
 
 func scaScanTask(strategy SbomScanStrategy, params ScaScanParams) (err error) {
-	logPrefix := ""
-	if params.ThreadId >= 0 {
-		logPrefix = clientUtils.GetLogMsgPrefix(params.ThreadId, false)
-	}
-	log.Info(logPrefix + utils.GetScanStartLog(utils.ScaScan, params.ScanResults.Target, params.TargetCount))
+	log.Info(utils.GetScanStartLog(utils.ScaScan, params.ScanResults.Target, params.TargetCount, params.ThreadId))
 	// Start the scan
 	startTime := time.Now()
 	if !params.IsNewFlow {
@@ -163,7 +159,7 @@ func scaScanTask(strategy SbomScanStrategy, params ScaScanParams) (err error) {
 		if err != nil {
 			return err
 		}
-		log.Info(logPrefix + utils.GetScanFindingsLog(utils.ScaScan, len(scanResults.Vulnerabilities), startTime))
+		log.Info(utils.GetScanFindingsLog(utils.ScaScan, len(scanResults.Vulnerabilities), startTime, params.ThreadId))
 		return dumpScanResponseToFileIfNeeded(scanResults, params.ResultsOutputDir, utils.ScaScan, params.ThreadId)
 	}
 	// New flow: we scan the SBOM and enrich it with CVE vulnerabilities and calculate violations.
@@ -177,7 +173,7 @@ func scaScanTask(strategy SbomScanStrategy, params ScaScanParams) (err error) {
 	if params.ScanResults.ScaResults != nil && params.ScanResults.ScaResults.Sbom != nil && params.ScanResults.ScaResults.Sbom.Vulnerabilities != nil {
 		vulnerabilityCount = len(*params.ScanResults.ScaResults.Sbom.Vulnerabilities)
 	}
-	log.Info(logPrefix + utils.GetScanFindingsLog(utils.ScaScan, vulnerabilityCount, startTime))
+	log.Info(utils.GetScanFindingsLog(utils.ScaScan, vulnerabilityCount, startTime, params.ThreadId))
 	return dumpEnrichedCdxToFileIfNeeded(bomWithVulnerabilities, params.ResultsOutputDir, utils.ScaScan, params.ThreadId)
 }
 
diff --git a/utils/utils.go b/utils/utils.go
@@ -133,18 +133,26 @@ func getScanFindingName(scanType SubScanType) string {
 	return fmt.Sprintf("%s vulnerabilities", subScanTypeToText[scanType])
 }
 
-func GetScanStartLog(scanType SubScanType, target string, targetCount int) string {
+func GetScanStartLog(scanType SubScanType, target string, targetCount, threadId int) string {
+	logPrefix := ""
+	if threadId >= 0 {
+		logPrefix = clientutils.GetLogMsgPrefix(threadId, false)
+	}
 	if targetCount > 1 {
-		return fmt.Sprintf("Running %s scan on target '%s'...", subScanTypeToText[scanType], target)
+		return logPrefix + fmt.Sprintf("Running %s scan on target '%s'...", subScanTypeToText[scanType], target)
 	}
-	return fmt.Sprintf("Running %s scan...", subScanTypeToText[scanType])
+	return logPrefix + fmt.Sprintf("Running %s scan...", subScanTypeToText[scanType])
 }
 
-func GetScanFindingsLog(scanType SubScanType, vulnerabilitiesCount int, startTime time.Time) string {
+func GetScanFindingsLog(scanType SubScanType, vulnerabilitiesCount int, startTime time.Time, threadId int) string {
+	logPrefix := ""
+	if threadId >= 0 {
+		logPrefix = clientutils.GetLogMsgPrefix(threadId, false)
+	}
 	if vulnerabilitiesCount == 0 {
-		return fmt.Sprintf("No %s were found (duration %s)", getScanFindingName(scanType), time.Since(startTime).String())
+		return logPrefix + fmt.Sprintf("No %s were found (duration %s)", getScanFindingName(scanType), time.Since(startTime).String())
 	}
-	return fmt.Sprintf("Found %d %s (duration %s)", vulnerabilitiesCount, getScanFindingName(scanType), time.Since(startTime).String())
+	return logPrefix + fmt.Sprintf("Found %d %s (duration %s)", vulnerabilitiesCount, getScanFindingName(scanType), time.Since(startTime).String())
 }
 
