Skip to content

Add diff logic and parallel logger support for audit #642

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
eyalk007 wants to merge 18 commits into
base: dev
Choose a base branch
from
Open

Add diff logic and parallel logger support for audit #642

eyalk007 wants to merge 18 commits into from

Conversation

@eyalk007
Copy link
Contributor

@eyalk007 eyalk007 commented Jan 13, 2026
edited by attiasas
Loading

  • The pull request is targeting the dev branch.
  • The code has been validated to compile successfully by running go vet ./....
  • The code has been formatted properly using go fmt ./....
  • All static analysis checks passed.
  • All tests have passed. If this feature is not already covered by the tests, new tests have been added.
  • Updated the Contributing page / ReadMe page / CI Workflow files if needed.
  • All changes are detailed at the description. if not already covered at JFrog Documentation, new documentation have been added.

Depends on:

@eyalk007
Add parallel PR scanning functions (CompareJasResults, UnifyScaAndJas…
18c22a1 
…Results) - based on v1.24.2
@eyalk007
Add RunBranchDiffAudit for sequential branch scanning with clean logs
6c07738 
- Add branchdiff.go with RunBranchDiffAudit function
- Scans target branch first, then source branch (sequential)
- SCA diff handled internally by CLI
- JAS diff handled by CompareJasResults
- Add MergeStatusCodes for partial results filtering
- Status codes merged (worst of target + source) for frogbot filtering
@eyalk007
Add Logger field to AuditBasicParams for parallel scan log separation
caf59eb 
- Add logger field to AuditBasicParams with getter/setter
- RunAudit swaps global logger if custom logger provided
- Enables frogbot to capture logs per-scan for ordered output
@eyalk007
Add LogCollector for isolated parallel audit logging
7fc3bd0 
- Add LogCollector that captures logs in isolated buffer per audit
- Enables parallel audits without log interleaving
- Uses goroutine-local logger from jfrog-client-go
- Propagate logger to child goroutines in JAS runner and SCA scan
- Remove unused diff completion log message
@eyalk007
Update go.mod/go.sum
96ae51a
@eyalk007
Update LogCollector with ReplayTo for proper log formatting
b22d7c4
@eyalk007 eyalk007 self-assigned this Jan 13, 2026
@eyalk007 eyalk007 added the improvement Automatically generated release notes label Jan 13, 2026
eyalk007
eyalk007 commented Jan 13, 2026
View reviewed changes
utils/results/diff.go
)

// UnifyScaAndJasResults merges SCA and JAS diff results into a single SecurityCommandResults.
func UnifyScaAndJasResults(scaResults, jasDiffResults *SecurityCommandResults) *SecurityCommandResults {
Copy link
Contributor Author

@eyalk007 eyalk007 Jan 13, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

myabe needs to be moved to frogbot considering the specific use
and selected parallel audit implementation, your call @attiasas

eyalk007
eyalk007 commented Jan 13, 2026
View reviewed changes
utils/results/diff.go Outdated
}

// MergeStatusCodes merges two ResultsStatus, taking the worst (non-zero) status for each scanner.
func MergeStatusCodes(target, source ResultsStatus) ResultsStatus {
Copy link
Contributor Author

@eyalk007 eyalk007 Jan 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

because am already did this,
need to discuss with @orto17 and @attiasas if partial results logic should be moved here

@eyalk007 eyalk007 added the safe to test Approve running integration tests on a pull request label Jan 13, 2026
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Jan 13, 2026
eyalk007
eyalk007 commented Jan 15, 2026
View reviewed changes
utils/results/diff.go
}
}

log.Debug("[DIFF] Built target fingerprint set with", len(targetKeys), "unique keys")
Copy link
Contributor Author

@eyalk007 eyalk007 Jan 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

honestly is it relevant?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@eyalk007 eyalk007

Labels

improvement Automatically generated release notes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@eyalk007