-
Notifications
You must be signed in to change notification settings - Fork 71
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'dev' into fix-aggregated-prs
- Loading branch information
Showing
30 changed files
with
145 additions
and
51 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -4,6 +4,7 @@ | |
branches: | ||
- master | ||
- main | ||
emailAuthor: "[email protected]" | ||
scan: | ||
projects: | ||
- installCommand: nuget restore | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -137,6 +137,7 @@ func TestExtractAndAssertRepoParams(t *testing.T) { | |
GitBaseBranchEnv: "dev", | ||
GitPullRequestIDEnv: "1", | ||
GitAggregateFixesEnv: "true", | ||
GitEmailAuthorEnv: "[email protected]", | ||
MinSeverityEnv: "high", | ||
FixableOnlyEnv: "true", | ||
}) | ||
|
@@ -164,7 +165,7 @@ func TestExtractAndAssertRepoParams(t *testing.T) { | |
assert.Equal(t, "High", repo.MinSeverity) | ||
assert.True(t, repo.FixableOnly) | ||
assert.Equal(t, true, repo.AggregateFixes) | ||
|
||
assert.Equal(t, "[email protected]", repo.EmailAuthor) | ||
assert.ElementsMatch(t, []string{"watch-2", "watch-1"}, repo.Watches) | ||
for _, project := range repo.Projects { | ||
testExtractAndAssertProjectParams(t, project) | ||
|
@@ -191,6 +192,7 @@ func TestBuildRepoAggregatorWithEmptyScan(t *testing.T) { | |
configAggregator, err := BuildRepoAggregator(configFileContent, gitParams, server) | ||
assert.NoError(t, err) | ||
assert.Len(t, configAggregator, 1) | ||
assert.Equal(t, frogbotAuthorEmail, configAggregator[0].EmailAuthor) | ||
assert.False(t, configAggregator[0].AggregateFixes) | ||
scan := configAggregator[0].Scan | ||
assert.False(t, scan.IncludeAllVulnerabilities) | ||
|
@@ -398,6 +400,7 @@ func TestFrogbotConfigAggregator_unmarshalFrogbotConfigYaml(t *testing.T) { | |
assert.NoError(t, err) | ||
firstRepo := configAggregator[0] | ||
assert.Equal(t, "npm-repo", firstRepo.RepoName) | ||
assert.Equal(t, "[email protected]", firstRepo.EmailAuthor) | ||
assert.ElementsMatch(t, []string{"master", "main"}, firstRepo.Branches) | ||
assert.False(t, *firstRepo.FailOnSecurityIssues) | ||
firstRepoProject := firstRepo.Projects[0] | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -170,6 +170,10 @@ To install Frogbot on Azure Repos repositories, follow these steps. | |
# Set the minimum severity for vulnerabilities that should be fixed and commented on in pull requests | ||
# The following values are accepted: Low, Medium, High or Critical | ||
# JF_MIN_SEVERITY: "" | ||
|
||
# [Optional, Default: [email protected]] | ||
# Set the email of the commit author | ||
# JF_GIT_EMAIL_AUTHOR: "" | ||
displayName: 'Download and Run Frogbot' | ||
inputs: | ||
script: | | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -86,17 +86,17 @@ | |
// JF_RELEASES_REPO= "" | ||
/////////////////////////////////////////////////////////////////////////// | ||
// If your project uses a 'frogbot-config.yml' file, you should define // | ||
// the following variables inside the file, instead of here. // | ||
/////////////////////////////////////////////////////////////////////////// | ||
// [Mandatory] | ||
// The name of the repository | ||
JF_GIT_REPO: "" | ||
// [Mandatory] | ||
// The name of the branch on which Frogbot will perform the scan | ||
JF_GIT_BASE_BRANCH: "" | ||
// If your project uses a 'frogbot-config.yml' file, you should define // | ||
// the following variables inside the file, instead of here. // | ||
/////////////////////////////////////////////////////////////////////////// | ||
// [Mandatory] | ||
// The name of the repository | ||
JF_GIT_REPO= "" | ||
// [Mandatory] | ||
// The name of the branch on which Frogbot will perform the scan | ||
JF_GIT_BASE_BRANCH= "" | ||
// [Mandatory if the two conditions below are met] | ||
// 1. The project uses yarn 2, NuGet or .NET to download its dependencies | ||
|
@@ -168,6 +168,10 @@ | |
// Set the minimum severity for vulnerabilities that should be fixed and commented on in pull requests | ||
// The following values are accepted: Low, Medium, High or Critical | ||
// JF_MIN_SEVERITY= "" | ||
// [Optional, Default: [email protected]] | ||
// Set the email of the commit author | ||
// JF_GIT_EMAIL_AUTHOR: "" | ||
} | ||
stages { | ||
|
@@ -204,15 +208,12 @@ | |
// powershell """.\frogbot.exe scan-and-fix-repos""" | ||
} | ||
} | ||
} | ||
} | ||
``` | ||
**Important** | ||
|
||
- Make sure that either **JF_USER** and **JF_PASSWORD** or **JF_ACCESS_TOKEN** are set in the Jenkinsfile, but not both. | ||
