Fix for incremental scan appearing as Full scan when using scan list …

…command (#623) * fixing for incremental scan appearing as Full scan when using scan list command
Checkmarx · Dec 20, 2023 · 1e84dc6 · 1e84dc6
1 parent 8f085fa
commit 1e84dc6
Show file tree

Hide file tree

Showing 16 changed files with 228 additions and 29 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -4,7 +4,7 @@ on:
   pull_request:
 
 env:
-  GO_VERSION: '1.21.4'
+  GO_VERSION: '1.21.5'
 
 jobs:
   unit-tests:
@@ -119,6 +119,7 @@ jobs:
       - name: golangci-lint
         uses: golangci/golangci-lint-action@v3
         with:
+          skip-pkg-cache: true
           version: v1.54.2
           args: -c .golangci.yml
           only-new-issues: true
@@ -129,5 +130,5 @@ jobs:
       - id: govulncheck
         uses: golang/govulncheck-action@v1
         with:
-          go-version-input: '1.21.4'
+          go-version-input: ${{ env.GO_VERSION }}
           go-package: ./...
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -43,7 +43,7 @@ jobs:
       - name: Install Go
         uses: actions/setup-go@v4
         with:
-          go-version: '^1.21.4'
+          go-version: '^1.21.5'
       - name: Import Code-Signing Certificates
         uses: Apple-Actions/import-codesign-certs@v1
         with:

diff --git a/.golangci.yml b/.golangci.yml
@@ -1,6 +1,14 @@
 linters-settings:
+  #  https://golangci-lint.run/usage/linters/#depguard
   depguard:
     list-type: blacklist
+    rules:
+      main:
+        allow:
+          - $gostd
+          - github.com/checkmarx/ast-cli/internal/wrappers
+          - github.com/checkmarx/ast-cli/internal/params
+          - github.com/spf13/viper
   dupl:
     threshold: 500
   funlen:
@@ -107,8 +115,8 @@ run:
     - internal/renameio
     - internal/robustio
 
- # In case of linter atoi() erros
- # go: '^1.21'
+  # In case of linter atoi() erros
+  # go: '^1.21'
 
 # golangci.com configuration
 # https://github.com/golangci/golangci/wiki/Configuration

diff --git a/cmd/main.go b/cmd/main.go
@@ -48,6 +48,7 @@ func main() {
 	resultsSbomProxyPath := viper.GetString(params.ResultsSbomReportProxyPathKey)
 	featureFlagsPath := viper.GetString(params.FeatureFlagsKey)
 	policyEvaluationPath := viper.GetString(params.PolicyEvaluationPathKey)
+	sastMetadataPath := viper.GetString(params.SastMetadataPathKey)
 
 	scansWrapper := wrappers.NewHTTPScansWrapper(scans)
 	resultsPdfReportsWrapper := wrappers.NewResultsPdfReportsHTTPWrapper(resultsPdfPath)
@@ -75,6 +76,7 @@ func main() {
 	chatWrapper := wrappers.NewChatWrapper()
 	featureFlagsWrapper := wrappers.NewFeatureFlagsHTTPWrapper(featureFlagsPath)
 	policyWrapper := wrappers.NewHTTPPolicyWrapper(policyEvaluationPath)
+	sastMetadataWrapper := wrappers.NewSastIncrementalHTTPWrapper(sastMetadataPath)
 
 	astCli := commands.NewAstCLI(
 		scansWrapper,
@@ -103,6 +105,7 @@ func main() {
 		chatWrapper,
 		featureFlagsWrapper,
 		policyWrapper,
+		sastMetadataWrapper,
 	)
 	exitListener()
 	err = astCli.Execute()

diff --git a/go.mod b/go.mod
@@ -1,6 +1,6 @@
 module github.com/checkmarx/ast-cli
 
-go 1.21.4
+go 1.21.5
 
 require (
 	github.com/MakeNowJust/heredoc v1.0.0
@@ -16,6 +16,7 @@ require (
 	github.com/spf13/viper v1.17.0
 	github.com/tomnomnom/linkheader v0.0.0-20180905144013-02ca5825eb80
 	golang.org/x/crypto v0.15.0
+	golang.org/x/text v0.14.0
 	gotest.tools v2.2.0+incompatible
 )
 
