Update dependencies and tests for new config profile (#624)

Author: eranturgeman

commands/audit/audit_test.go

@@ -261,7 +261,6 @@ func TestAuditWithConfigProfile(t *testing.T) {
 						},
 					},
 				}},
-				IsDefault: false,
 			},
 			expectedScaIssues: 15,
 		},
@@ -293,7 +292,6 @@ func TestAuditWithConfigProfile(t *testing.T) {
 						},
 					},
 				}},
-				IsDefault: false,
 			},
 			expectedScaIssues: 0,
 		},
@@ -324,7 +322,6 @@ func TestAuditWithConfigProfile(t *testing.T) {
 						},
 					},
 				}},
-				IsDefault: false,
 			},
 			expectedCaNotCovered: 15,
 		},
@@ -356,7 +353,6 @@ func TestAuditWithConfigProfile(t *testing.T) {
 						},
 					},
 				}},
-				IsDefault: false,
 			},
 			expectedSecretsIssues: 16,
 		},
@@ -388,7 +384,6 @@ func TestAuditWithConfigProfile(t *testing.T) {
 						},
 					},
 				}},
-				IsDefault: false,
 			},
 			expectedSecretsIssues: 7,
 		},
@@ -419,7 +414,6 @@ func TestAuditWithConfigProfile(t *testing.T) {
 						},
 					},
 				}},
-				IsDefault: false,
 			},
 			expectedSastIssues: 4,
 		},
@@ -451,7 +445,6 @@ func TestAuditWithConfigProfile(t *testing.T) {
 						},
 					},
 				}},
-				IsDefault: false,
 			},
 			expectedSastIssues: 0,
 		},
@@ -482,7 +475,6 @@ func TestAuditWithConfigProfile(t *testing.T) {
 						},
 					},
 				}},
-				IsDefault: false,
 			},
 			expectedIacIssues: 9,
 		},
@@ -514,7 +506,6 @@ func TestAuditWithConfigProfile(t *testing.T) {
 						},
 					},
 				}},
-				IsDefault: false,
 			},
 			expectedIacIssues: 0,
 		},
@@ -545,7 +536,6 @@ func TestAuditWithConfigProfile(t *testing.T) {
 						},
 					},
 				}},
-				IsDefault: false,
 			},
 			expectedSastIssues:    4,
 			expectedSecretsIssues: 16,
@@ -581,7 +571,6 @@ func TestAuditWithConfigProfile(t *testing.T) {
 						},
 					},
 				}},
-				IsDefault: false,
 			},
 			expectedSastIssues:    0,
 			expectedSecretsIssues: 7,

go.mod

@@ -17,7 +17,7 @@ require (
 	github.com/jfrog/jfrog-apps-config v1.0.1
 	github.com/jfrog/jfrog-cli-artifactory v0.8.1-0.20251211075913-35ebcd308e93
 	github.com/jfrog/jfrog-cli-core/v2 v2.60.1-0.20251210085744-f8481d179ac5
-	github.com/jfrog/jfrog-client-go v1.55.1-0.20251211124639-306f15dbcf29
+	github.com/jfrog/jfrog-client-go v1.55.1-0.20251217080430-c92b763b7465
 	github.com/magiconair/properties v1.8.10
 	github.com/owenrumney/go-sarif/v3 v3.2.3
 	github.com/package-url/packageurl-go v0.1.3

