Adding Xray Source Control Service

.github/workflows/tests.yml

@@ -113,6 +113,35 @@ jobs:
       - name: ${{ matrix.suite }} tests
         run: go test -v github.com/jfrog/jfrog-client-go/tests --timeout 0 --test.${{ matrix.suite }} --rt.url=${{ secrets.PLATFORM_URL }}/artifactory --ds.url=${{ secrets.PLATFORM_URL }}/distribution --xr.url=${{ secrets.PLATFORM_URL }}/xray --access.url=${{ secrets.PLATFORM_URL }}/access --rt.user=${{ secrets.PLATFORM_USER }} --rt.password=${{ secrets.PLATFORM_PASSWORD }} --access.token=${{ secrets.PLATFORM_ADMIN_TOKEN }} --ci.runId=${{ runner.os }}-${{ matrix.suite }}
 
+  JFrog-Client-Go-Xsc-Tests:
+    needs: Pretest
+    name: ${{ matrix.suite }} ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ ubuntu-latest, macos-latest, windows-latest ]
+    runs-on: ${{ matrix.os }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}
+
+      - name: Install Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: 1.20.x
+
+      - name: Go Cache
+        uses: actions/cache@v3
+        with:
+          path: ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: ${{ runner.os }}-go-
+
+      - name: ${{ matrix.suite }} tests
+        run: go test -v github.com/jfrog/jfrog-client-go/tests --timeout 0 --test.xsc --xr.url=${{ secrets.PLATFORM_URL }}/xray --rt.user=${{ secrets.PLATFORM_USER }} --rt.password=${{ secrets.PLATFORM_PASSWORD }} --access.token=${{ secrets.PLATFORM_ADMIN_TOKEN }} --ci.runId=${{ runner.os }}_xsc
+
   JFrog-Client-Go-Pipelines-Tests:
     needs: Pretest
     name: pipelines ubuntu-latest

README.md

@@ -251,6 +251,7 @@ content of this repository is deleted.
 | `-test.artifactory`  | Artifactory tests  | Artifactory Pro               |
 | `-test.distribution` | Distribution tests | Artifactory with Distribution |
 | `-test.xray`         | Xray tests         | Artifactory with Xray         |
+| `-test.xsc`          | Xsc tests          | Xray with XSC enabled         |
 | `-test.pipelines`    | Pipelines tests    | JFrog Pipelines               |
 | `-test.access`       | Access tests       | Artifactory Pro               |
 | `-test.repositories` | Access tests       | Artifactory Pro               |

access/auth/accessdetails.go

@@ -12,6 +12,18 @@ type accessDetails struct {
 	auth.CommonConfigFields
 }
 
+func (rt *accessDetails) GetXscUrl() string {
+	panic("Failed: Method is not implemented")
+}
+
+func (rt *accessDetails) SetXscUrl(url string) {
+	panic("Failed: Method is not implemented")
+}
+
 func (rt *accessDetails) GetVersion() (string, error) {
 	panic("Failed: Method is not implemented")
 }
+
+func (rt *accessDetails) GetXscVersion() string {
+	panic("Failed: Method is not implemented")
+}

artifactory/auth/rtdetails.go

@@ -15,6 +15,18 @@ type artifactoryDetails struct {
 	auth.CommonConfigFields
 }
 
+func (rt *artifactoryDetails) SetXscUrl(url string) {
+	panic("Failed: Method is not implemented")
+}
+
+func (rt *artifactoryDetails) GetXscUrl() string {
+	panic("Failed: Method is not implemented")
+}
+
+func (rt *artifactoryDetails) GetXscVersion() string {
+	panic("Failed: Method is not implemented")
+}
+
 func (rt *artifactoryDetails) GetVersion() (string, error) {
 	var err error
 	if rt.Version == "" {

artifactory/services/utils/tests/xray/consts.go

@@ -1433,3 +1433,12 @@ var MapResponse = map[string]map[string]string {
     "ReportDetails": LicensesReportDetailsResponse,
   },
 }
+
+const gitInfoSentResponse = `{"multi_scan_id": "f2a8d4fe-40e6-11ee-84e4-02ee10c7f40e"}`
+
+const scanGraphResponse = `{"scan_id": "9c9dbd61-f544-4e33-4613-34727043d71f"}`
+
+// Empty body as tests currently do not check response body.
+const getScanResultsResponse = `{}`
+
+const xscVersionResponse = `{"xsc_version": "0.0.0"}`

