search

jfrog / frogbot

🐸 Scans your Git repository with JFrog Xray for security vulnerabilities. 🤖
https://docs.jfrog-applications.jfrog.io/
Apache License 2.0
302 stars 72 forks source link

Branch creation (PR) failing at the end for Repository Scans, for a monorepo. #651

Open imranzunzani opened 7 months ago

imranzunzani commented 7 months ago

On a monorepo with the following frogbot-config.yml (names redacted with *) : 

- params:
    git:
      repoName: test-scan
      branches:
        - main
    scan:
      projects:
        - workingDirs:
            - apps/***/***
            - apps/***/***
            - apps/***/***
            - apps/***/***
            - apps/***/***
            - apps/***/***
        - pathExclusions:
            - "*node_modules*"
            - "*target*"
            - "*venv*"
            - "*test*"
            - "*analytics*"

I get the following errors at the end: 

failed upon creating/checkout branch 'frogbot-formidable-69bab9618eba86d7d6a53b9c9b97213f' with error: a branch named "refs/heads/frogbot-formidable-69bab9618eba86d7d6a53b9c9b97213f" already exists
  the following errors occured while fixing vulnerabilities in '/tmp/jfrog.cli.temp.-1708960538-2693089640/apps/***/***':
  failed upon creating/checkout branch 'frogbot-semver-cf2fc5578bd663af2e3eaa946400c132' with error: a branch named "refs/heads/frogbot-semver-cf2fc5578bd663af2e3eaa946400c132" already exists
  failed upon creating/checkout branch 'frogbot-next-cd954fdff4c346f20cf8413b37af9231' with error: a branch named "refs/heads/frogbot-next-cd954fdff4c346f20cf8413b37af9231" already exists
  failed upon creating/checkout branch 'frogbot-word-wrap-e924a4795a0a50023a401dd0ca8b198a' with error: a branch named "refs/heads/frogbot-word-wrap-e924a4795a0a50023a401dd0ca8b198a" already exists
  the following errors occured while fixing vulnerabilities in '/tmp/jfrog.cli.temp.-1708960538-2693089640/apps/***/***':
  failed upon creating/checkout branch 'frogbot-tough-cookie-55a2094db87e0b506cfe7698b7536175' with error: a branch named "refs/heads/frogbot-tough-cookie-55a2094db87e0b506cfe7698b7536175" already exists
  Error: The process '/opt/hostedtoolcache/frogbot/[RELEASE]/x64/frogbot' failed with exit code 1

Could you please help with understanding the problem here?

attiasas commented 7 months ago

Hi @imranzunzani,

Thank you for using Frogbot!

This issue is known when you have multiple projects with the same dependencies. We are actively working on fixing it and providing a solution to handle this scenario. You can track the progress of the fix by following this link: GitHub Pull Request #649.

Please don't hesitate to reach out if you have any further questions or encounter any issues.

imranzunzani commented 7 months ago

Thanks @attiasas. Let me check, as soon as #649 is merged.

eranturgeman commented 2 months ago

Hello @imranzunzani I wanted to give you an update on this matter. As @attiasas mentioned, this is a known issue and we were working on a fix. We discovered the issue is a bit tricker than we thought and requires several changes in order to be fixed. We are actively working on making those improvements and to enable Frogbot and 'audit' command to handle more complex project structures. Please follow our future releases :)

imranzunzani commented 2 months ago

Thanks @eranturgeman. Let me loop in @Avi706 here as well.

@Avi706 , FYC. This is in relation to monorepo structures.