From ef72afd5d82e358c28d7b21e9717f366fc20112c Mon Sep 17 00:00:00 2001 From: Eran Turgeman Date: Thu, 29 Jan 2026 15:38:40 +0200 Subject: [PATCH 1/2] Fixes for GitHub and GitLab integration tests for scan-repo --- azure_test.go | 18 +++---- bitbucket_server_test.go | 18 +++---- github_test.go | 31 +++++++------ gitlab_test.go | 31 +++++++------ integrationutils.go | 98 +++++++++++++++++++++------------------ utils/consts.go | 3 ++ utils/getconfiguration.go | 9 +++- 7 files changed, 114 insertions(+), 94 deletions(-) diff --git a/azure_test.go b/azure_test.go index 5688eb9b6..cb08711ad 100644 --- a/azure_test.go +++ b/azure_test.go @@ -21,30 +21,26 @@ func buildAzureReposClient(t *testing.T, azureToken string) vcsclient.VcsClient return azureClient } -func buildAzureReposIntegrationTestDetails(t *testing.T, useLocalRepo bool) *IntegrationTestDetails { +func buildAzureReposIntegrationTestDetails(t *testing.T) *IntegrationTestDetails { integrationRepoToken := getIntegrationToken(t, azureIntegrationTokenEnv) - testDetails := NewIntegrationTestDetails(integrationRepoToken, string(utils.AzureRepos), azureGitCloneUrl, "frogbot-test", useLocalRepo) + testDetails := NewIntegrationTestDetails(integrationRepoToken, string(utils.AzureRepos), azureGitCloneUrl, "frogbot-test") testDetails.ApiEndpoint = azureApiEndpoint return testDetails } -func azureReposTestsInit(t *testing.T, useLocalRepo bool) (vcsclient.VcsClient, *IntegrationTestDetails) { - testDetails := buildAzureReposIntegrationTestDetails(t, useLocalRepo) +func azureReposTestsInit(t *testing.T) (vcsclient.VcsClient, *IntegrationTestDetails) { + testDetails := buildAzureReposIntegrationTestDetails(t) azureClient := buildAzureReposClient(t, testDetails.GitToken) return azureClient, testDetails } +// TODO: Fix scan-pr tests once local directory solution is implemented func TestAzureRepos_ScanPullRequestIntegration(t *testing.T) { - azureClient, testDetails := azureReposTestsInit(t, false) + azureClient, testDetails := azureReposTestsInit(t) runScanPullRequestCmd(t, azureClient, testDetails) } func TestAzureRepos_ScanRepositoryIntegration(t *testing.T) { - azureClient, testDetails := azureReposTestsInit(t, false) - runScanRepositoryCmd(t, azureClient, testDetails) -} - -func TestAzureRepos_ScanRepositoryWithLocalDirIntegration(t *testing.T) { - azureClient, testDetails := azureReposTestsInit(t, true) + azureClient, testDetails := azureReposTestsInit(t) runScanRepositoryCmd(t, azureClient, testDetails) } diff --git a/bitbucket_server_test.go b/bitbucket_server_test.go index 9dde83703..6290e5ec5 100644 --- a/bitbucket_server_test.go +++ b/bitbucket_server_test.go @@ -27,9 +27,9 @@ func buildBitbucketServerClient(t *testing.T, bitbucketServerToken string) vcscl return bbClient } -func buildBitbucketServerIntegrationTestDetails(t *testing.T, useLocalRepo bool) *IntegrationTestDetails { +func buildBitbucketServerIntegrationTestDetails(t *testing.T) *IntegrationTestDetails { integrationRepoToken := getIntegrationToken(t, bitbucketServerIntegrationTokenEnv) - testDetails := NewIntegrationTestDetails(integrationRepoToken, string(utils.BitbucketServer), bitbucketServerGitCloneUrl, "FROG", useLocalRepo) + testDetails := NewIntegrationTestDetails(integrationRepoToken, string(utils.BitbucketServer), bitbucketServerGitCloneUrl, "FROG") testDetails.ApiEndpoint = bitbucketServerApiEndpoint return testDetails } @@ -54,24 +54,20 @@ func waitForConnection(t *testing.T) { require.NoError(t, retryExecutor.Execute()) } -func bitbucketServerTestsInit(t *testing.T, useLocalRepo bool) (vcsclient.VcsClient, *IntegrationTestDetails) { - testDetails := buildBitbucketServerIntegrationTestDetails(t, useLocalRepo) +func bitbucketServerTestsInit(t *testing.T) (vcsclient.VcsClient, *IntegrationTestDetails) { + testDetails := buildBitbucketServerIntegrationTestDetails(t) bbClient := buildBitbucketServerClient(t, testDetails.GitToken) waitForConnection(t) return bbClient, testDetails } +// TODO: Fix scan-pr tests once local directory solution is implemented func TestBitbucketServer_ScanPullRequestIntegration(t *testing.T) { - bbClient, testDetails := bitbucketServerTestsInit(t, false) + bbClient, testDetails := bitbucketServerTestsInit(t) runScanPullRequestCmd(t, bbClient, testDetails) } func TestBitbucketServer_ScanRepositoryIntegration(t *testing.T) { - bbClient, testDetails := bitbucketServerTestsInit(t, false) - runScanRepositoryCmd(t, bbClient, testDetails) -} - -func TestBitbucketServer_ScanRepositoryWithLocalDirIntegration(t *testing.T) { - bbClient, testDetails := bitbucketServerTestsInit(t, true) + bbClient, testDetails := bitbucketServerTestsInit(t) runScanRepositoryCmd(t, bbClient, testDetails) } diff --git a/github_test.go b/github_test.go index c66a6eef6..a39298113 100644 --- a/github_test.go +++ b/github_test.go @@ -1,17 +1,20 @@ package main import ( + "os" + "testing" + "github.com/jfrog/frogbot/v2/utils" "github.com/jfrog/froggit-go/vcsclient" "github.com/jfrog/froggit-go/vcsutils" "github.com/stretchr/testify/assert" - "testing" ) const ( //#nosec G101 -- False positive - no hardcoded credentials. - githubIntegrationTokenEnv = "FROGBOT_TESTS_GITHUB_TOKEN" - githubGitCloneUrl = "https://github.com/frogbot-test/integration.git" + githubIntegrationTokenEnv = "FROGBOT_V3_TESTS_GITHUB_TOKEN" + githubGitCloneUrl = "https://github.com/frogbot-e2e-test/frogbot-test.git" + githubRepoOwner = "frogbot-e2e-test" ) func buildGitHubClient(t *testing.T, githubToken string) vcsclient.VcsClient { @@ -20,28 +23,30 @@ func buildGitHubClient(t *testing.T, githubToken string) vcsclient.VcsClient { return githubClient } -func buildGitHubIntegrationTestDetails(t *testing.T, useLocalRepo bool) *IntegrationTestDetails { +func buildGitHubIntegrationTestDetails(t *testing.T) *IntegrationTestDetails { integrationRepoToken := getIntegrationToken(t, githubIntegrationTokenEnv) - return NewIntegrationTestDetails(integrationRepoToken, string(utils.GitHub), githubGitCloneUrl, "frogbot-test", useLocalRepo) + return NewIntegrationTestDetails(integrationRepoToken, string(utils.GitHub), githubGitCloneUrl, githubRepoOwner) } -func githubTestsInit(t *testing.T, useLocalRepo bool) (vcsclient.VcsClient, *IntegrationTestDetails) { - testDetails := buildGitHubIntegrationTestDetails(t, useLocalRepo) +func githubTestsInit(t *testing.T) (vcsclient.VcsClient, *IntegrationTestDetails) { + testDetails := buildGitHubIntegrationTestDetails(t) githubClient := buildGitHubClient(t, testDetails.GitToken) return githubClient, testDetails } +// TODO: Fix scan-pr tests once local directory solution is implemented func TestGitHub_ScanPullRequestIntegration(t *testing.T) { - githubClient, testDetails := githubTestsInit(t, false) + githubClient, testDetails := githubTestsInit(t) runScanPullRequestCmd(t, githubClient, testDetails) } +// TODO set a profile without JAS for the test func TestGitHub_ScanRepositoryIntegration(t *testing.T) { - githubClient, testDetails := githubTestsInit(t, false) - runScanRepositoryCmd(t, githubClient, testDetails) -} + assert.NoError(t, os.Setenv(utils.EnableFrogbotV3FixEnv, "true")) + defer func() { + assert.NoError(t, os.Unsetenv(utils.EnableFrogbotV3FixEnv)) + }() -func TestGitHub_ScanRepositoryWithLocalDirIntegration(t *testing.T) { - githubClient, testDetails := githubTestsInit(t, true) + githubClient, testDetails := githubTestsInit(t) runScanRepositoryCmd(t, githubClient, testDetails) } diff --git a/gitlab_test.go b/gitlab_test.go index 2cce4d35f..a492ffe2d 100644 --- a/gitlab_test.go +++ b/gitlab_test.go @@ -1,17 +1,20 @@ package main import ( + "os" + "testing" + "github.com/jfrog/frogbot/v2/utils" "github.com/jfrog/froggit-go/vcsclient" "github.com/jfrog/froggit-go/vcsutils" "github.com/stretchr/testify/assert" - "testing" ) const ( //#nosec G101 -- False positive - no hardcoded credentials. - gitlabIntegrationTokenEnv = "FROGBOT_TESTS_GITLAB_TOKEN" - gitlabGitCloneUrl = "https://gitlab.com/frogbot-test2/integration.git" + gitlabIntegrationTokenEnv = "FROGBOT_V3_TESTS_GITLAB_TOKEN" + gitlabGitCloneUrl = "https://gitlab.com/frogbot-e2e-test1/frogbot-test.git" + gitlabRepoOwner = "frogbot-e2e-test1" ) func buildGitLabClient(t *testing.T, gitlabToken string) vcsclient.VcsClient { @@ -20,28 +23,30 @@ func buildGitLabClient(t *testing.T, gitlabToken string) vcsclient.VcsClient { return azureClient } -func buildGitLabIntegrationTestDetails(t *testing.T, useLocalRepo bool) *IntegrationTestDetails { +func buildGitLabIntegrationTestDetails(t *testing.T) *IntegrationTestDetails { integrationRepoToken := getIntegrationToken(t, gitlabIntegrationTokenEnv) - return NewIntegrationTestDetails(integrationRepoToken, string(utils.GitLab), gitlabGitCloneUrl, "frogbot-test2", useLocalRepo) + return NewIntegrationTestDetails(integrationRepoToken, string(utils.GitLab), gitlabGitCloneUrl, gitlabRepoOwner) } -func gitlabTestsInit(t *testing.T, useLocalRepo bool) (vcsclient.VcsClient, *IntegrationTestDetails) { - testDetails := buildGitLabIntegrationTestDetails(t, useLocalRepo) +func gitlabTestsInit(t *testing.T) (vcsclient.VcsClient, *IntegrationTestDetails) { + testDetails := buildGitLabIntegrationTestDetails(t) gitlabClient := buildGitLabClient(t, testDetails.GitToken) return gitlabClient, testDetails } +// TODO: Fix scan-pr tests once local directory solution is implemented func TestGitLab_ScanPullRequestIntegration(t *testing.T) { - gitlabClient, testDetails := gitlabTestsInit(t, false) + gitlabClient, testDetails := gitlabTestsInit(t) runScanPullRequestCmd(t, gitlabClient, testDetails) } +// TODO set a profile without JAS for the test func TestGitLab_ScanRepositoryIntegration(t *testing.T) { - gitlabClient, testDetails := gitlabTestsInit(t, false) - runScanRepositoryCmd(t, gitlabClient, testDetails) -} + assert.NoError(t, os.Setenv(utils.EnableFrogbotV3FixEnv, "true")) + defer func() { + assert.NoError(t, os.Unsetenv(utils.EnableFrogbotV3FixEnv)) + }() -func TestGitLab_ScanRepositoryWithLocalDirIntegration(t *testing.T) { - gitlabClient, testDetails := gitlabTestsInit(t, true) + gitlabClient, testDetails := gitlabTestsInit(t) runScanRepositoryCmd(t, gitlabClient, testDetails) } diff --git a/integrationutils.go b/integrationutils.go index a9ac65bec..59b923843 100644 --- a/integrationutils.go +++ b/integrationutils.go @@ -23,10 +23,11 @@ import ( ) const ( - repoName = "integration" - issuesBranch = "issues-branch" + repoName = "frogbot-test" + issuesBranch = "issues-branch" // TODO consider changing (without 'frogbot' prefix) mainBranch = "main" - expectedNumberOfIssues = 10 + gitUsername = "frogbot-e2e-test" + expectedNumberOfIssues = 10 // TODO change when fixing PR tests ) type IntegrationTestDetails struct { @@ -40,19 +41,17 @@ type IntegrationTestDetails struct { ApiEndpoint string PullRequestID string CustomBranchName string - UseLocalRepo bool // TODO can remove when deprecating non-local repository concept from integration tests } -func NewIntegrationTestDetails(token, gitProvider, gitCloneUrl, repoOwner string, useLocalRepo bool) *IntegrationTestDetails { +func NewIntegrationTestDetails(token, gitProvider, gitCloneUrl, repoOwner string) *IntegrationTestDetails { return &IntegrationTestDetails{ - GitProject: repoName, - RepoOwner: repoOwner, - RepoName: repoName, - GitToken: token, - GitUsername: "frogbot", - GitProvider: gitProvider, - GitCloneURL: gitCloneUrl, - UseLocalRepo: useLocalRepo, + GitProject: repoName, + RepoOwner: repoOwner, + RepoName: repoName, + GitToken: token, + GitUsername: gitUsername, + GitProvider: gitProvider, + GitCloneURL: gitCloneUrl, } } @@ -131,6 +130,19 @@ func findRelevantPrID(pullRequests []vcsclient.PullRequestInfo, branch string) ( return } +func cleanupLeftoverFrogbotPRs(t *testing.T, client vcsclient.VcsClient, testDetails *IntegrationTestDetails, gitManager *utils.GitManager) { + remainingPRs := getOpenPullRequests(t, client, testDetails) + for _, pr := range remainingPRs { + if strings.HasPrefix(pr.Source.Name, "frogbot-") { + t.Logf("Cleaning up leftover frogbot PR: %s (ID: %d)", pr.Source.Name, pr.ID) + closePullRequest(t, client, testDetails, int(pr.ID)) + if err := gitManager.RemoveRemoteBranch(pr.Source.Name); err != nil { + t.Logf("Warning: failed to remove leftover branch %s: %v", pr.Source.Name, err) + } + } + } +} + func getOpenPullRequests(t *testing.T, client vcsclient.VcsClient, testDetails *IntegrationTestDetails) []vcsclient.PullRequestInfo { ctx := context.Background() pullRequests, err := client.ListOpenPullRequests(ctx, testDetails.RepoOwner, testDetails.RepoName) @@ -181,49 +193,47 @@ func runScanRepositoryCmd(t *testing.T, client vcsclient.VcsClient, testDetails assert.NoError(t, restoreFunc()) }() - // When testing using local repository, clone the repository before the test starts, so we can work with it as if it existed locally - if testDetails.UseLocalRepo { - cloneOptions := &git.CloneOptions{ - URL: testDetails.GitCloneURL, - Auth: &githttp.BasicAuth{ - Username: testDetails.GitUsername, - Password: testDetails.GitToken, - }, - RemoteName: "origin", - ReferenceName: utils.GetFullBranchName("main"), - SingleBranch: true, - Depth: 1, - Tags: git.NoTags, - } - _, err := git.PlainClone(testTempDir, false, cloneOptions) - require.NoError(t, err) + cloneOptions := &git.CloneOptions{ + URL: testDetails.GitCloneURL, + Auth: &githttp.BasicAuth{ + Username: testDetails.GitUsername, + Password: testDetails.GitToken, + }, + RemoteName: "origin", + ReferenceName: utils.GetFullBranchName("main"), + SingleBranch: true, + Depth: 1, + Tags: git.NoTags, } - timestamp := getTimestamp() - // Add a timestamp to the fixing pull requests, to identify them later - testDetails.CustomBranchName = "frogbot-{IMPACTED_PACKAGE}-{BRANCH_NAME_HASH}-" + timestamp + _, err := git.PlainClone(testTempDir, false, cloneOptions) + require.NoError(t, err) // Set the required environment variables for the scan-repository command unsetEnvs := setIntegrationTestEnvs(t, testDetails) defer unsetEnvs() - err := Exec(&scanrepository.ScanRepositoryCmd{}, utils.ScanRepository) + err = Exec(&scanrepository.ScanRepositoryCmd{}, utils.ScanRepository) require.NoError(t, err) gitManager := buildGitManager(t, testDetails) pullRequests := getOpenPullRequests(t, client, testDetails) - expectedBranchName := "frogbot-pyjwt-45ebb5a61916a91ae7c1e3ff7ffb6112-" + timestamp - prId := findRelevantPrID(pullRequests, expectedBranchName) - assert.NotZero(t, prId) - closePullRequest(t, client, testDetails, prId) - assert.NoError(t, gitManager.RemoveRemoteBranch(expectedBranchName)) - - expectedBranchName = "frogbot-pyyaml-985622f4dbf3a64873b6b8440288e005-" + timestamp - prId = findRelevantPrID(pullRequests, expectedBranchName) - assert.NotZero(t, prId) - closePullRequest(t, client, testDetails, prId) - assert.NoError(t, gitManager.RemoveRemoteBranch(expectedBranchName)) + expectedBranches := []string{ + "frogbot-snyk-5aaa88cc32aaaf2d8d893decd0a1b284", + "frogbot-lodash-aa38d67476e2ac9a5f7011b7c2c6728b", + "frogbot-minimist-e6e68f7e53c2b59c6bd946e00af797f7", + } + for _, expectedBranch := range expectedBranches { + prId := findRelevantPrID(pullRequests, expectedBranch) + assert.NotZero(t, prId, "Expected to find PR for branch %s", expectedBranch) + if prId != 0 { + closePullRequest(t, client, testDetails, prId) + assert.NoError(t, gitManager.RemoveRemoteBranch(expectedBranch)) + } + } + + cleanupLeftoverFrogbotPRs(t, client, testDetails, gitManager) } func validateResults(t *testing.T, ctx context.Context, client vcsclient.VcsClient, testDetails *IntegrationTestDetails, prID int) { diff --git a/utils/consts.go b/utils/consts.go index f124f9e1a..58e512e19 100644 --- a/utils/consts.go +++ b/utils/consts.go @@ -8,6 +8,9 @@ type vcsProvider string type ciProvider string const ( + // TODO delete this env var and its usages when we re-enable fixes for all package manager + EnableFrogbotV3FixEnv = "JF_ENABLE_FROGBOT_V3_FIX" + // MaxConcurrentScanners represents the maximum number of threads for running JFrog CLI scanners concurrently MaxConcurrentScanners = 5 diff --git a/utils/getconfiguration.go b/utils/getconfiguration.go index 978545284..592744c8d 100644 --- a/utils/getconfiguration.go +++ b/utils/getconfiguration.go @@ -511,7 +511,12 @@ func getConfigurationProfile(xrayVersion string, jfrogServer *coreconfig.ServerD } log.Info(fmt.Sprintf("Using Config profile '%s'", configProfile.ProfileName)) - // TODO: Remove this line once autofix logic is added - configProfile.FrogbotConfig.CreateAutoFixPr = false + // TODO: Remove this block once autofix logic is added + enableFix, err := getBoolEnv(EnableFrogbotV3FixEnv, false) + if !enableFix { + configProfile.FrogbotConfig.CreateAutoFixPr = false + } else { + log.Info("Currently, Frogbot V3 fixing process is disabled by default. To enable fixing functionality, please set the 'JF_ENABLE_FROGBOT_V3_FIX' environment variable to 'true'.") + } return } From 0d43ddc90b6338b99668aa7fa34c9e481ec90318 Mon Sep 17 00:00:00 2001 From: Eran Turgeman Date: Thu, 29 Jan 2026 16:10:59 +0200 Subject: [PATCH 2/2] adding skip for pr-tests --- azure_test.go | 1 + bitbucket_server_test.go | 1 + github_test.go | 1 + gitlab_test.go | 1 + 4 files changed, 4 insertions(+) diff --git a/azure_test.go b/azure_test.go index cb08711ad..4df469e10 100644 --- a/azure_test.go +++ b/azure_test.go @@ -36,6 +36,7 @@ func azureReposTestsInit(t *testing.T) (vcsclient.VcsClient, *IntegrationTestDet // TODO: Fix scan-pr tests once local directory solution is implemented func TestAzureRepos_ScanPullRequestIntegration(t *testing.T) { + t.Skip("Pull Request Scan is not yes supported in V3. Skipping the test.") azureClient, testDetails := azureReposTestsInit(t) runScanPullRequestCmd(t, azureClient, testDetails) } diff --git a/bitbucket_server_test.go b/bitbucket_server_test.go index 6290e5ec5..e00ba81cf 100644 --- a/bitbucket_server_test.go +++ b/bitbucket_server_test.go @@ -63,6 +63,7 @@ func bitbucketServerTestsInit(t *testing.T) (vcsclient.VcsClient, *IntegrationTe // TODO: Fix scan-pr tests once local directory solution is implemented func TestBitbucketServer_ScanPullRequestIntegration(t *testing.T) { + t.Skip("Pull Request Scan is not yes supported in V3. Skipping the test.") bbClient, testDetails := bitbucketServerTestsInit(t) runScanPullRequestCmd(t, bbClient, testDetails) } diff --git a/github_test.go b/github_test.go index a39298113..fea5068ed 100644 --- a/github_test.go +++ b/github_test.go @@ -36,6 +36,7 @@ func githubTestsInit(t *testing.T) (vcsclient.VcsClient, *IntegrationTestDetails // TODO: Fix scan-pr tests once local directory solution is implemented func TestGitHub_ScanPullRequestIntegration(t *testing.T) { + t.Skip("Pull Request Scan is not yes supported in V3. Skipping the test.") githubClient, testDetails := githubTestsInit(t) runScanPullRequestCmd(t, githubClient, testDetails) } diff --git a/gitlab_test.go b/gitlab_test.go index a492ffe2d..16dd36b45 100644 --- a/gitlab_test.go +++ b/gitlab_test.go @@ -36,6 +36,7 @@ func gitlabTestsInit(t *testing.T) (vcsclient.VcsClient, *IntegrationTestDetails // TODO: Fix scan-pr tests once local directory solution is implemented func TestGitLab_ScanPullRequestIntegration(t *testing.T) { + t.Skip("Pull Request Scan is not yes supported in V3. Skipping the test.") gitlabClient, testDetails := gitlabTestsInit(t) runScanPullRequestCmd(t, gitlabClient, testDetails) }