Merge branch 'dev' of https://github.com/jfrog/jfrog-cli into fix-npm

# Conflicts: # .github/workflows/frogbot-scan-and-fix.yml # .github/workflows/frogbot-scan-pr.yml
jfrog · Aug 30, 2023 · 9abc49c · 9abc49c
2 parents 8c5f8c6 + bd082a1
commit 9abc49c
Show file tree

Hide file tree

Showing 18 changed files with 419 additions and 115 deletions.
diff --git a/.github/workflows/frogbot-scan-and-fix.yml b/.github/workflows/frogbot-scan-and-fix.yml
@@ -0,0 +1,42 @@
+name: "Frogbot Scan and Fix"
+on:
+  schedule:
+    # The repository will be scanned once a day at 00:00 GMT.
+    - cron: "0 0 * * *"
+permissions:
+  contents: write
+  pull-requests: write
+  security-events: write
+jobs:
+  create-fix-pull-requests:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        # The repository scanning will be triggered periodically on the following branches.
+        branch: [ "dev" ]
+    steps:
+      # Install prerequisites
+      - name: Setup Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: 1.20.x
+
+      - uses: jfrog/frogbot@v2
+        env:
+          # [Mandatory]
+          # JFrog platform URL
+          JF_URL: ${{ secrets.FROGBOT_URL }}
+
+          # [Mandatory if JF_USER and JF_PASSWORD are not provided]
+          # JFrog access token with 'read' permissions on Xray service
+          JF_ACCESS_TOKEN: ${{ secrets.FROGBOT_ACCESS_TOKEN }}
+
+          # [Mandatory]
+          # The GitHub token automatically generated for the job
+          JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          JFROG_CLI_LOG_LEVEL: "DEBUG"
+
+          # [Mandatory]
+          # The name of the branch on which Frogbot will perform the scan
+          JF_GIT_BASE_BRANCH: ${{ matrix.branch }}
+
diff --git a/.github/workflows/frogbot-scan-pr.yml b/.github/workflows/frogbot-scan-pr.yml
@@ -0,0 +1,53 @@
+name: "Frogbot Scan Pull Request"
+on:
+  pull_request_target:
+    types: [opened, synchronize]
+permissions:
+  pull-requests: write
+  contents: read
+jobs:
+  scan-pull-request:
+    runs-on: ubuntu-latest
+    # A pull request needs to be approved, before Frogbot scans it. Any GitHub user who is associated with the
+    # "frogbot" GitHub environment can approve the pull request to be scanned.
+    environment: frogbot
+    steps:
+      # Install prerequisites
+      - name: Setup Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: 1.20.x
+
+      - uses: jfrog/frogbot@v2
+        env:
+          # [Mandatory]
+          # JFrog platform URL
+          JF_URL: ${{ secrets.FROGBOT_URL }}
+
+          # [Mandatory if JF_USER and JF_PASSWORD are not provided]
+          # JFrog access token with 'read' permissions on Xray service
+          JF_ACCESS_TOKEN: ${{ secrets.FROGBOT_ACCESS_TOKEN }}
+
+          # [Mandatory]
+          # The GitHub token automatically generated for the job
+          JF_GIT_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          JFROG_CLI_LOG_LEVEL: "DEBUG"
+
+          # [Optional]
+          # Configure the SMTP server to enable Frogbot to send emails with detected secrets in pull request scans.
+          # SMTP server URL including should the relevant port: (Example: smtp.server.com:8080)
+          JF_SMTP_SERVER: ${{ secrets.JF_SMTP_SERVER }}
+
+          # [Mandatory if JF_SMTP_SERVER is set]
+          # The username required for authenticating with the SMTP server.
+          JF_SMTP_USER: ${{ secrets.JF_SMTP_USER }}
+
+          # [Mandatory if JF_SMTP_SERVER is set]
+          # The password associated with the username required for authentication with the SMTP server.
+          JF_SMTP_PASSWORD: ${{ secrets.JF_SMTP_PASSWORD }}
+
+          # [Optional]
+          # List of comma separated email addresses to receive email notifications about secrets
+          # detected during pull request scanning. The notification is also sent to the email set
+          # in the committer git profile regardless of whether this variable is set or not.
+          JF_EMAIL_RECEIVERS: "[email protected]"
diff --git a/.github/workflows/gradleTests.yml b/.github/workflows/gradleTests.yml
@@ -15,11 +15,12 @@ concurrency:
 jobs:
   Gradle-Tests:
     if: contains(github.event.pull_request.labels.*.name, 'safe to test') || github.event_name == 'push'
-    name: ${{ matrix.os }}
+    name: ${{ matrix.os }}-gradle-${{ matrix.gradle-version }}
     strategy:
       fail-fast: false
       matrix:
         os: [ubuntu-latest, macos-latest, windows-latest]
+        gradle-version: [5.6.4, 8.3]
     runs-on: ${{ matrix.os }}
     env:
       GRADLE_OPTS: -Dorg.gradle.daemon=false
@@ -31,7 +32,7 @@ jobs:
       - name: Setup Gradle
         uses: gradle/gradle-build-action@v2
         with:
-          gradle-version: 7.6
+          gradle-version: ${{ matrix.gradle-version }}
       - name: Checkout code
         uses: actions/checkout@v3
         with:

diff --git a/.github/workflows/lifecycleTests.yml b/.github/workflows/lifecycleTests.yml
@@ -0,0 +1,44 @@
+name: Lifecycle Tests
+on:
+  push:
+    branches:
+      - '**'
+    tags-ignore:
+      - '**'
+  # Triggers the workflow on labeled PRs only.
+  pull_request_target:
+    types: [labeled]
+# Ensures that only the latest commit is running for each PR at a time.
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}-${{ github.ref }}
+  cancel-in-progress: true
+jobs:
+  Lifecycle-Tests:
+    if: contains(github.event.pull_request.labels.*.name, 'safe to test') || github.event_name == 'push'
+    name: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest, macos-latest, windows-latest]
+    runs-on: ${{ matrix.os }}
+    steps:
+      - name: Install Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: 1.20.x
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}
+      - name: Go Cache
+        uses: actions/cache@v3
+        with:
+          path: ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: ${{ runner.os }}-go-
+      - name: Checkout code
+        uses: actions/checkout@v3
+        with:
+          ref: ${{ github.event.pull_request.head.sha }}
+      - name: Run Lifecycle tests
+        run: go test -v github.com/jfrog/jfrog-cli --timeout 0 --test.lifecycle --jfrog.url=${{ secrets.PLATFORM_URL }} --jfrog.adminToken=${{ secrets.PLATFORM_ADMIN_TOKEN }} --jfrog.user=${{ secrets.PLATFORM_USER }} --ci.runId=${{ runner.os }}-lifecycle
diff --git a/distribution/cli.go b/distribution/cli.go
@@ -2,10 +2,6 @@ package distribution
 
 import (
 	"errors"
-	"os"
-	"path/filepath"
-	"strings"
-
 	"github.com/jfrog/jfrog-cli-core/v2/common/commands"
 	"github.com/jfrog/jfrog-cli-core/v2/common/spec"
 	distributionCommands "github.com/jfrog/jfrog-cli-core/v2/distribution/commands"
@@ -18,10 +14,14 @@ import (
 	"github.com/jfrog/jfrog-cli/docs/artifactory/releasebundleupdate"
 	"github.com/jfrog/jfrog-cli/docs/common"
 	"github.com/jfrog/jfrog-cli/utils/cliutils"
+	"github.com/jfrog/jfrog-cli/utils/distribution"
 	distributionServices "github.com/jfrog/jfrog-client-go/distribution/services"
 	distributionServicesUtils "github.com/jfrog/jfrog-client-go/distribution/services/utils"
 	"github.com/jfrog/jfrog-client-go/utils/errorutils"
 	"github.com/urfave/cli"
+	"os"
+	"path/filepath"
+	"strings"
 )
 
 func GetCommands() []cli.Command {
@@ -111,11 +111,11 @@ func releaseBundleCreateCmd(c *cli.Context) error {
 		return err
 	}
 	releaseBundleCreateCmd := distributionCommands.NewReleaseBundleCreateCommand()
-	rtDetails, err := createArtifactoryDetailsByFlags(c)
+	dsDetails, err := createDistributionDetailsByFlags(c)
 	if err != nil {
 		return err
 	}
-	releaseBundleCreateCmd.SetServerDetails(rtDetails).SetReleaseBundleCreateParams(params).SetSpec(releaseBundleCreateSpec).SetDryRun(c.Bool("dry-run")).SetDetailedSummary(c.Bool("detailed-summary"))
+	releaseBundleCreateCmd.SetServerDetails(dsDetails).SetReleaseBundleCreateParams(params).SetSpec(releaseBundleCreateSpec).SetDryRun(c.Bool("dry-run")).SetDetailedSummary(c.Bool("detailed-summary"))
 
