Support application key

Author: Sahar Bracha

action.yml

@@ -23,6 +23,9 @@ inputs:
         description: "By default, if the workflow completes with collected build-info that has not been published using the jf rt build-publish command, the build-info will be automatically published to Artifactory. Set this to true to disable the automatic publication of build-info at the end of the workflow."
         default: "false"
         required: false
+    application-key:
+        description: "Application key to associate packages with."
+        required: false
 outputs:
     oidc-token:
         description: "JFrog OIDC token generated by the Setup JFrog CLI when setting oidc-provider-name."

lib/utils.js

@@ -46,6 +46,7 @@ const core_1 = require("@octokit/core");
 const github = __importStar(require("@actions/github"));
 const zlib_1 = require("zlib");
 const util_1 = require("util");
+const YAML = __importStar(require("yaml"));
 class Utils {
     /**
      * Retrieves server credentials for accessing JFrog's server
@@ -74,8 +75,9 @@ class Utils {
             catch (error) {
                 throw new Error(`Getting openID Connect JSON web token failed: ${error.message}`);
             }
+            const applicationKey = yield this.getApplicationKey();
             try {
-                jfrogCredentials = yield this.getJfrogAccessTokenThroughOidcProtocol(jfrogCredentials, jsonWebToken, oidcProviderName);
+                jfrogCredentials = yield this.getJfrogAccessTokenThroughOidcProtocol(jfrogCredentials, jsonWebToken, oidcProviderName, applicationKey);
                 // Set environment variable to track OIDC logins in the usage report.
                 core.exportVariable('JFROG_CLI_USAGE_CONFIG_OIDC', 'TRUE');
                 return jfrogCredentials;
@@ -85,6 +87,34 @@ class Utils {
             }
         });
     }
+    static getApplicationKey() {
+        return __awaiter(this, void 0, void 0, function* () {
+            const appKey = core.getInput(Utils.APPLICATION_KEY);
+            if (appKey) {
+                return appKey;
+            }
+            const configFilePath = path.join(this.FROGBOT_CONFIG_DIR_NAME, this.FROGBOT_CONFIG_FILE);
+            try {
+                const config = yield this.readConfigFromFileSystem(configFilePath);
+                if (!config) {
+                    console.log('Config file is empty or not found.');
+                    return '';
+                }
+                const configObj = YAML.parse(config);
+                const applicationKey = configObj['application-key'];
+                if (!applicationKey) {
+                    console.log('Application key is not found in the config file.');
+                    return '';
+                }
+                console.log('Found application key: ' + applicationKey);
+                return applicationKey;
+            }
+            catch (error) {
+                console.log('Error reading config:', error);
+                return '';
+            }
+        });
+    }
     /**
      * Gathers JFrog's credentials from environment variables and delivers them in a JfrogCredentials structure
      * @returns JfrogCredentials struct with all credentials found in environment variables
@@ -117,9 +147,10 @@ class Utils {
      * @param jfrogCredentials existing JFrog credentials - url, access token, username + password
      * @param jsonWebToken JWT achieved from GitHub JWT provider
      * @param oidcProviderName OIDC provider name
+     * @param applicationKey
      * @returns an access token for the requested Artifactory server
      */
-    static getJfrogAccessTokenThroughOidcProtocol(jfrogCredentials, jsonWebToken, oidcProviderName) {
+    static getJfrogAccessTokenThroughOidcProtocol(jfrogCredentials, jsonWebToken, oidcProviderName, applicationKey) {
         return __awaiter(this, void 0, void 0, function* () {
             // If we've reached this stage, the jfrogCredentials.jfrogUrl field should hold a non-empty value obtained from process.env.JF_URL
             const exchangeUrl = jfrogCredentials.jfrogUrl.replace(/\/$/, '') + '/access/api/v1/oidc/token';
@@ -135,7 +166,8 @@ class Utils {
             "provider_name": "${oidcProviderName}",
             "project_key": "${projectKey}",
             "gh_job_id": "${jobId}",
-            "gh_run_id": "${runId}"
+            "gh_run_id": "${runId}",
+            "application_key": "${applicationKey}"
         }`;
             const additionalHeaders = {
                 'Content-Type': 'application/json',
@@ -613,6 +645,17 @@ class Utils {
             return yield this.compressAndEncodeSarif(sarif);
         });
     }
+    static readConfigFromFileSystem(configRelativePath) {
+        return __awaiter(this, void 0, void 0, function* () {
+            core.debug(`Reading config from file system. Looking for ${configRelativePath}`);
+            if (!(0, fs_1.existsSync)(configRelativePath)) {
+                core.debug(`cli-config.yml not found in ${configRelativePath}`);
+                return '';
+            }
+            core.debug(`cli-config.yml found in ${configRelativePath}`);
+            return yield fs_1.promises.readFile(configRelativePath, 'utf-8');
+        });
+    }
     static readMarkdownContent() {
         return __awaiter(this, void 0, void 0, function* () {
             const markdownFilePath = path.join(Utils.getJobOutputDirectoryPath(), 'markdown.md');
@@ -749,6 +792,12 @@ Utils.CLI_REMOTE_ARG = 'download-repository';
 Utils.OIDC_AUDIENCE_ARG = 'oidc-audience';
 // OpenID Connect provider_name input
 Utils.OIDC_INTEGRATION_PROVIDER_NAME = 'oidc-provider-name';
+// Application id to associate entities
+Utils.APPLICATION_KEY = 'application-key';
+// Config file directory name
+Utils.FROGBOT_CONFIG_DIR_NAME = '.frogbot';
+// Config file name
+Utils.FROGBOT_CONFIG_FILE = 'frogbot-config.yml';
 // Disable Job Summaries feature flag
 Utils.JOB_SUMMARY_DISABLE = 'disable-job-summary';
 // Disable auto build info publish feature flag