Publish Scan Results to Gitlab Dashboards

scanrepository/scanrepository.go

@@ -4,12 +4,13 @@ import (
 	"context"
 	"errors"
 	"fmt"
-	"github.com/jfrog/frogbot/v2/packageupdaters"
 	"os"
 	"path/filepath"
 	"regexp"
 	"strings"
 
+	"github.com/jfrog/frogbot/v2/packageupdaters"
+
 	"github.com/go-git/go-git/v5"
 	biutils "github.com/jfrog/build-info-go/utils"
 
@@ -154,8 +155,15 @@ func (sr *ScanRepositoryCmd) scanAndFixBranch(repository *utils.Repository) (tot
 	totalFindings = getTotalFindingsFromScanResults(scanResults)
 	sr.uploadResultsToGithubDashboardsIfNeeded(repository, scanResults)
 
+	if repository.Params.Git.GitProvider == vcsutils.GitLab && repository.Params.Git.GitlabScanResultsOutputDir != "" {
+		log.Debug(fmt.Sprintf("Trying to save scan results to directory: %s", repository.Params.Git.GitlabScanResultsOutputDir))
+		if writeErr := utils.WriteScanResultsToDir(repository.Params.Git.GitlabScanResultsOutputDir, scanResults, sr.scanDetails.StartTime); writeErr != nil {
+			log.Warn(fmt.Sprintf("Failed to write scan results to directory: %s", writeErr.Error()))
+		}
+	}
+
 	if !repository.Params.FrogbotConfig.CreateAutoFixPr {
-		log.Info(fmt.Sprintf("This command is running in detection mode only. To enable automatic fixing of issues, set the '%s' flag under the repository's coniguration settings in Jfrog platform", createAutoFixPrConfigNameInProfile))
+		log.Info(fmt.Sprintf("This command is running in detection mode only. To enable automatic fixing of issues, set the '%s' flag under the repository's configuration settings in Jfrog platform", createAutoFixPrConfigNameInProfile))
 		return totalFindings, nil
 	}
 

utils/consts.go

@@ -42,10 +42,11 @@ const (
 	GitDependencyGraphSubmissionEnv = "JF_UPLOAD_SBOM_TO_VCS"
 
 	//#nosec G101 -- False positive - no hardcoded credentials.
-	GitTokenEnv         = "JF_GIT_TOKEN"
-	GitBaseBranchEnv    = "JF_GIT_BASE_BRANCH"
-	GitPullRequestIDEnv = "JF_GIT_PULL_REQUEST_ID"
-	GitApiEndpointEnv   = "JF_GIT_API_ENDPOINT"
+	GitTokenEnv                   = "JF_GIT_TOKEN"
+	GitBaseBranchEnv              = "JF_GIT_BASE_BRANCH"
+	GitPullRequestIDEnv           = "JF_GIT_PULL_REQUEST_ID"
+	GitApiEndpointEnv             = "JF_GIT_API_ENDPOINT"
+	GitlabScanResultsOutputDirEnv = "JF_SCAN_RESULTS_OUTPUT_DIR"
 
 	// Placeholders for templates
 	PackagePlaceHolder    = "{IMPACTED_PACKAGE}"

utils/getconfiguration.go

@@ -68,12 +68,13 @@ func (jp *JFrogPlatform) setJfProjectKeyIfExists() (err error) {
 type Git struct {
 	GitProvider vcsutils.VcsProvider
 	vcsclient.VcsInfo
-	RepoOwner          string
-	RepoName           string
-	Branches           []string
-	PullRequestDetails vcsclient.PullRequestInfo
-	RepositoryCloneUrl string
-	UploadSbomToVcs    *bool
+	RepoOwner                  string
+	RepoName                   string
+	Branches                   []string
+	PullRequestDetails         vcsclient.PullRequestInfo
+	RepositoryCloneUrl         string
+	UploadSbomToVcs            *bool
+	GitlabScanResultsOutputDir string
 }
 
 func (g *Git) GetRepositoryHttpsCloneUrl(gitClient vcsclient.VcsClient) (string, error) {
@@ -95,6 +96,7 @@ func (g *Git) setDefaultsIfNeeded(gitParamsFromEnv *Git, commandName string) (er
 	g.VcsInfo = gitParamsFromEnv.VcsInfo
 	g.PullRequestDetails = gitParamsFromEnv.PullRequestDetails
 	g.RepoName = gitParamsFromEnv.RepoName
+	g.GitlabScanResultsOutputDir = gitParamsFromEnv.GitlabScanResultsOutputDir
 
 	if commandName == ScanPullRequest {
 		if gitParamsFromEnv.PullRequestDetails.ID == 0 {
@@ -425,6 +427,8 @@ func extractGitParamsFromEnvs() (*Git, error) {
 		gitEnvParams.PullRequestDetails = vcsclient.PullRequestInfo{ID: int64(convertedPrId)}
 	}
 
+	gitEnvParams.GitlabScanResultsOutputDir = getTrimmedEnv(GitlabScanResultsOutputDirEnv)
+
 	return gitEnvParams, nil
 }