 	err = commands.Exec(releaseBundleCreateCmd)
 	if releaseBundleCreateCmd.IsDetailedSummary() {
@@ -153,11 +153,11 @@ func releaseBundleUpdateCmd(c *cli.Context) error {
 		return err
 	}
 	releaseBundleUpdateCmd := distributionCommands.NewReleaseBundleUpdateCommand()
-	rtDetails, err := createArtifactoryDetailsByFlags(c)
+	dsDetails, err := createDistributionDetailsByFlags(c)
 	if err != nil {
 		return err
 	}
-	releaseBundleUpdateCmd.SetServerDetails(rtDetails).SetReleaseBundleUpdateParams(params).SetSpec(releaseBundleUpdateSpec).SetDryRun(c.Bool("dry-run")).SetDetailedSummary(c.Bool("detailed-summary"))
+	releaseBundleUpdateCmd.SetServerDetails(dsDetails).SetReleaseBundleUpdateParams(params).SetSpec(releaseBundleUpdateSpec).SetDryRun(c.Bool("dry-run")).SetDetailedSummary(c.Bool("detailed-summary"))
 
 	err = commands.Exec(releaseBundleUpdateCmd)
 	if releaseBundleUpdateCmd.IsDetailedSummary() {
@@ -177,11 +177,11 @@ func releaseBundleSignCmd(c *cli.Context) error {
 	params.StoringRepository = c.String("repo")
 	params.GpgPassphrase = c.String("passphrase")
 	releaseBundleSignCmd := distributionCommands.NewReleaseBundleSignCommand()
-	rtDetails, err := createArtifactoryDetailsByFlags(c)
+	dsDetails, err := createDistributionDetailsByFlags(c)
 	if err != nil {
 		return err
 	}
-	releaseBundleSignCmd.SetServerDetails(rtDetails).SetReleaseBundleSignParams(params).SetDetailedSummary(c.Bool("detailed-summary"))
+	releaseBundleSignCmd.SetServerDetails(dsDetails).SetReleaseBundleSignParams(params).SetDetailedSummary(c.Bool("detailed-summary"))
 	err = commands.Exec(releaseBundleSignCmd)
 	if releaseBundleSignCmd.IsDetailedSummary() {
 		if summary := releaseBundleSignCmd.GetSummary(); summary != nil {
@@ -192,45 +192,29 @@ func releaseBundleSignCmd(c *cli.Context) error {
 }
 
 func releaseBundleDistributeCmd(c *cli.Context) error {
-	if c.NArg() != 2 {
-		return cliutils.WrongNumberOfArgumentsHandler(c)
-	}
-	if c.IsSet("max-wait-minutes") && !c.IsSet("sync") {
-		return cliutils.PrintHelpAndReturnError("The --max-wait-minutes option can't be used without --sync", c)
-	}
-	var distributionRules *spec.DistributionRules
-	if c.IsSet("dist-rules") {
-		if c.IsSet("site") || c.IsSet("city") || c.IsSet("country-code") {
-			return cliutils.PrintHelpAndReturnError("The --dist-rules option can't be used with --site, --city or --country-code", c)
-		}
-		var err error
-		distributionRules, err = spec.CreateDistributionRulesFromFile(c.String("dist-rules"))
-		if err != nil {
-			return err
-		}
-	} else {
-		distributionRules = createDefaultDistributionRules(c)
+	if err := distribution.ValidateReleaseBundleDistributeCmd(c); err != nil {
+		return err
 	}
 
-	params := distributionServices.NewDistributeReleaseBundleParams(c.Args().Get(0), c.Args().Get(1))
-	releaseBundleDistributeCmd := distributionCommands.NewReleaseBundleDistributeCommand()
-	rtDetails, err := createArtifactoryDetailsByFlags(c)
+	dsDetails, err := createDistributionDetailsByFlags(c)
 	if err != nil {
 		return err
 	}
-	maxWaitMinutes, err := cliutils.GetIntFlagValue(c, "max-wait-minutes", 60)
+	distributionRules, maxWaitMinutes, params, err := distribution.InitReleaseBundleDistributeCmd(c)
 	if err != nil {
 		return err
 	}
-	releaseBundleDistributeCmd.SetServerDetails(rtDetails).
+
+	distributeCmd := distributionCommands.NewReleaseBundleDistributeV1Command()
+	distributeCmd.SetServerDetails(dsDetails).
 		SetDistributeBundleParams(params).
 		SetDistributionRules(distributionRules).
 		SetDryRun(c.Bool("dry-run")).
 		SetSync(c.Bool("sync")).
 		SetMaxWaitMinutes(maxWaitMinutes).
 		SetAutoCreateRepo(c.Bool("create-repo"))
 