artifactory/services/utils/tests/xray/server.go

@@ -84,7 +84,7 @@ func reportHandler(w http.ResponseWriter, r *http.Request) {
 				log.Error(err)
 				http.Error(w, err.Error(), http.StatusInternalServerError)
 			}
-			
+
 			return
 		}
 	case http.MethodPost:
@@ -114,7 +114,7 @@ func reportHandler(w http.ResponseWriter, r *http.Request) {
 		}
 	case http.MethodDelete:
 		if numSegments == 0 {
-			_, err := fmt.Fprint(w, XrayReportDeleteResponse) 
+			_, err := fmt.Fprint(w, XrayReportDeleteResponse)
 			if err != nil {
 				log.Error(err)
 				http.Error(w, err.Error(), http.StatusInternalServerError)
@@ -140,6 +140,27 @@ func entitlementsHandler(w http.ResponseWriter, r *http.Request) {
 	}
 }
 
+func securityHandler(w http.ResponseWriter, r *http.Request) {
+	var err error
+	endpoint := r.URL.Path[strings.LastIndex(r.URL.Path, "/")+1:]
+	switch endpoint {
+	case "gitinfo":
+		_, err = fmt.Fprint(w, gitInfoSentResponse)
+	case "graph":
+		_, err = fmt.Fprint(w, scanGraphResponse)
+	case "9c9dbd61-f544-4e33-4613-34727043d71f":
+		_, err = fmt.Fprint(w, getScanResultsResponse)
+	case "version":
+		_, err = fmt.Fprint(w, xscVersionResponse)
+	default:
+		panic("Unexpected request URI:" + r.RequestURI)
+	}
+	if err != nil {
+		log.Error(err)
+		http.Error(w, err.Error(), http.StatusInternalServerError)
+	}
+}
+
 func buildScanHandler(w http.ResponseWriter, r *http.Request) {
 	argsSegment := strings.Split(r.URL.Path, services.BuildScanAPI)[1]
 	switch r.Method {
@@ -188,6 +209,8 @@ func StartXrayMockServer() int {
 	handlers["/api/xray/scanBuild"] = scanBuildHandler
 	handlers["/api/v2/summary/artifact"] = artifactSummaryHandler
 	handlers["/api/v1/entitlements/feature/"] = entitlementsHandler
+	handlers["/xsc/"] = securityHandler
+	handlers["/xray/"] = securityHandler
 	handlers[fmt.Sprintf("/%s/", services.ReportsAPI)] = reportHandler
 	handlers[fmt.Sprintf("/%s/", services.BuildScanAPI)] = buildScanHandler
 	handlers["/"] = http.NotFound

auth/servicedetails.go

@@ -30,8 +30,11 @@ type ServiceDetails interface {
 	GetSshAuthHeaders() map[string]string
 	GetClient() *jfroghttpclient.JfrogHttpClient
 	GetVersion() (string, error)
+	GetXscUrl() string
+	GetXscVersion() string
 
 	SetUrl(url string)
+	SetXscUrl(url string)
 	SetUser(user string)
 	SetPassword(password string)
 	SetApiKey(apiKey string)
@@ -51,12 +54,12 @@ type ServiceDetails interface {
 	AuthenticateSsh(sshKey, sshPassphrase string) error
 	InitSsh() error
 	RunPreRequestFunctions(httpClientDetails *httputils.HttpClientDetails) error
-
 	CreateHttpClientDetails() httputils.HttpClientDetails
 }
 
 type CommonConfigFields struct {
 	Url                    string                         `json:"-"`
+	XscUrl                 string                         `json:"-"`
 	User                   string                         `json:"-"`
 	Password               string                         `json:"-"`
 	ApiKey                 string                         `json:"-"`

distribution/auth/dsdetails.go

@@ -15,6 +15,18 @@ type distributionDetails struct {
 	auth.CommonConfigFields
 }
 
