Skip to content

Add validation error if required package not installed for the AM #604

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
attiasas wants to merge 14 commits into
base: dev
Choose a base branch
from
Open

Add validation error if required package not installed for the AM #604

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
5bc1f9a
Add validation error if required package not installed for the AM
attiasas Nov 4, 2025
b5449d8
Merge remote-tracking branch 'upstream/dev' into guard_am_requirments
attiasas Nov 23, 2025
1acba2d
fix static tests
attiasas Nov 23, 2025
3c6037c
Merge remote-tracking branch 'upstream/dev' into guard_am_requirments
attiasas Feb 24, 2026
9e6bf1a
Merge remote-tracking branch 'upstream/dev' into guard_am_requirments
attiasas Feb 25, 2026
aa019e4
Merge remote-tracking branch 'upstream/dev' into guard_am_requirments
attiasas Mar 2, 2026
ea71794
fix merge
attiasas Mar 2, 2026
9f66bd3
add malicious sub scan
attiasas Mar 2, 2026
375f8cd
also validate if all scans requested for git audit
attiasas Mar 2, 2026
d27cbba
Merge remote-tracking branch 'upstream/dev' into guard_am_requirments
attiasas Mar 2, 2026
c29fa98
Merge remote-tracking branch 'upstream/dev' into guard_am_requirments
attiasas Mar 2, 2026
659aa3e
Merge remote-tracking branch 'upstream/dev' into guard_am_requirments
attiasas Mar 10, 2026
77de995
add to binary scans as well
attiasas Mar 10, 2026
d3b600d
validate only if entitled
attiasas Mar 10, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions commands/audit/audit.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -421,6 +421,11 @@ func initAuditCmdResults(params *AuditParams) (cmdResults *results.SecurityComma
cmdResults.SetEntitledForJas(entitledForJas)
}
if entitledForJas {
if utils.IsJASRequested(cmdResults.CmdType, params.ScansToPerform()...) {
if err = jas.ValidateRequiredInstalledSoftware(); err != nil {
return cmdResults.AddGeneralError(err, false)
}
}
cmdResults.SetSecretValidation(jas.CheckForSecretValidation(xrayManager, params.GetXrayVersion(), slices.Contains(params.ScansToPerform(), utils.SecretTokenValidationScan)))
}
return
Expand Down
5 changes: 5 additions & 0 deletions commands/scan/scan.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -338,6 +338,11 @@ func (scanCmd *ScanCommand) initScanCmdResults(cmdType utils.CommandType) (xrayM
} else {
cmdResults.SetEntitledForJas(entitledForJas)
if entitledForJas {
if utils.IsJASRequested(cmdResults.CmdType, scanCmd.scansToPerform...) {
if err = jas.ValidateRequiredInstalledSoftware(); err != nil {
return xrayManager, cmdResults.AddGeneralError(err, false)
}
}
cmdResults.SetSecretValidation(jas.CheckForSecretValidation(xrayManager, scanCmd.xrayVersion, scanCmd.validateSecrets))
}
}
Expand Down
13 changes: 13 additions & 0 deletions jas/analyzermanager.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,10 @@ const (

type JasDiffScanEnvValue string

var scannersRequiredInstalledSoftware = []string{
"git", "unzip", "curl",
}

var exitCodeErrorsMap = map[int]string{
notEntitledExitCode: "got not entitled error from analyzer manager",
unsupportedCommandExitCode: "got unsupported scan command error from analyzer manager",
Expand Down Expand Up @@ -327,3 +331,12 @@ func RunAnalyzerManagerWithPipesAndDownload(envVars map[string]string, cmd strin
}
return RunAnalyzerManagerWithPipes(envVars, cmd, inputPipe, outputPipe, errorPipe, timeout, args...)
}

func ValidateRequiredInstalledSoftware() (err error) {
for _, software := range scannersRequiredInstalledSoftware {
if softwarePath, e := exec.LookPath(software); e != nil || softwarePath == "" {
err = errors.Join(err, fmt.Errorf("could not find the required '%s' executable in the system PATH to run the Advanced Security Scans", software))
}
}
return
}
Loading