improving warning log and adding debug prints for POC checks

jfrog · Sep 22, 2024 · 72bc2fe · 72bc2fe
1 parent 6943f32
commit 72bc2fe
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 1 deletion.
diff --git a/commands/audit/audit.go b/commands/audit/audit.go
@@ -13,6 +13,7 @@ import (
 	"github.com/jfrog/jfrog-cli-security/utils"
 	"github.com/jfrog/jfrog-cli-security/utils/xray/scangraph"
 	"github.com/jfrog/jfrog-cli-security/utils/xsc"
+	"github.com/jfrog/jfrog-client-go/utils/log"
 	"golang.org/x/exp/slices"
 
 	xrayutils "github.com/jfrog/jfrog-cli-security/utils/xray"
@@ -196,6 +197,9 @@ func RunAudit(auditParams *AuditParams) (results *utils.Results, err error) {
 	}
 	jasScanner := &jas.JasScanner{}
 	if results.ExtendedScanResults.EntitledForJas {
+		log.Debug(fmt.Sprintf("Server details Nil check [after checking Jas entitlement]: serverDetails == nil -> %t", serverDetails == nil))
+		log.Debug(fmt.Sprintf("Server details URL check [after checking Jas entitlement]: %s", serverDetails.Url))
+		log.Debug(fmt.Sprintf("Server details Xray URL check [after checking Jas entitlement]: %s", serverDetails.XrayUrl))
 		// Download (if needed) the analyzer manager and run scanners.
 		auditParallelRunner.JasWg.Add(1)
 		if _, jasErr := auditParallelRunner.Runner.AddTaskWithError(func(threadId int) error {
@@ -256,6 +260,9 @@ func downloadAnalyzerManagerAndRunScanners(auditParallelRunner *utils.SecurityPa
 	if err != nil {
 		return fmt.Errorf("failed to create jas scanner: %s", err.Error())
 	}
+	log.Debug(fmt.Sprintf("Server details Nil check [before entering AddJasScannersTasks]: serverDetails == nil -> %t", serverDetails == nil))
+	log.Debug(fmt.Sprintf("Server details URL check [before entering AddJasScannersTasks]: %s", serverDetails.Url))
+	log.Debug(fmt.Sprintf("Server details Xray URL check [before entering AddJasScannersTasks]: %s", serverDetails.XrayUrl))
 	if err = runner.AddJasScannersTasks(auditParallelRunner, scanResults, auditParams.DirectDependencies(), serverDetails, auditParams.thirdPartyApplicabilityScan, scanner, applicability.ApplicabilityScannerType, secrets.SecretsScannerType, auditParallelRunner.AddErrorToChan, auditParams.ScansToPerform(), auditParams.configProfile, auditParams.scanResultsOutputDir); err != nil {
 		return fmt.Errorf("%s failed to run JAS scanners: %s", clientutils.GetLogMsgPrefix(threadId, false), err.Error())
 	}

diff --git a/jas/runner/jasrunner.go b/jas/runner/jasrunner.go
@@ -23,8 +23,11 @@ import (
 func AddJasScannersTasks(securityParallelRunner *utils.SecurityParallelRunner, scanResults *utils.Results, directDependencies *[]string,
 	serverDetails *config.ServerDetails, thirdPartyApplicabilityScan bool, scanner *jas.JasScanner, scanType applicability.ApplicabilityScanType,
 	secretsScanType secrets.SecretsScanType, errHandlerFunc func(error), scansToPreform []utils.SubScanType, configProfile *services.ConfigProfile, scansOutputDir string) (err error) {
+	log.Debug(fmt.Sprintf("Server details Nil check [before initiating JAS scanners]: serverDetails == nil -> %t", serverDetails == nil))
+	log.Debug(fmt.Sprintf("Server details URL check [before initiating JAS scanners]: %s", serverDetails.Url))
+	log.Debug(fmt.Sprintf("Server details Xray URL check [before initiating JAS scanners]: %s", serverDetails.XrayUrl))
 	if serverDetails == nil || len(serverDetails.Url) == 0 {
-		log.Warn("To include 'Advanced Security' scan as part of the audit output, please run the 'jf c add' command before running this command.")
+		log.Warn("To include 'Advanced Security' scan as part of the audit output:\n1) Run the 'jf c add' command before running this command, if using 'audit' from CLI.\n2) Validate JF_URL is properly defined and passed if using Frogbot.")
 		return
 	}
 	// For docker scan we support only secrets and contextual scans.