 func IsCI() bool {

Original file line number	Diff line number	Diff line change
`@@ -9,7 +9,6 @@ import (`
`9`	`9`	`"github.com/jfrog/jfrog-cli-security/utils"`
`10`	`10`	`"github.com/jfrog/jfrog-cli-security/utils/formats/sarifutils"`
`11`	`11`	`"github.com/jfrog/jfrog-cli-security/utils/jasutils"`
`12`		`- clientutils "github.com/jfrog/jfrog-client-go/utils"`
`13`	`12`
`14`	`13`	`"github.com/jfrog/jfrog-client-go/utils/log"`
`15`	`14`	`"github.com/owenrumney/go-sarif/v3/pkg/report/v210/sarif"`
`@@ -47,7 +46,7 @@ func RunIacScan(scanner *jas.JasScanner, module jfrogappsconfig.Module, targetCo`
`47`	`46`	`if vulnerabilitiesResults, violationsResults, err = iacScanManager.scanner.Run(iacScanManager, module); err != nil {`
`48`	`47`	`return`
`49`	`48`	`}`
`50`		`- log.Info(clientutils.GetLogMsgPrefix(threadId, false) + utils.GetScanFindingsLog(utils.IacScan, sarifutils.GetResultsLocationCount(vulnerabilitiesResults...), startTime))`
	`49`	`+ log.Info(utils.GetScanFindingsLog(utils.IacScan, sarifutils.GetResultsLocationCount(vulnerabilitiesResults...), startTime, threadId))`
`51`	`50`	`return`
`52`	`51`	`}`
`53`	`52`
Original file line number	Diff line number	Diff line change
`@@ -37,6 +37,8 @@ type PolicyEnforcerViolationGenerator struct {`
`37`	`37`	`// Filters`
`38`	`38`	`projectKey string`
`39`	`39`	`watches []string`
	`40`	`+ // Run options`
	`41`	`+ threadId int`
`40`	`42`	`}`
`41`	`43`
`42`	`44`	`func NewPolicyEnforcerViolationGenerator() *PolicyEnforcerViolationGenerator {`
Original file line number	Diff line number	Diff line change
`@@ -19,6 +19,8 @@ import (`
`19`	`19`	`type EnrichScanStrategy struct {`
`20`	`20`	`serverDetails *config.ServerDetails`
`21`	`21`	`projectKey string`
	`22`	`+ // Run Options`
	`23`	`+ threadId int`
`22`	`24`	`}`
`23`	`25`
`24`	`26`	`func NewEnrichScanStrategy() *EnrichScanStrategy {`
Original file line number	Diff line number	Diff line change
`@@ -149,11 +149,7 @@ func hasDependenciesToScan(targetResults *results.TargetResults, logPrefix strin`
`149`	`149`	`}`
`150`	`150`
`151`	`151`	`func scaScanTask(strategy SbomScanStrategy, params ScaScanParams) (err error) {`
`152`		`- logPrefix := ""`
`153`		`- if params.ThreadId >= 0 {`
`154`		`- logPrefix = clientUtils.GetLogMsgPrefix(params.ThreadId, false)`
`155`		`- }`
`156`		`- log.Info(logPrefix + utils.GetScanStartLog(utils.ScaScan, params.ScanResults.Target, params.TargetCount))`
	`152`	`+ log.Info(utils.GetScanStartLog(utils.ScaScan, params.ScanResults.Target, params.TargetCount, params.ThreadId))`
`157`	`153`	`// Start the scan`
`158`	`154`	`startTime := time.Now()`
`159`	`155`	`if !params.IsNewFlow {`
`@@ -163,7 +159,7 @@ func scaScanTask(strategy SbomScanStrategy, params ScaScanParams) (err error) {`
`163`	`159`	`if err != nil {`
`164`	`160`	`return err`
`165`	`161`	`}`
`166`		`- log.Info(logPrefix + utils.GetScanFindingsLog(utils.ScaScan, len(scanResults.Vulnerabilities), startTime))`
	`162`	`+ log.Info(utils.GetScanFindingsLog(utils.ScaScan, len(scanResults.Vulnerabilities), startTime, params.ThreadId))`
`167`	`163`	`return dumpScanResponseToFileIfNeeded(scanResults, params.ResultsOutputDir, utils.ScaScan, params.ThreadId)`
`168`	`164`	`}`
`169`	`165`	`// New flow: we scan the SBOM and enrich it with CVE vulnerabilities and calculate violations.`
`@@ -177,7 +173,7 @@ func scaScanTask(strategy SbomScanStrategy, params ScaScanParams) (err error) {`
`177`	`173`	`if params.ScanResults.ScaResults != nil && params.ScanResults.ScaResults.Sbom != nil && params.ScanResults.ScaResults.Sbom.Vulnerabilities != nil {`
`178`	`174`	`vulnerabilityCount = len(*params.ScanResults.ScaResults.Sbom.Vulnerabilities)`
`179`	`175`	`}`
`180`		`- log.Info(logPrefix + utils.GetScanFindingsLog(utils.ScaScan, vulnerabilityCount, startTime))`
	`176`	`+ log.Info(utils.GetScanFindingsLog(utils.ScaScan, vulnerabilityCount, startTime, params.ThreadId))`
`181`	`177`	`return dumpEnrichedCdxToFileIfNeeded(bomWithVulnerabilities, params.ResultsOutputDir, utils.ScaScan, params.ThreadId)`
`182`	`178`	`}`
`183`	`179`