AppTrust: Forward ApplicationKey through audit params to AnalyzerManager #483

eranturgeman · 2025-06-30T11:16:11Z

The pull request is targeting the dev branch.
The code has been validated to compile successfully by running go vet ./....
The code has been formatted properly using go fmt ./....
All static analysis checks passed.
All tests have passed. If this feature is not already covered by the tests, new tests have been added.
Updated the Contributing page / ReadMe page / CI Workflow files if needed.
All changes are detailed at the description. if not already covered at JFrog Documentation, new documentation have been added.

This Pr is part of the new AppTrust initiative.
We pass the application key, if received, through audit params to the analyzer manager, but only if we enter from Frogbot
Currently AppTrust is not supported for on-demand audit/ on-demand git audit/ on-demand scan

…zerManager env vars map

…pported)

… supported) + aligned the empty GitRepoHttpsCloneUrl to pass empty value for clarity

…o apptrust-pass-appkey-to-am-in-audit

github-actions · 2025-06-30T12:54:29Z

🐸 JFrog Frogbot

…o apptrust-pass-appkey-to-am-in-audit

eranturgeman added 8 commits June 30, 2025 14:02

added new AnalyzerManager env var for application key

367d94e

added new field to ResultContext to hold application key

d5bd7e8

added app-key to ResultsContext creation, and passed app-key to Analy…

cae37ee

…zerManager env vars map

added testcase for adding ap-key to ResultContext creation

20b66ae

enabled passing app-key to AnalyzerManager env vars map + test

f30e199

fix broken signature with empty app-key in git-audit (apptrust not su…

efe5c8b

…pported)

fix broken signature with empty app-key in scan command (apptrust not…

d3ba2d6

… supported) + aligned the empty GitRepoHttpsCloneUrl to pass empty value for clarity

fixed broken signature in test

abe801b

eranturgeman added the ignore for release Automatically generated release notes label Jun 30, 2025

eranturgeman had a problem deploying to frogbot June 30, 2025 11:16 — with GitHub Actions Failure

eranturgeman requested a review from orto17 June 30, 2025 11:16

Merge branch 'dev' of https://github.com/jfrog/jfrog-cli-security int…

02606ba

…o apptrust-pass-appkey-to-am-in-audit

eranturgeman temporarily deployed to frogbot June 30, 2025 11:17 — with GitHub Actions Inactive

eranturgeman added the safe to test Approve running integration tests on a pull request label Jun 30, 2025

github-actions bot removed the safe to test Approve running integration tests on a pull request label Jun 30, 2025

fix break in conan test

553689c

eranturgeman temporarily deployed to frogbot June 30, 2025 12:51 — with GitHub Actions Inactive

eranturgeman added the safe to test Approve running integration tests on a pull request label Jun 30, 2025

github-actions bot removed the safe to test Approve running integration tests on a pull request label Jun 30, 2025

fix break in conan test

1439cfd

eranturgeman had a problem deploying to frogbot July 1, 2025 06:35 — with GitHub Actions Failure

eranturgeman added the safe to test Approve running integration tests on a pull request label Jul 1, 2025