Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

jf docker scan does not support command option auth #53

Open
sean-hernon opened this issue Apr 11, 2024 · 2 comments
Open

jf docker scan does not support command option auth #53

sean-hernon opened this issue Apr 11, 2024 · 2 comments
Labels
feature request New feature or request

Comments

@sean-hernon
Copy link

sean-hernon commented Apr 11, 2024

Describe the bug

The current docs suggest that command options can be used to configure the url and auth options for the xray server when scanning. https://docs.jfrog-applications.jfrog.io/jfrog-applications/jfrog-cli/cli-for-jfrog-security/authentication
https://docs.jfrog-applications.jfrog.io/jfrog-applications/jfrog-cli/cli-for-jfrog-security

These options work when running jf audit, but not jf docker scan, although the structure of the documentation seems to suggest it should work for both.

Current behavior

Output:

JFrog Xray URL must be provided in order run this command. Use the 'jf c add' command to set the Xray server details.

Reproduction steps

Command:

jf docker scan --url {my-server-url} --user {my-user} --password {my-password} {my-local-image}

Expected behavior

The jf docker scan command uses the provided url and credentials to run the scan; or, the documentation reflects that it only works when running the audit command.

JFrog CLI-Security version

1.0.5

JFrog CLI version (if applicable)

2.55.0

Operating system type and version

Version used by releases-docker.jfrog.io/jfrog/jfrog-cli-full-v2-jf:2.55.0

JFrog Xray version

No response

@sean-hernon sean-hernon added the bug Something isn't working label Apr 11, 2024
@gailazar300
Copy link
Contributor

Dear @sean-hernon
Thank you for reporting this!
Credentials flags are not supported for 'jf docker scan' for now (you can see all supported flags for this command by running 'jf docker scan --help')
You can config your environment details by running 'jf c add' and use 'server-id' flag by running 'jf docker scan --server-id='.
We will consider adding the credentials flags to this command!

@gailazar300 gailazar300 added feature request New feature or request and removed bug Something isn't working labels Apr 14, 2024
@sean-hernon
Copy link
Author

Thank you @gailazar300

Yes true, I was aware that I can add a config to use first (this is what I am doing now, but it requires an extra one-time up-front step).

My point was more that the documentation now is misleading and suggests that the command already supports these options.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
feature request New feature or request
Projects
None yet
Development

No branches or pull requests

2 participants