go.sum

@@ -158,8 +158,8 @@ github.com/jfrog/jfrog-cli-artifactory v0.8.1-0.20251211075913-35ebcd308e93 h1:r
 github.com/jfrog/jfrog-cli-artifactory v0.8.1-0.20251211075913-35ebcd308e93/go.mod h1:7cCaRhXorlbyXZgiW5bplCExFxlnROaG21K12d8inpQ=
 github.com/jfrog/jfrog-cli-core/v2 v2.60.1-0.20251210085744-f8481d179ac5 h1:GYE67ubwl+ZRw3CcXFUi49EwwQp6k+qS8sX0QuHDHO8=
 github.com/jfrog/jfrog-cli-core/v2 v2.60.1-0.20251210085744-f8481d179ac5/go.mod h1:BMoGi2rG0udCCeaghqlNgiW3fTmT+TNnfTnBoWFYgcg=
-github.com/jfrog/jfrog-client-go v1.55.1-0.20251211124639-306f15dbcf29 h1:u+FMai2cImOJExJ1Ehe8JsrpAXmPyRaDXwM60wV3bPA=
-github.com/jfrog/jfrog-client-go v1.55.1-0.20251211124639-306f15dbcf29/go.mod h1:WQ5Y+oKYyHFAlCbHN925bWhnShTd2ruxZ6YTpb76fpU=
+github.com/jfrog/jfrog-client-go v1.55.1-0.20251217080430-c92b763b7465 h1:Ff3BlNPndrAfa1xFI/ORFzfWTxQxF0buWG61PEJwd3U=
+github.com/jfrog/jfrog-client-go v1.55.1-0.20251217080430-c92b763b7465/go.mod h1:WQ5Y+oKYyHFAlCbHN925bWhnShTd2ruxZ6YTpb76fpU=
 github.com/jhump/protoreflect v1.15.1 h1:HUMERORf3I3ZdX05WaQ6MIpd/NJ434hTp5YiKgfCL6c=
 github.com/jhump/protoreflect v1.15.1/go.mod h1:jD/2GMKKE6OqX8qTjhADU1e6DShO+gavG9e0Q693nKo=
 github.com/k0kubun/colorstring v0.0.0-20150214042306-9440f1994b88/go.mod h1:3w7q1U84EfirKl04SVQ/s7nPm1ZPhiXd34z40TNz36k=

sca/bom/buildinfo/technologies/common_test.go

@@ -62,8 +62,6 @@ func TestGetExcludePattern(t *testing.T) {
 						},
 					},
 				},
-				IsDefault:      false,
-				IsBasicProfile: false,
 			},
 			expected: "(^exclude1$)|(^exclude2$)|(^exclude3$)",
 		},

tests/testdata/other/configProfile/configProfileExample.json

@@ -1,53 +1,27 @@
 {
   "profile_name": "default-profile",
   "general_config": {
-    "releases_repo": "https://repo.example.com/releases",
-    "analyzer_manager_version": "1.2.3",
-    "report_analytics": true,
-    "exclude_patterns": ["*.log*", "*.tmp*"],
-    "results_output_dir": "/path/to/results",
-    "allow_partial_results": false
+    "scanners_download_path": "https://repo.example.com/releases",
+    "general_exclude_patterns": ["*.log*", "*.tmp*"],
+    "fail_upon_any_scanner_error": true
   },
   "frogbot_config": {
-    "email_author": "[email protected]",
     "aggregate_fixes": true,
-    "avoid_previous_pr_comments_deletion": true,
-    "avoid_extra_messages": true,
-    "add_success_comment": true,
+    "hide_success_banner_for_no_issues": false,
     "branch_name_template": "frogbot-${IMPACTED_PACKAGE}-${BRANCH_NAME_HASH}",
     "pr_title_template": "[🐸 Frogbot] Upgrade {IMPACTED_PACKAGE} to {FIX_VERSION}",
-    "pr_comment_title": "Frogbot notes:",
     "commit_message_template": "Upgrade {IMPACTED_PACKAGE} to {FIX_VERSION}",
     "show_secrets_as_pr_comment": false,
-    "skip_auto_fix": false,
-    "include_all_repository_vulnerabilities": true
+    "create_auto_fix_pr": true,
+    "include_vulnerabilities_and_violations": false
   },
   "modules": [
     {
       "module_name": "default-module",
       "path_from_root": ".",
-      "exclude_patterns":  ["**/.git/**", "**/*test*/**", "**/*venv*/**", "**/*node_modules*/**", "**/target/**"],
       "scan_config": {
         "sca_scanner_config": {
           "enable_sca_scan": true,
-          "technology": "Java",
-          "package_managers_settings": {
-            "gradle_settings": {
-              "exclude_test_deps": false,
-              "use_wrapper": true
-            },
-            "maven_settings": {
-              "use_wrapper": true
-            },
-            "npm_settings": {
-              "dep_type": "all",
-              "pnpm_max_tree_depth": 9
-            },
-            "python_settings": {
-              "requirements_file": "requirements.txt"
-            }
-          },
-          "skip_auto_install": true,
           "exclude_patterns": ["**/build/**"]
         },
         "contextual_analysis_scanner_config": {
@@ -56,26 +30,20 @@
         },
         "sast_scanner_config": {
           "enable_sast_scan": true,
-          "language": "Java",
-          "include_patterns": ["*.go"],
           "exclude_patterns": ["**/_test.go/**"],
           "exclude_rules": ["xss-injection"]
         },
         "secrets_scanner_config": {
           "enable_secrets_scan": true,
           "validate_secrets": true,
-          "include_patterns": ["*.go"],
-          "exclude_patterns": ["**/_test.go/**"]
+          "exclude_patterns": ["**/_test.go/**"],
+          "enable_custom_secrets": true
         },
         "iac_scanner_config": {
           "enable_iac_scan": true,
-          "include_patterns": ["*.tf"],
           "exclude_patterns": ["*.tfstate"]
         }
-      },
-      "deps_repo": "https://deps.example.com"
+      }
     }
-  ],
-  "is_default": true,
-  "is_basic_profile": false
+  ]
 }