- Make sure that all the build tools that are used to build the project are installed on the Jenkins agent. | ||
</details> | ||
} | ||
} | ||
</details> | ||
</details> | ||
**Important** | ||
- Make sure that either **JF_USER** and **JF_PASSWORD** or **JF_ACCESS_TOKEN** are set in the Jenkinsfile, but not both. | ||
- Make sure that all the build tools that are used to build the project are installed on the Jenkins agent. | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -196,6 +196,10 @@ | |
// Set the minimum severity for vulnerabilities that should be fixed and commented on in pull requests | ||
// The following values are accepted: Low, Medium, High or Critical | ||
// JF_MIN_SEVERITY= "" | ||
// [Optional, Default: [email protected]] | ||
// Set the email of the commit author | ||
// JF_GIT_EMAIL_AUTHOR: "" | ||
} | ||
stages { | ||
stage('Download Frogbot') { | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -134,6 +134,10 @@ frogbot-scan: | |
# Set the minimum severity for vulnerabilities that should be fixed and commented on in pull requests | ||
# The following values are accepted: Low, Medium, High or Critical | ||
# JF_MIN_SEVERITY: "" | ||
|
||
# [Optional, Default: [email protected]] | ||
# Set the email of the commit author | ||
# JF_GIT_EMAIL_AUTHOR: "" | ||
script: | ||
# For Linux / MacOS runner: | ||
- | | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -34,6 +34,10 @@ | |
# If false, Frogbot creates a separate pull request for each fix. | ||
# aggregateFixes: false | ||
|
||
# [Optional, Default: [email protected]] | ||
# Set the email of the commit author | ||
# emailAuthor: "" | ||
|
||
# Frogbot scanning parameters | ||
scan: | ||
# [Default: false] | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,6 @@ | ||
name: "Frogbot Scan and Fix" | ||
on: | ||
workflow_dispatch: | ||
schedule: | ||
# The repository will be scanned once a day at 00:00 GMT. | ||
- cron: "0 0 * * *" | ||
|
@@ -57,8 +58,6 @@ jobs: | |
# The 'frogbot' executable and other tools it needs will be downloaded through this repository. | ||
# JF_RELEASES_REPO: "" | ||
|
||
|
||
|
||
########################################################################## | ||
## If your project uses a 'frogbot-config.yml' file, you can define ## | ||
## the following variables inside the file, instead of here. ## | ||
|
@@ -115,3 +114,7 @@ jobs: | |
# Set the minimum severity for vulnerabilities that should be fixed and commented on in pull requests | ||
# The following values are accepted: Low, Medium, High or Critical | ||
# JF_MIN_SEVERITY: "" | ||
|
||
# [Optional, Default: [email protected]] | ||
# Set the email of the commit author | ||
# JF_GIT_EMAIL_AUTHOR: "" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,6 @@ | ||
name: "Frogbot Scan and Fix" | ||
on: | ||
workflow_dispatch: | ||
schedule: | ||
# The repository will be scanned once a day at 00:00 GMT. | ||
- cron: "0 0 * * *" | ||
|
@@ -58,8 +59,6 @@ jobs: | |
# The 'frogbot' executable and other tools it needs will be downloaded through this repository. | ||
# JF_RELEASES_REPO: "" | ||
|
||
|
||
|
||
########################################################################## | ||
## If your project uses a 'frogbot-config.yml' file, you can define ## | ||
## the following variables inside the file, instead of here. ## | ||
|
@@ -116,3 +115,7 @@ jobs: | |
# Set the minimum severity for vulnerabilities that should be fixed and commented on in pull requests | ||
# The following values are accepted: Low, Medium, High or Critical | ||
# JF_MIN_SEVERITY: "" | ||
|
||
# [Optional, Default: [email protected]] | ||
# Set the email of the commit author | ||
# JF_GIT_EMAIL_AUTHOR: "" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,6 @@ | ||
name: "Frogbot Scan and Fix" | ||
on: | ||
workflow_dispatch: | ||
schedule: | ||
# The repository will be scanned once a day at 00:00 GMT. | ||
- cron: "0 0 * * *" | ||
|
@@ -57,8 +58,6 @@ jobs: | |
# The 'frogbot' executable and other tools it needs will be downloaded through this repository. | ||
# JF_RELEASES_REPO: "" | ||
|
||
|
||
|
||
########################################################################## | ||
## If your project uses a 'frogbot-config.yml' file, you can define ## | ||
## the following variables inside the file, instead of here. ## | ||
|
@@ -121,4 +120,8 @@ jobs: | |