@@ -39,7 +40,6 @@ require (
 	go.uber.org/multierr v1.9.0 // indirect
 	golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect
 	golang.org/x/sys v0.14.0 // indirect
-	golang.org/x/text v0.14.0 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
diff --git a/internal/commands/root.go b/internal/commands/root.go
@@ -49,6 +49,7 @@ func NewAstCLI(
 	chatWrapper wrappers.ChatWrapper,
 	featureFlagsWrapper wrappers.FeatureFlagsWrapper,
 	policyWrapper wrappers.PolicyWrapper,
+	sastMetadataWrapper wrappers.SastMetadataWrapper,
 ) *cobra.Command {
 	// Create the root
 	rootCmd := &cobra.Command{
@@ -153,7 +154,9 @@ func NewAstCLI(
 		risksOverviewWrapper,
 		jwtWrapper,
 		scaRealTimeWrapper,
-		policyWrapper)
+		policyWrapper,
+		sastMetadataWrapper,
+	)
 	projectCmd := NewProjectCommand(projectsWrapper, groupsWrapper)
 	resultsCmd := NewResultsCommand(
 		resultsWrapper,

diff --git a/internal/commands/root_test.go b/internal/commands/root_test.go
@@ -56,6 +56,7 @@ func createASTTestCommand() *cobra.Command {
 	chatWrapper := &mock.ChatMockWrapper{}
 	featureFlagsMockWrapper := &mock.FeatureFlagsMockWrapper{}
 	policyWrapper := &mock.PolicyMockWrapper{}
+	sastMetadataWrapper := &mock.SastMetadataMockWrapper{}
 
 	return NewAstCLI(
 		scansMockWrapper,
@@ -84,6 +85,7 @@ func createASTTestCommand() *cobra.Command {
 		chatWrapper,
 		featureFlagsMockWrapper,
 		policyWrapper,
+		sastMetadataWrapper,
 	)
 }
 

diff --git a/internal/commands/scan.go b/internal/commands/scan.go
@@ -133,6 +133,7 @@ func NewScanCommand(
 	jwtWrapper wrappers.JWTWrapper,
 	scaRealTimeWrapper wrappers.ScaRealTimeWrapper,
 	policyWrapper wrappers.PolicyWrapper,
+	sastMetadataWrapper wrappers.SastMetadataWrapper,
 ) *cobra.Command {
 	scanCmd := &cobra.Command{
 		Use:   "scan",
@@ -157,9 +158,10 @@ func NewScanCommand(
 		groupsWrapper,
 		riskOverviewWrapper,
 		jwtWrapper,
-		policyWrapper)
+		policyWrapper,
+	)
 
-	listScansCmd := scanListSubCommand(scansWrapper)
+	listScansCmd := scanListSubCommand(scansWrapper, sastMetadataWrapper)
 
 	showScanCmd := scanShowSubCommand(scansWrapper)
 
@@ -373,7 +375,7 @@ func scanShowSubCommand(scansWrapper wrappers.ScansWrapper) *cobra.Command {
 	return showScanCmd
 }
 
-func scanListSubCommand(scansWrapper wrappers.ScansWrapper) *cobra.Command {
+func scanListSubCommand(scansWrapper wrappers.ScansWrapper, sastMetadataWrapper wrappers.SastMetadataWrapper) *cobra.Command {
 	listScansCmd := &cobra.Command{
 		Use:   "list",
 		Short: "List all scans in Checkmarx One",
@@ -390,7 +392,7 @@ func scanListSubCommand(scansWrapper wrappers.ScansWrapper) *cobra.Command {
 			`,
 			),
 		},
-		RunE: runListScansCommand(scansWrapper),
+		RunE: runListScansCommand(scansWrapper, sastMetadataWrapper),
 	}
 	listScansCmd.PersistentFlags().StringSlice(commonParams.FilterFlag, []string{}, filterScanListFlagUsage)
 	return listScansCmd
@@ -1984,7 +1986,7 @@ func isPolicyEvaluated(
 	return true, nil, nil
 }
 
