Merge branch 'dev' into enable-conan-support

scanpullrequest/scanallpullrequests_test.go

@@ -113,7 +113,8 @@ func TestScanAllPullRequestsMultiRepo(t *testing.T) {
 	firstRepoParams := utils.Params{
 		JFrogPlatform: utils.JFrogPlatform{XrayVersion: xrayVersion, XscVersion: xscVersion},
 		Scan: utils.Scan{
-			FailOnSecurityIssues: &failOnSecurityIssues,
+			AddPrCommentOnSuccess: true,
+			FailOnSecurityIssues:  &failOnSecurityIssues,
 			Projects: []utils.Project{{
 				InstallCommandName: "npm",
 				InstallCommandArgs: []string{"i"},
@@ -127,8 +128,9 @@ func TestScanAllPullRequestsMultiRepo(t *testing.T) {
 		Git:           gitParams.Git,
 		JFrogPlatform: utils.JFrogPlatform{XrayVersion: xrayVersion, XscVersion: xscVersion},
 		Scan: utils.Scan{
-			FailOnSecurityIssues: &failOnSecurityIssues,
-			Projects:             []utils.Project{{WorkingDirs: []string{utils.RootDir}, UseWrapper: &utils.TrueVal}}},
+			AddPrCommentOnSuccess: true,
+			FailOnSecurityIssues:  &failOnSecurityIssues,
+			Projects:              []utils.Project{{WorkingDirs: []string{utils.RootDir}, UseWrapper: &utils.TrueVal}}},
 	}
 
 	configAggregator := utils.RepoAggregator{
@@ -176,7 +178,8 @@ func TestScanAllPullRequests(t *testing.T) {
 	params := utils.Params{
 		JFrogPlatform: utils.JFrogPlatform{XrayVersion: xrayVersion, XscVersion: xscVersion},
 		Scan: utils.Scan{
-			FailOnSecurityIssues: &falseVal,
+			AddPrCommentOnSuccess: true,
+			FailOnSecurityIssues:  &falseVal,
 			Projects: []utils.Project{{
 				InstallCommandName: "npm",
 				InstallCommandArgs: []string{"i"},

utils/comment.go

@@ -45,10 +45,12 @@ func HandlePullRequestCommentsAfterScan(issues *IssuesCollection, repo *Reposito
 	}
 
 	// Add summary (SCA, license) scan comment
-	for _, comment := range generatePullRequestSummaryComment(issues, repo.OutputWriter) {
-		if err = client.AddPullRequestComment(context.Background(), repo.RepoOwner, repo.RepoName, comment, pullRequestID); err != nil {
-			err = errors.New("couldn't add pull request comment: " + err.Error())
-			return
+	if issues.IssuesExists() || repo.AddPrCommentOnSuccess {
+		for _, comment := range generatePullRequestSummaryComment(issues, repo.OutputWriter) {
+			if err = client.AddPullRequestComment(context.Background(), repo.RepoOwner, repo.RepoName, comment, pullRequestID); err != nil {
+				err = errors.New("couldn't add pull request comment: " + err.Error())
+				return
+			}
 		}
 	}
 

utils/consts.go

@@ -53,13 +53,15 @@ const (
 
 	// Repository environment variables - Ignored if the frogbot-config.yml file is used
 	InstallCommandEnv                  = "JF_INSTALL_DEPS_CMD"
+	MaxPnpmTreeDepthEnv                = "JF_PNPM_MAX_TREE_DEPTH"
 	RequirementsFileEnv                = "JF_REQUIREMENTS_FILE"
 	WorkingDirectoryEnv                = "JF_WORKING_DIR"
 	PathExclusionsEnv                  = "JF_PATH_EXCLUSIONS"
 	jfrogWatchesEnv                    = "JF_WATCHES"
 	jfrogProjectEnv                    = "JF_PROJECT"
 	IncludeAllVulnerabilitiesEnv       = "JF_INCLUDE_ALL_VULNERABILITIES"
 	AvoidPreviousPrCommentsDeletionEnv = "JF_AVOID_PREVIOUS_PR_COMMENTS_DELETION"
+	AddPrCommentOnSuccessEnv           = "JF_PR_ADD_SUCCESS_COMMENT"
 	FailOnSecurityIssuesEnv            = "JF_FAIL"
 	UseWrapperEnv                      = "JF_USE_WRAPPER"
 	DepsRepoEnv                        = "JF_DEPS_REPO"