-	return commands.Exec(releaseBundleDistributeCmd)
+	return commands.Exec(distributeCmd)
 }
 
 func releaseBundleDeleteCmd(c *cli.Context) error {
@@ -248,7 +232,7 @@ func releaseBundleDeleteCmd(c *cli.Context) error {
 			return err
 		}
 	} else {
-		distributionRules = createDefaultDistributionRules(c)
+		distributionRules = distribution.CreateDefaultDistributionRules(c)
 	}
 
 	params := distributionServices.NewDeleteReleaseBundleParams(c.Args().Get(0), c.Args().Get(1))
@@ -260,11 +244,11 @@ func releaseBundleDeleteCmd(c *cli.Context) error {
 	}
 	params.MaxWaitMinutes = maxWaitMinutes
 	distributeBundleCmd := distributionCommands.NewReleaseBundleDeleteParams()
-	rtDetails, err := createArtifactoryDetailsByFlags(c)
+	dsDetails, err := createDistributionDetailsByFlags(c)
 	if err != nil {
 		return err
 	}
-	distributeBundleCmd.SetQuiet(cliutils.GetQuietValue(c)).SetServerDetails(rtDetails).SetDistributeBundleParams(params).SetDistributionRules(distributionRules).SetDryRun(c.Bool("dry-run"))
+	distributeBundleCmd.SetQuiet(cliutils.GetQuietValue(c)).SetServerDetails(dsDetails).SetDistributeBundleParams(params).SetDistributionRules(distributionRules).SetDryRun(c.Bool("dry-run"))
 
 	return commands.Exec(distributeBundleCmd)
 }
@@ -283,16 +267,6 @@ func createDefaultReleaseBundleSpec(c *cli.Context) *spec.SpecFiles {
 		BuildSpec()
 }
 
-func createDefaultDistributionRules(c *cli.Context) *spec.DistributionRules {
-	return &spec.DistributionRules{
-		DistributionRules: []spec.DistributionRule{{
-			SiteName:     c.String("site"),
-			CityName:     c.String("city"),
-			CountryCodes: cliutils.GetStringsArrFlagValue(c, "country-codes"),
-		}},
-	}
-}
-
 func createReleaseBundleCreateUpdateParams(c *cli.Context, bundleName, bundleVersion string) (distributionServicesUtils.ReleaseBundleParams, error) {
 	releaseBundleParams := distributionServicesUtils.NewReleaseBundleParams(bundleName, bundleVersion)
 	releaseBundleParams.SignImmediately = c.Bool("sign")
@@ -336,13 +310,13 @@ func populateReleaseNotesSyntax(c *cli.Context) (distributionServicesUtils.Relea
 	return distributionServicesUtils.PlainText, nil
 }
 
-func createArtifactoryDetailsByFlags(c *cli.Context) (*coreConfig.ServerDetails, error) {
-	artDetails, err := cliutils.CreateServerDetailsWithConfigOffer(c, true, cliutils.Ds)
+func createDistributionDetailsByFlags(c *cli.Context) (*coreConfig.ServerDetails, error) {
+	dsDetails, err := cliutils.CreateServerDetailsWithConfigOffer(c, true, cliutils.Ds)
 	if err != nil {
 		return nil, err
 	}
-	if artDetails.DistributionUrl == "" {
+	if dsDetails.DistributionUrl == "" {
 		return nil, errors.New("the --dist-url option is mandatory")
 	}
-	return artDetails, nil
+	return dsDetails, nil
 }
diff --git a/distribution_test.go b/distribution_test.go
@@ -14,6 +14,7 @@ import (
 	distributionServices "github.com/jfrog/jfrog-client-go/distribution/services"
 	clientDistUtils "github.com/jfrog/jfrog-client-go/distribution/services/utils"
 	clientUtils "github.com/jfrog/jfrog-client-go/utils"
+	"github.com/jfrog/jfrog-client-go/utils/distribution"
 	"github.com/jfrog/jfrog-client-go/utils/io/fileutils"
 	"github.com/jfrog/jfrog-client-go/utils/io/httputils"
 	"github.com/jfrog/jfrog-client-go/utils/log"
@@ -566,7 +567,7 @@ func TestDistributeSyncTimeout(t *testing.T) {
 	testServer, mockServerDetails, _ := coreTestUtils.CreateDsRestsMockServer(t, func(w http.ResponseWriter, r *http.Request) {
 		if r.RequestURI == "/api/v1/distribution/"+tests.BundleName+"/"+bundleVersion {
 			w.WriteHeader(http.StatusOK)
-			content, err := json.Marshal(distributionServices.DistributionResponseBody{TrackerId: json.Number(trackerId)})
+			content, err := json.Marshal(distribution.DistributionResponseBody{TrackerId: json.Number(trackerId)})
 			assert.NoError(t, err)
 			_, err = w.Write(content)
 			assert.NoError(t, err)

diff --git a/docs/lifecycle/distribute/help.go b/docs/lifecycle/distribute/help.go
@@ -0,0 +1,15 @@
+package distribute
+
+var Usage = []string{"rbd [command options] <release bundle name> <release bundle version>"}
+
+func GetDescription() string {
+	return "Distribute a release bundle."
+}
+
+func GetArguments() string {
+	return `	release bundle name
+		Name of the Release Bundle to distribute.
+
+	release bundle version
+		Version of the Release Bundle to distribute.`
+}