+func (ds *distributionDetails) GetXscUrl() string {
+	panic("Failed: Method is not implemented")
+}
+
+func (ds *distributionDetails) SetXscUrl(url string) {
+	panic("Failed: Method is not implemented")
+}
+
+func (ds *distributionDetails) GetXscVersion() string {
+	panic("Failed: Method is not implemented")
+}
+
 func (ds *distributionDetails) GetVersion() (string, error) {
 	var err error
 	if ds.Version == "" {

lifecycle/auth/lifecycledetails.go

@@ -12,6 +12,18 @@ type lifecycleDetails struct {
 	auth.CommonConfigFields
 }
 
+func (rt *lifecycleDetails) GetXscUrl() string {
+	panic("Failed: Method is not implemented")
+}
+
+func (rt *lifecycleDetails) SetXscUrl(url string) {
+	panic("Failed: Method is not implemented")
+}
+
 func (rt *lifecycleDetails) GetVersion() (string, error) {
 	panic("Failed: Method is not implemented")
 }
+
+func (rt *lifecycleDetails) GetXscVersion() string {
+	panic("Failed: Method is not implemented")
+}

pipelines/auth/pipelinesdetails.go

@@ -15,6 +15,18 @@ type pipelinesDetails struct {
 	auth.CommonConfigFields
 }
 
+func (pd *pipelinesDetails) GetXscUrl() string {
+	panic("Failed: Method is not implemented")
+}
+
+func (pd *pipelinesDetails) SetXscUrl(url string) {
+	panic("Failed: Method is not implemented")
+}
+
+func (pd *pipelinesDetails) GetXscVersion() string {
+	panic("Failed: Method is not implemented")
+}
+
 func (pd *pipelinesDetails) GetVersion() (string, error) {
 	var err error
 	if pd.Version == "" {

tests/jfrogclient_test.go

@@ -65,6 +65,9 @@ func setupIntegrationTests() {
 		createXrayPolicyManager()
 		createXrayBinMgrManager()
 	}
+	if *TestXsc {
+		createSecurityServiceManager()
+	}
 	if *TestPipelines {
 		createPipelinesIntegrationsManager()
 		createPipelinesSourcesManager()

tests/utils_test.go

@@ -5,6 +5,8 @@ import (
 	"errors"
 	"flag"
 	"fmt"
+	"github.com/jfrog/jfrog-client-go/config"
+	"github.com/jfrog/jfrog-client-go/xray/manager"
 	"net/http"
 	"os"
 	"path/filepath"
@@ -48,6 +50,7 @@ var (
 	TestArtifactory          *bool
 	TestDistribution         *bool
 	TestXray                 *bool
+	TestXsc                  *bool
 	TestPipelines            *bool
 	TestAccess               *bool
 	TestRepositories         *bool
@@ -110,6 +113,7 @@ var (
 	testsXrayWatchService  *xrayServices.WatchService
 	testsXrayPolicyService *xrayServices.PolicyService
 	testXrayBinMgrService  *xrayServices.BinMgrService
+	securityServiceManager manager.SecurityServiceManager
 
 	// Pipelines Services
 	testsPipelinesIntegrationsService *pipelinesServices.IntegrationsService
@@ -142,6 +146,7 @@ func init() {
 	TestArtifactory = flag.Bool("test.artifactory", false, "Test Artifactory")
 	TestDistribution = flag.Bool("test.distribution", false, "Test distribution")
 	TestXray = flag.Bool("test.xray", false, "Test xray")
+	TestXsc = flag.Bool("test.xsc", false, "Test xsc")
 	TestPipelines = flag.Bool("test.pipelines", false, "Test pipelines")
 	TestAccess = flag.Bool("test.access", false, "Test access")
 	TestRepositories = flag.Bool("test.repositories", false, "Test repositories in Artifactory")
@@ -542,11 +547,20 @@ func GetDistDetails() auth.ServiceDetails {
 
 func GetXrayDetails() auth.ServiceDetails {
 	xrayDetails := xrayAuth.NewXrayDetails()
-	xrayDetails.SetUrl(clientutils.AddTrailingSlashIfNeeded(*XrayUrl))
+	xrayUrl := clientutils.AddTrailingSlashIfNeeded(*XrayUrl)
+	xrayDetails.SetUrl(xrayUrl)
+	setupXsc(xrayDetails, xrayUrl)
 	setAuthenticationDetail(xrayDetails)
 	return xrayDetails
 }
 