# [Optional] | ||
# Set the minimum severity for vulnerabilities that should be fixed and commented on in pull requests | ||
# The following values are accepted: Low, Medium, High or Critical | ||
# JF_MIN_SEVERITY: "" | ||
# JF_MIN_SEVERITY: "" | ||
|
||
# [Optional, Default: [email protected]] | ||
# Set the email of the commit author | ||
# JF_GIT_EMAIL_AUTHOR: "" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,6 @@ | ||
name: "Frogbot Scan and Fix" | ||
on: | ||
workflow_dispatch: | ||
schedule: | ||
# The repository will be scanned once a day at 00:00 GMT. | ||
- cron: "0 0 * * *" | ||
|
@@ -57,8 +58,6 @@ jobs: | |
# The 'frogbot' executable and other tools it needs will be downloaded through this repository. | ||
# JF_RELEASES_REPO: "" | ||
|
||
|
||
|
||
########################################################################## | ||
## If your project uses a 'frogbot-config.yml' file, you can define ## | ||
## the following variables inside the file, instead of here. ## | ||
|
@@ -118,4 +117,8 @@ jobs: | |
# [Optional] | ||
# Set the minimum severity for vulnerabilities that should be fixed and commented on in pull requests | ||
# The following values are accepted: Low, Medium, High or Critical | ||
# JF_MIN_SEVERITY: "" | ||
# JF_MIN_SEVERITY: "" | ||
|
||
# [Optional, Default: [email protected]] | ||
# Set the email of the commit author | ||
# JF_GIT_EMAIL_AUTHOR: "" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,6 @@ | ||
name: "Frogbot Scan and Fix" | ||
on: | ||
workflow_dispatch: | ||
schedule: | ||
# The repository will be scanned once a day at 00:00 GMT. | ||
- cron: "0 0 * * *" | ||
|
@@ -60,8 +61,6 @@ jobs: | |
# The 'frogbot' executable and other tools it needs will be downloaded through this repository. | ||
# JF_RELEASES_REPO: "" | ||
|
||
|
||
|
||
########################################################################## | ||
## If your project uses a 'frogbot-config.yml' file, you can define ## | ||
## the following variables inside the file, instead of here. ## | ||
|
@@ -121,4 +120,8 @@ jobs: | |
# [Optional] | ||
# Set the minimum severity for vulnerabilities that should be fixed and commented on in pull requests | ||
# The following values are accepted: Low, Medium, High or Critical | ||
# JF_MIN_SEVERITY: "" | ||
# JF_MIN_SEVERITY: "" | ||
|
||
# [Optional, Default: [email protected]] | ||
# Set the email of the commit author | ||
# JF_GIT_EMAIL_AUTHOR: "" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,6 @@ | ||
name: "Frogbot Scan and Fix" | ||
on: | ||
workflow_dispatch: | ||
schedule: | ||
# The repository will be scanned once a day at 00:00 GMT. | ||
- cron: "0 0 * * *" | ||
|
@@ -61,8 +62,6 @@ jobs: | |
# The 'frogbot' executable and other tools it needs will be downloaded through this repository. | ||
# JF_RELEASES_REPO: "" | ||
|
||
|
||
|
||
########################################################################## | ||
## If your project uses a 'frogbot-config.yml' file, you can define ## | ||
## the following variables inside the file, instead of here. ## | ||
|
@@ -118,4 +117,8 @@ jobs: | |
# [Optional] | ||
# Set the minimum severity for vulnerabilities that should be fixed and commented on in pull requests | ||
# The following values are accepted: Low, Medium, High or Critical | ||
# JF_MIN_SEVERITY: "" | ||
# JF_MIN_SEVERITY: "" | ||
|
||
# [Optional, Default: [email protected]] | ||
# Set the email of the commit author | ||
# JF_GIT_EMAIL_AUTHOR: "" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,6 @@ | ||
name: "Frogbot Scan and Fix" | ||
on: | ||
workflow_dispatch: | ||
schedule: | ||
# The repository will be scanned once a day at 00:00 GMT. | ||
- cron: "0 0 * * *" | ||
|
@@ -57,8 +58,6 @@ jobs: | |
# The 'frogbot' executable and other tools it needs will be downloaded through this repository. | ||
# JF_RELEASES_REPO: "" | ||
|
||
|
||
|
||
########################################################################## | ||
## If your project uses a 'frogbot-config.yml' file, you can define ## | ||
## the following variables inside the file, instead of here. ## | ||
|
@@ -121,4 +120,8 @@ jobs: | |
# [Optional] | ||
# Set the minimum severity for vulnerabilities that should be fixed and commented on in pull requests | ||
# The following values are accepted: Low, Medium, High or Critical | ||
# JF_MIN_SEVERITY: "" | ||
# JF_MIN_SEVERITY: "" | ||
|
||
# [Optional, Default: [email protected]] | ||
# Set the email of the commit author | ||
# JF_GIT_EMAIL_AUTHOR: "" |
Oops, something went wrong.