utils/params.go

@@ -89,6 +89,7 @@ type Project struct {
 	WorkingDirs         []string `yaml:"workingDirs,omitempty"`
 	PathExclusions      []string `yaml:"pathExclusions,omitempty"`
 	UseWrapper          *bool    `yaml:"useWrapper,omitempty"`
+	MaxPnpmTreeDepth    string   `yaml:"maxPnpmTreeDepth,omitempty"`
 	DepsRepo            string   `yaml:"repository,omitempty"`
 	InstallCommandName  string
 	InstallCommandArgs  []string
@@ -131,6 +132,10 @@ func (p *Project) setDefaultsIfNeeded() error {
 	if p.DepsRepo == "" {
 		p.DepsRepo = getTrimmedEnv(DepsRepoEnv)
 	}
+	if p.MaxPnpmTreeDepth == "" {
+		p.MaxPnpmTreeDepth = getTrimmedEnv(MaxPnpmTreeDepthEnv)
+	}
+
 	return nil
 }
 
@@ -157,6 +162,7 @@ type Scan struct {
 	AvoidPreviousPrCommentsDeletion bool      `yaml:"avoidPreviousPrCommentsDeletion,omitempty"`
 	MinSeverity                     string    `yaml:"minSeverity,omitempty"`
 	DisableJas                      bool      `yaml:"disableJas,omitempty"`
+	AddPrCommentOnSuccess           bool      `yaml:"addPrCommentOnSuccess,omitempty"`
 	AllowedLicenses                 []string  `yaml:"allowedLicenses,omitempty"`
 	Projects                        []Project `yaml:"projects,omitempty"`
 	EmailDetails                    `yaml:",inline"`
@@ -222,6 +228,11 @@ func (s *Scan) setDefaultsIfNeeded() (err error) {
 			return
 		}
 	}
+	if !s.AddPrCommentOnSuccess {
+		if s.AddPrCommentOnSuccess, err = getBoolEnv(AddPrCommentOnSuccessEnv, true); err != nil {
+			return
+		}
+	}
 	if !s.DetectionOnly {
 		if s.DetectionOnly, err = getBoolEnv(DetectionOnlyEnv, false); err != nil {
 			return

utils/params_test.go

@@ -401,6 +401,7 @@ func validateBuildRepoAggregator(t *testing.T, repo *Repository, gitParams *Git,
 	assert.Equal(t, "Medium", repo.MinSeverity)
 	assert.Equal(t, true, repo.FixableOnly)
 	assert.Equal(t, true, repo.DisableJas)
+	assert.Equal(t, true, repo.AddPrCommentOnSuccess)
 	assert.Equal(t, true, repo.DetectionOnly)
 	assert.ElementsMatch(t, []string{"MIT", "Apache-2.0"}, repo.AllowedLicenses)
 	assert.Equal(t, gitParams.RepoOwner, repo.RepoOwner)

utils/scandetails.go

@@ -180,6 +180,7 @@ func (sc *ScanDetails) RunInstallAndAudit(workDirs ...string) (auditResults *res
 		SetXscVersion(sc.XscVersion).
 		SetPipRequirementsFile(sc.PipRequirementsFile).
 		SetUseWrapper(*sc.UseWrapper).
+		SetMaxTreeDepth(sc.MaxPnpmTreeDepth).
 		SetDepsRepo(sc.DepsRepo).
 		SetIgnoreConfigFile(true).
 		SetServerDetails(sc.ServerDetails).