+func setupXsc(xrayDetails *xrayAuth.XrayDetails, xrayUrl string) {
+	if *TestXsc {
+		xrayDetails.SetXscUrl(strings.Replace(xrayUrl, "xray", "xsc", 1))
+		xrayDetails.SetXscVersion("0.0.0")
+	}
+}
+
 func GetPipelinesDetails() auth.ServiceDetails {
 	pDetails := pipelinesAuth.NewPipelinesDetails()
 	pDetails.SetUrl(clientutils.AddTrailingSlashIfNeeded(*PipelinesUrl))
@@ -1115,6 +1129,35 @@ func createAccessPingManager() {
 	testsAccessPingService.ServiceDetails = accessDetails
 }
 
+func createSecurityServiceManager() {
+	xrayDetails := xrayAuth.NewXrayDetails()
+	xrayUrl := clientutils.AddTrailingSlashIfNeeded(*XrayUrl)
+	xrayDetails.SetUrl(xrayUrl)
+	xrayDetails.SetXscUrl(strings.Replace(xrayUrl, "/xray/", "/xsc/", 1))
+	// XSC version is used to determine if XSC in enabled or not.
+	if *TestXsc {
+		xrayDetails.SetXscVersion("0.0.0")
+	}
+	setAuthenticationDetail(xrayDetails)
+	initSecurityManagerByServerDetails(xrayDetails)
+}
+
+// Init securityServiceManager as XSC or Xray manager depends on the server details.
+func initSecurityManagerByServerDetails(xrayDetails *xrayAuth.XrayDetails) {
+	xsc := auth.ServiceDetails(xrayDetails)
+	serviceConfig, err := config.NewConfigBuilder().
+		SetServiceDetails(xsc).
+		SetCertificatesPath(xsc.GetClientCertPath()).
+		Build()
+	failOnHttpClientCreation(err)
+	securityService, err := manager.New(serviceConfig)
+	if err != nil {
+		log.Error("failed to initialize securityServiceManager")
+		os.Exit(1)
+	}
+	securityServiceManager = securityService
+}
+
 func getUniqueField(prefix string) string {
 	return strings.Join([]string{prefix, strconv.FormatInt(time.Now().Unix(), 10), runtime.GOOS}, "-")
 }

tests/xray_test.go

@@ -105,6 +105,7 @@ func initXrayTest(t *testing.T) {
 	if !*TestXray {
 		t.Skip("Skipping xray test. To run xray test add the '-test.xray=true' option.")
 	}
+	createSecurityServiceManager()
 }
 
 type testXrayDetails struct {

tests/xrayscan_test.go

@@ -1,6 +1,11 @@
 package tests
 
 import (
+	"github.com/jfrog/jfrog-client-go/auth"
+	"github.com/jfrog/jfrog-client-go/config"
+	"github.com/jfrog/jfrog-client-go/xray/manager"
+	"github.com/jfrog/jfrog-client-go/xray/scan"
+	"github.com/stretchr/testify/assert"
 	"strconv"
 	"strings"
 	"testing"
@@ -46,6 +51,29 @@ func TestNewXrayScanService(t *testing.T) {
 	}
 }
 
+func TestXrayScanGraph(t *testing.T) {
+	initXrayTest(t)
+	mockScanId := "9c9dbd61-f544-4e33-4613-34727043d71f"
+	xrayServerPort := xray.StartXrayMockServer()
+	xrayDetails := newTestXrayDetails(GetXrayDetails())
+	xrayDetails.SetUrl("http://localhost:" + strconv.Itoa(xrayServerPort) + "/xray/")
+
+	cfp := auth.ServiceDetails(xrayDetails)
+	serviceConfig, err := config.NewConfigBuilder().
+		SetServiceDetails(cfp).
+		Build()
+	assert.NoError(t, err)
+	securityServiceManager, err = manager.New(serviceConfig)
+	assert.NoError(t, err)
+	assertSecurityManagerType(t)
+
+	scanId, err := securityServiceManager.ScanGraph(&scan.XrayGraphScanParams{})
+	assert.NoError(t, err)
+	assert.Equal(t, mockScanId, scanId)
+	_, err = securityServiceManager.GetScanGraphResults(scanId, false, false)
+	assert.NoError(t, err)
+}
+
 func scanBuild(t *testing.T, buildName, buildNumber, expected string) {
 	params := services.NewXrayScanParams()
 	params.BuildName = buildName