utils/xsc/configprofile_test.go

@@ -1,8 +1,6 @@
 package xsc
 
 import (
-	"encoding/json"
-	"os"
 	"testing"
 
 	"github.com/jfrog/jfrog-cli-security/tests/validations"
@@ -44,15 +42,7 @@ func TestGetConfigProfileByName(t *testing.T) {
 			}
 			// Validate results
 			assert.NoError(t, err)
-
-			profileFileContent, err := os.ReadFile("../../tests/testdata/other/configProfile/configProfileExample.json")
-			assert.NoError(t, err)
-
-			var configProfileForComparison services.ConfigProfile
-			err = json.Unmarshal(profileFileContent, &configProfileForComparison)
-			assert.NoError(t, err)
-
-			assert.Equal(t, &configProfileForComparison, configProfile)
+			assert.Equal(t, getComparisonConfigProfile(), configProfile)
 		})
 	}
 }
@@ -87,15 +77,59 @@ func TestGetConfigProfileByUrl(t *testing.T) {
 			}
 			// Validate results
 			assert.NoError(t, err)
-
-			profileFileContent, err := os.ReadFile("../../tests/testdata/other/configProfile/configProfileExample.json")
-			assert.NoError(t, err)
-
-			var configProfileForComparison services.ConfigProfile
-			err = json.Unmarshal(profileFileContent, &configProfileForComparison)
-			assert.NoError(t, err)
-
-			assert.Equal(t, &configProfileForComparison, configProfile)
+			assert.Equal(t, getComparisonConfigProfile(), configProfile)
 		})
 	}
 }
+
+func getComparisonConfigProfile() *services.ConfigProfile {
+	return &services.ConfigProfile{
+		ProfileName: "default-profile",
+		GeneralConfig: services.GeneralConfig{
+			ScannersDownloadPath:    "https://repo.example.com/releases",
+			GeneralExcludePatterns:  []string{"*.log*", "*.tmp*"},
+			FailUponAnyScannerError: true,
+		},
+		FrogbotConfig: services.FrogbotConfig{
+			AggregateFixes:                      true,
+			HideSuccessBannerForNoIssues:        false,
+			BranchNameTemplate:                  "frogbot-${IMPACTED_PACKAGE}-${BRANCH_NAME_HASH}",
+			PrTitleTemplate:                     "[🐸 Frogbot] Upgrade {IMPACTED_PACKAGE} to {FIX_VERSION}",
+			CommitMessageTemplate:               "Upgrade {IMPACTED_PACKAGE} to {FIX_VERSION}",
+			ShowSecretsAsPrComment:              false,
+			CreateAutoFixPr:                     true,
+			IncludeVulnerabilitiesAndViolations: false,
+		},
+		Modules: []services.Module{
+			{
+				ModuleName:   "default-module",
+				PathFromRoot: ".",
+				ScanConfig: services.ScanConfig{
+					ScaScannerConfig: services.ScaScannerConfig{
+						EnableScaScan:   true,
+						ExcludePatterns: []string{"**/build/**"},
+					},
+					ContextualAnalysisScannerConfig: services.CaScannerConfig{
+						EnableCaScan:    true,
+						ExcludePatterns: []string{"**/docs/**"},
+					},
+					SastScannerConfig: services.SastScannerConfig{
+						EnableSastScan:  true,
+						ExcludePatterns: []string{"**/_test.go/**"},
+						ExcludeRules:    []string{"xss-injection"},
+					},
+					SecretsScannerConfig: services.SecretsScannerConfig{
+						EnableSecretsScan:   true,
+						ValidateSecrets:     true,
+						ExcludePatterns:     []string{"**/_test.go/**"},
+						EnableCustomSecrets: true,
+					},
+					IacScannerConfig: services.IacScannerConfig{
+						EnableIacScan:   true,
+						ExcludePatterns: []string{"*.tfstate"},
+					},
+				},
+			},
+		},
+	}
+}