-func runListScansCommand(scansWrapper wrappers.ScansWrapper) func(cmd *cobra.Command, args []string) error {
+func runListScansCommand(scansWrapper wrappers.ScansWrapper, sastMetadataWrapper wrappers.SastMetadataWrapper) func(cmd *cobra.Command, args []string) error {
 	return func(cmd *cobra.Command, args []string) error {
 		var allScansModel *wrappers.ScansCollectionResponseModel
 		var errorModel *wrappers.ErrorModel
@@ -1997,11 +1999,12 @@ func runListScansCommand(scansWrapper wrappers.ScansWrapper) func(cmd *cobra.Com
 		if err != nil {
 			return errors.Wrapf(err, "%s\n", failedGettingAll)
 		}
+
 		// Checking the response
 		if errorModel != nil {
 			return errors.Errorf(ErrorCodeFormat, failedGettingAll, errorModel.Code, errorModel.Message)
 		} else if allScansModel != nil && allScansModel.Scans != nil {
-			err = printByFormat(cmd, toScanViews(allScansModel.Scans))
+			err = printByFormat(cmd, toScanViews(allScansModel.Scans, sastMetadataWrapper))
 			if err != nil {
 				return err
 			}
@@ -2179,9 +2182,29 @@ type scanView struct {
 	Engines         []string
 }
 
-func toScanViews(scans []wrappers.ScanResponseModel) []*scanView {
+func toScanViews(scans []wrappers.ScanResponseModel, sastMetadataWrapper wrappers.SastMetadataWrapper) []*scanView {
+	scanIDs := make([]string, len(scans))
+	for i := range scans {
+		scanIDs[i] = scans[i].ID
+	}
+
+	paramsToSast := map[string]string{"scan-ids": strings.Join(scanIDs, ",")}
+
+	sastMetadata, err := sastMetadataWrapper.GetSastMetadataByIDs(paramsToSast)
+	if err != nil {
+		logger.Printf("error getting sast metadata: %v", err)
+		return nil
+	}
+
+	metadataMap := make(map[string]bool)
+	if sastMetadata != nil {
+		for i := range sastMetadata.Scans {
+			metadataMap[sastMetadata.Scans[i].ScanID] = sastMetadata.Scans[i].IsIncremental
+		}
+	}
 	views := make([]*scanView, len(scans))
 	for i := 0; i < len(scans); i++ {
+		scans[i].SastIncremental = strconv.FormatBool(metadataMap[scans[i].ID])
 		views[i] = toScanView(&scans[i])
 	}
 	return views

diff --git a/internal/wrappers/mock/sast-metadata-mock.go b/internal/wrappers/mock/sast-metadata-mock.go
@@ -0,0 +1,37 @@
+package mock
+
+import "github.com/checkmarx/ast-cli/internal/wrappers"
+
+type SastMetadataMockWrapper struct{}
+
+func (s SastMetadataMockWrapper) GetSastMetadataByIDs(params map[string]string) (
+	*wrappers.SastMetadataModel,
+	error,
+) {
+	return &wrappers.SastMetadataModel{
+		TotalCount: 2,
+		Scans: []wrappers.Scans{
+			{
+				ScanID:            "scan1",
+				ProjectID:         "project1",
+				Loc:               100,
+				FileCount:         50,
+				IsIncremental:     true,
+				AddedFilesCount:   10,
+				ChangedFilesCount: 5,
+			},
+			{
+				ScanID:                  "scan2",
+				ProjectID:               "project2",
+				Loc:                     150,
+				FileCount:               70,
+				IsIncremental:           false,
+				IsIncrementalCanceled:   true,
+				IncrementalCancelReason: "Some reason",
+				BaseID:                  "baseID",
+				DeletedFilesCount:       3,
+			},
+		},
+		Missing: []string{"missing1", "missing2"},
+	}, nil
+}
diff --git a/internal/wrappers/mock/sca-realtime-mock.go b/internal/wrappers/mock/sca-realtime-mock.go
@@ -2,7 +2,6 @@ package mock
 
 import (
 	"fmt"
-
 	"github.com/checkmarx/ast-cli/internal/wrappers"
 )
 

diff --git a/internal/wrappers/predicates-http.go b/internal/wrappers/predicates-http.go
@@ -97,7 +97,7 @@ func (r ResultsPredicatesHTTPWrapper) PredicateSeverityAndState(predicate *Predi
 	switch resp.StatusCode {
 	case http.StatusBadRequest, http.StatusInternalServerError:
 		return nil, errors.Errorf("Predicate bad request.")
-	case http.StatusOK:
+	case http.StatusOK, http.StatusCreated:
 		fmt.Println("Predicate updated successfully.")
 		return nil, nil
 	case http.StatusNotModified:

