jfrog / frogbot

🐸 Scans your Git repository with JFrog Xray for security vulnerabilities. 🤖
https://docs.jfrog-applications.jfrog.io/
Apache License 2.0
305 stars 73 forks source link

Error occured to integrate frogbot using jenkins #641

Closed MounikaBandaru8 closed 3 months ago

MounikaBandaru8 commented 9 months ago

How can we help?

I want to scan my bitbucket repo with frogbot using jenkins pipelines .I followed the documention below and given the all the necessary details https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot/setup-frogbot/setup-frogbot-using-jenkins

but i am encountering this issue [Error] Get "/rest/api/1.0/projects/SWFTA/repos/functional-test/raw/.frogbot/frogbot-config.yml?at=": unsupported protocol scheme ""

can you please help me out

eranturgeman commented 9 months ago

Hello @MounikaBandaru8 and thank you for using Frogbot! As it seems from the single error line you provided there is an issue with the schema of frogbot-config.yml or withthe file's location. Can you please provide the frogbot-config.yml you use and its path from your root directory in your main/master branch?

MounikaBandaru8 commented 9 months ago

Hii thanks for the reply, Actually i followed this documentation https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot/setup-frogbot/setup-frogbot-using-jenkins here they didnt mentioned in any step to create frogbot-config.yaml file. This is the pipeline script in jenkins // Run the job once a day CRON_SETTINGS = '''0 0 *'''

pipeline { agent{ node { label 'API-PERFORMANCE-TEST' }

}

triggers {
    cron(CRON_SETTINGS)
}

environment {

    // [Mandatory]
    // Username of the account associated with the Git access token
    JF_GIT_USERNAME = "Mounika"

    // [Mandatory]
    // Owner of the repository
    // BitbucketServer note: Private projects should start with the prefix: "~"
   // JF_GIT_OWNER = "SWFTA"
    JF_GIT_OWNER="SWFTA"

    // [Mandatory]
    // Name of the repository to scan
    JF_GIT_REPO = "functional-test"

    // [Mandatory]
    // Name of the git provider, one of the following: [bitbucketServer,github,gitlab,azureRepos]
    JF_GIT_PROVIDER = "bitbucketServer"

    // [Mandatory]
    // JFrog platform URL (This functionality requires version 3.29.0 or above of Xray)
    JF_URL =  credentials("JF_URL")
    // [Mandatory if JF_USER and JF_PASSWORD are not provided]
    // JFrog access token with 'read' permissions for Xray
    JF_ACCESS_TOKEN = credentials("JF_ACCESS_TOKEN")
    // [Mandatory]
    // GitHub enterprise server access token with the following permissions:
    // Read and Write access to code, pull requests, security events, and workflows
    JF_GIT_TOKEN =  credentials("JF_GIT_TOKEN")

}

stages {

    stage('Download Frogbot') {
        steps {
            script{
                      powershell "Set-ExecutionPolicy Bypass -Scope CurrentUser -Force; Invoke-WebRequest -Uri 'https://releases.jfrog.io/artifactory/frogbot/v2/[RELEASE]/frogbot-windows-amd64/frogbot.exe' -OutFile './frogbot.exe'"
                        bat 'dir'
            }
        }
    }

    stage('Scan Repository') {
steps {

     bat '.\\frogbot.exe scan-repository'
}

}

}

} and this is the error i am encountering [Error] Get "/rest/api/1.0/projects/SWFTA/repos/functional-test/raw/.frogbot/frogbot-config.yml?at=": unsupported protocol scheme ""

can you please check this and help me out

medhost-nwatson commented 6 months ago

You need to set JF_GIT_API_ENDPOINT to the url of your bitbucketServer instance.

eranturgeman commented 5 months ago

Hello again @MounikaBandaru8 What @medhost-nwatson said above is correct and you need to set JF_GIT_API_ENDPOINT to the url of your BitbucketServer. The frogbot-config.yml I mentioned earlier is yet another configuration file that enables you a higher level of customization for you Frogbot execution settings and enables you to define some advanced configurations that are unavailable through the CI file sometimes. My assumption is that you didn't set JF_GIT_API_ENDPOINT so Frogbot is referring to frogbot-config.yml to search a value for this env var (since it is mandatory for a bitbucket server). Since Frogbot is unable to find this file (I assume it doesn't exist, which is ok since it is not mandatory file) and fails. Please try the above suggestion and define JF_GIT_API_ENDPOINT. If it doesn't help I'd love to hear from you and help you resolve the issue. If this worked for you I'd appreciate if you let us know so we can close this issue :)

eranturgeman commented 3 months ago

Hello again @MounikaBandaru8, we didn't get any response from you. I assume you were able to resolve the issue with the simple fix suggested above. If not- feel free to re-open this ticket or open a new GitHub issue if you need any further assistance :)