eranturgeman
commented
5 months ago Hello @vbaranwal24, thank you for using Frogbot!
If I understand correctly, it seems that your organization is blocking the download of getFrogbot.sh from https://releases.jfrog.io/. As a workaround, you manually downloaded the script into ./frogbot and attempted to execute it manually. Please let me know if I misunderstood.
Regarding your solution, it's important to note that Frogbot is not intended to be used in the manner you described. Here are some suggestions that may help address your issue:
Confirm the flow you were trying to run. You mentioned wanting to perform a scan upon PR, but provided the script for Scan-repository. Please ensure that you have configured the pipeline for the scan-pr flow, as the CI files may differ from each other. Note that the correct directory for Frogbot configuration files is "./.frogbot" (with the dot), not "./frogbot". Additionally, this directory is meant to hold only the 'frogbot-config.yml' file, and the flow automatically searches for this file in the target branch. The workaround you attempted may not work as intended. Keep in mind that Frogbot always searches for configuration files in the target branch, which is typically the base branch you defined. Unmerged changes to configuration files, including additions to CI files or frogbot-config.yml, will not be applied until merged. You can use a dedicated environment variable, JF_RELEASES_REPO, for cases where you cannot download from https://releases.jfrog.io/. Detailed information about this environment variable can be found in our documentation: JF_RELEASES_REPO Documentation If none of the above suggestions help resolve the issue or if you have any further questions, please don't hesitate to contact us again.
vbaranwal24
Hi Team,
I am trying to automate frogbot scan on my organization using azure pipeline when a PR is raised.
inputs: script: | getFrogbotScriptPath=$(if [ -z "$JF_RELEASES_REPO" ]; then echo "https://releases.jfrog.io"; else echo "${JF_URL}/artifactory/${JF_RELEASES_REPO}"; fi) curl -fLg "$getFrogbotScriptPath/artifactory/frogbot/v2/[RELEASE]/getFrogbot.sh" | sh ./frogbot cfpr
From the above script from frogbot setup (https://docs.jfrog-applications.jfrog.io/jfrog-applications/frogbot/setup-frogbot/setup-frogbot-using-azure-pipelines), my org was blocking to download getFrogbot.sh, so we have downloaded this file manually and kept it in project folder same root location where frogbot.yml is present and changed the above script to just like below:
Now when we run the pipeline, we are getting ./frogbot: No such file or directory
Not sure what is causing the issue. Can someone please help resolve this.