swift audit fixes + small fix to cocoapods version

jfrog · Dec 8, 2024 · dba18a6 · dba18a6
1 parent 9d7503c
commit dba18a6
Show file tree

Hide file tree

Showing 3 changed files with 42 additions and 28 deletions.
diff --git a/commands/audit/sca/cocoapods/cocoapods.go b/commands/audit/sca/cocoapods/cocoapods.go
@@ -7,6 +7,9 @@ import (
 	"github.com/jfrog/jfrog-cli-security/utils"
 	"github.com/jfrog/jfrog-cli-security/utils/formats/sarifutils"
 	"github.com/jfrog/jfrog-cli-security/utils/techutils"
+	"github.com/jfrog/jfrog-cli-security/utils/xray"
+	"github.com/jfrog/jfrog-cli-security/utils/xray/scangraph"
+	clientutils "github.com/jfrog/jfrog-client-go/utils"
 	"github.com/jfrog/jfrog-client-go/utils/log"
 	xrayUtils "github.com/jfrog/jfrog-client-go/xray/services/utils"
 	"github.com/owenrumney/go-sarif/v2/sarif"
@@ -200,6 +203,24 @@ func GetDependenciesData(currentDir string) (string, error) {
 }
 
 func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils.GraphNode, uniqueDeps []string, err error) {
+	details, err := params.ServerDetails()
+	if err != nil {
+		return nil, nil, err
+	}
+	xrayManager, err := xray.CreateXrayServiceManager(details)
+	if err != nil {
+		return nil, nil, err
+	}
+	xrayVersion, err := xrayManager.GetVersion()
+	if err != nil {
+		log.Error("Could not get xray version")
+		return nil, nil, err
+	}
+	err = clientutils.ValidateMinimumVersion(clientutils.Xray, xrayVersion, scangraph.CocoapodsScanMinXrayVersion)
+	if err != nil {
+		log.Warn(fmt.Sprintf("Your xray version %s does not support cocoapods which is supported on versions %s and above", xrayVersion, scangraph.CocoapodsScanMinXrayVersion))
+		return nil, nil, err
+	}
 	currentDir, err := coreutils.GetWorkingDirectory()
 	if err != nil {
 		return nil, nil, err

diff --git a/commands/audit/sca/swift/swift.go b/commands/audit/sca/swift/swift.go
@@ -8,6 +8,9 @@ import (
 	"github.com/jfrog/jfrog-cli-security/utils"
 	"github.com/jfrog/jfrog-cli-security/utils/formats/sarifutils"
 	"github.com/jfrog/jfrog-cli-security/utils/techutils"
+	"github.com/jfrog/jfrog-cli-security/utils/xray"
+	"github.com/jfrog/jfrog-cli-security/utils/xray/scangraph"
+	clientutils "github.com/jfrog/jfrog-client-go/utils"
 	"github.com/jfrog/jfrog-client-go/utils/log"
 	xrayUtils "github.com/jfrog/jfrog-client-go/xray/services/utils"
 	"github.com/owenrumney/go-sarif/v2/sarif"
@@ -160,6 +163,24 @@ func GetDependenciesData(exePath, currentDir string) (*Dependencies, error) {
 }
 
 func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils.GraphNode, uniqueDeps []string, err error) {
+	details, err := params.ServerDetails()
+	if err != nil {
+		return nil, nil, err
+	}
+	xrayManager, err := xray.CreateXrayServiceManager(details)
+	if err != nil {
+		return nil, nil, err
+	}
+	xrayVersion, err := xrayManager.GetVersion()
+	if err != nil {
+		log.Error("Could not get xray version")
+		return nil, nil, err
+	}
+	err = clientutils.ValidateMinimumVersion(clientutils.Xray, xrayVersion, scangraph.SwiftScanMinXrayVersion)
+	if err != nil {
+		log.Warn(fmt.Sprintf("Your xray version %s does not support cocoapods which is supported on versions %s and above", xrayVersion, scangraph.SwiftScanMinXrayVersion))
+		return nil, nil, err
+	}
 	currentDir, err := coreutils.GetWorkingDirectory()
 	if err != nil {
 		return nil, nil, err

diff --git a/commands/audit/scarunner.go b/commands/audit/scarunner.go
@@ -257,36 +257,8 @@ func GetTechDependencyTree(params xrayutils.AuditParams, artifactoryServerDetail
 	case techutils.Nuget:
 		depTreeResult.FullDepTrees, uniqueDeps, err = nuget.BuildDependencyTree(params)
 	case techutils.Cocoapods:
-		xrayManager, err := xray.CreateXrayServiceManager(artifactoryServerDetails)
-		if err != nil {
-			return depTreeResult, err
-		}
-		xrayVersion, err := xrayManager.GetVersion()
-		if err != nil {
-			log.Error("Could not get xray version")
-			return depTreeResult, err
-		}
-		err = clientutils.ValidateMinimumVersion(clientutils.Xray, xrayVersion, scangraph.CocoapodsScanMinXrayVersion)
-		if err != nil {
-			log.Warn(fmt.Sprintf("Your xray version %s does not support cocoapods which is supported on versions %s and above", xrayVersion, scangraph.CocoapodsScanMinXrayVersion))
-			return depTreeResult, err
-		}
 		depTreeResult.FullDepTrees, uniqueDeps, err = cocoapods.BuildDependencyTree(params)
 	case techutils.Swift:
-		xrayManager, err := xray.CreateXrayServiceManager(artifactoryServerDetails)
-		if err != nil {
-			return depTreeResult, err
-		}
-		xrayVersion, err := xrayManager.GetVersion()
-		if err != nil {
-			log.Error("Could not get xray version")
-			return depTreeResult, err
-		}
-		err = clientutils.ValidateMinimumVersion(clientutils.Xray, xrayVersion, scangraph.SwiftScanMinXrayVersion)
-		if err != nil {
-			log.Warn(fmt.Sprintf("Your xray version %s does not support swift which is supported on versions %s and above", xrayVersion, scangraph.SwiftScanMinXrayVersion))
-			return depTreeResult, err
-		}
 		depTreeResult.FullDepTrees, uniqueDeps, err = swift.BuildDependencyTree(params)
 	default:
 		err = errorutils.CheckErrorf("%s is currently not supported", string(tech))