Review fixes.

audit_test.go

@@ -3,7 +3,9 @@ package main
 import (
 	"encoding/json"
 	"fmt"
+	"github.com/jfrog/jfrog-cli-core/v2/utils/coreutils"
 	"github.com/jfrog/jfrog-cli-security/formats"
+	"github.com/jfrog/jfrog-cli-security/utils"
 	"os"
 	"os/exec"
 	"path/filepath"
@@ -514,3 +516,35 @@ func TestXrayRecursiveScan(t *testing.T) {
 	// We anticipate receiving an array with a length of 2 to confirm that we have obtained results from two distinct inner projects.
 	assert.Len(t, results, 2)
 }
+
+func TestXscAnalyticsForAudit(t *testing.T) {
+	securityTestUtils.InitSecurityTest(t, scangraph.GraphScanMinXrayVersion, "")
+	reportUsageCallBack := clientTests.SetEnvWithCallbackAndAssert(t, coreutils.ReportUsage, "true")
+	defer reportUsageCallBack()
+	// Scan npm project and verify that analytics general event were sent to XSC.
+	output := testXrayAuditNpm(t, string(format.SimpleJson))
+	validateAnalyticsBasicEvent(t, output)
+}
+
+func validateAnalyticsBasicEvent(t *testing.T, output string) {
+	// Get MSI.
+	var results formats.SimpleJsonResults
+	err := json.Unmarshal([]byte(output), &results)
+	assert.NoError(t, err)
+
+	// Verify analytics metrics.
+	am := utils.NewAnalyticsMetricsService(securityTests.XscDetails)
+	assert.NotNil(t, am)
+	assert.NotEmpty(t, results.MultiScanId)
+	event, err := am.GetGeneralEvent(results.MultiScanId)
+	assert.NoError(t, err)
+
+	// Event creation and addition information.
+	assert.Equal(t, "cli", event.Product)
+	assert.Equal(t, 1, event.EventType)
+	assert.NotEmpty(t, event.EventStatus)
+	assert.NotEmpty(t, event.AnalyzerManagerVersion)
+	// The information that was added after updating the event with the scan's results.
+	assert.NotEmpty(t, event.TotalScanDuration)
+	assert.True(t, event.TotalFindings > 0)
+}

commands/audit/sca/python/python.go

@@ -123,7 +123,7 @@ func installPoetryDeps(auditPython *AuditPython) (restoreEnv func() error, err e
 		return nil
 	}
 	if auditPython.RemotePypiRepo != "" {
-		rtUrl, username, password, err := utils.GetPypiRepoUrlWithCredentials(auditPython.Server, auditPython.RemotePypiRepo)
+		rtUrl, username, password, err := utils.GetPypiRepoUrlWithCredentials(auditPython.Server, auditPython.RemotePypiRepo, false)
 		if err != nil {
 			return restoreEnv, err
 		}
@@ -162,7 +162,7 @@ func installPipDeps(auditPython *AuditPython) (restoreEnv func() error, err erro
 
 	remoteUrl := ""
 	if auditPython.RemotePypiRepo != "" {
-		remoteUrl, err = utils.GetPypiRepoUrl(auditPython.Server, auditPython.RemotePypiRepo)
+		remoteUrl, err = utils.GetPypiRepoUrl(auditPython.Server, auditPython.RemotePypiRepo, false)
 		if err != nil {
 			return
 		}
@@ -210,7 +210,7 @@ func getPipInstallArgs(requirementsFile, remoteUrl string) []string {
 }
 
 func runPipenvInstallFromRemoteRegistry(server *config.ServerDetails, depsRepoName string) (err error) {
-	rtUrl, err := utils.GetPypiRepoUrl(server, depsRepoName)
+	rtUrl, err := utils.GetPypiRepoUrl(server, depsRepoName, false)
 	if err != nil {
 		return err
 	}