diff --git a/internal/wrappers/results-sbom-http.go b/internal/wrappers/results-sbom-http.go
@@ -16,7 +16,7 @@ import (
 )
 
 type SbomReportsPayload struct {
-	ScanID     string `json:"ScanId"`
+	ScanID     string `json:"ScanID"`
 	FileFormat string `json:"FileFormat"`
 }
 

diff --git a/internal/wrappers/sast-metadata-http.go b/internal/wrappers/sast-metadata-http.go
@@ -0,0 +1,55 @@
+package wrappers
+
+import (
+	"encoding/json"
+	"fmt"
+	"net/http"
+
+	commonParams "github.com/checkmarx/ast-cli/internal/params"
+	"github.com/spf13/viper"
+)
+
+type SastIncrementalHTTPWrapper struct {
+	path        string
+	contentType string
+}
+
+func NewSastIncrementalHTTPWrapper(path string) SastMetadataWrapper {
+	return &SastIncrementalHTTPWrapper{
+		path:        path,
+		contentType: "application/json",
+	}
+}
+
+func (s *SastIncrementalHTTPWrapper) GetSastMetadataByIDs(params map[string]string) (*SastMetadataModel, error) {
+	clientTimeout := viper.GetUint(commonParams.ClientTimeoutKey)
+
+	resp, err := SendPrivateHTTPRequestWithQueryParams(http.MethodGet, s.path, params, http.NoBody, clientTimeout)
+	if err != nil {
+		return nil, err
+	}
+	decoder := json.NewDecoder(resp.Body)
+
+	defer resp.Body.Close()
+
+	switch resp.StatusCode {
+	case http.StatusBadRequest, http.StatusInternalServerError:
+		errorModel := ErrorModel{}
+		err = decoder.Decode(&errorModel)
+		if err != nil {
+			return nil, fmt.Errorf("%v %s", err, failedToParseGetAll)
+		}
+		return nil, err
+	case http.StatusOK:
+		model := SastMetadataModel{}
+		err = decoder.Decode(&model)
+		if err != nil {
+			return nil, fmt.Errorf("%v %s", err, failedToParseGetAll)
+		}
+		return &model, nil
+	case http.StatusNotFound:
+		return nil, fmt.Errorf("scan not found")
+	default:
+		return nil, fmt.Errorf("response status code %d", resp.StatusCode)
+	}
+}
diff --git a/internal/wrappers/sast-metadata.go b/internal/wrappers/sast-metadata.go
@@ -0,0 +1,25 @@
+package wrappers
+
+type SastMetadataWrapper interface {
+	GetSastMetadataByIDs(params map[string]string) (*SastMetadataModel, error)
+}
+
+type SastMetadataModel struct {
+	TotalCount int      `json:"totalCount"`
+	Scans      []Scans  `json:"scans"`
+	Missing    []string `json:"missing"`
+}
+type Scans struct {
+	ScanID                  string `json:"scanId,omitempty"`
+	ProjectID               string `json:"projectId,omitempty"`
+	Loc                     int    `json:"loc,omitempty"`
+	FileCount               int    `json:"fileCount,omitempty"`
+	IsIncremental           bool   `json:"isIncremental,omitempty"`
+	IsIncrementalCanceled   bool   `json:"isIncrementalCanceled,omitempty"`
+	IncrementalCancelReason string `json:"incrementalCancelReason,omitempty"`
+	BaseID                  string `json:"baseId,omitempty"`
+	AddedFilesCount         int    `json:"addedFilesCount,omitempty"`
+	ChangedFilesCount       int    `json:"changedFilesCount,omitempty"`
+	DeletedFilesCount       int    `json:"deletedFilesCount,omitempty"`
+	QueryPreset             string `json:"queryPreset,omitempty"`
+}
-Original file line number
+Diff line change
@@ Expand Up / @@ -2,7 +2,6 @@ package mock @@
     import (
     	"fmt"
     	"github.com/checkmarx/ast-cli/internal/wrappers"
     )
@@ Expand Down @@