Merge branch 'refs/heads/main' into ast-FixErrors-AST-31546

# Conflicts:
#	internal/commands/result_test.go

.github/workflows/release.yml

@@ -60,9 +60,16 @@ jobs:
           /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
           brew --version
       - name: Install gon
-        run: brew install Bearer/tap/gon
-      - name: install docker
-        run: brew install docker
+        run: |
+          brew install Bearer/tap/gon
+      - name: Setup Docker on macOS
+        if: inputs.dev == false
+        uses: douglascamata/setup-docker-macos-action@v1-alpha
+      - name: Test docker
+        if: inputs.dev == false
+        run: |
+          docker version
+          docker info
       - name: Login to Docker Hub
         if: inputs.dev == false
         uses: docker/login-action@dd4fa0671be5250ee6f50aedf4cb05514abda2c7 #v1

.gitignore

@@ -55,4 +55,8 @@ override.tf.json
 
 # Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
 # example: *tfplan*dist/
-/dist
+/dist
+
+# Ignore CLI configuration files and installation log files
+**/colima-Darwin-x86_64
+**/install.log

.golangci.yml

@@ -12,6 +12,7 @@ linters-settings:
           - github.com/spf13/cobra
           - github.com/pkg/errors
           - github.com/google
+          - github.com/MakeNowJust/heredoc
   dupl:
     threshold: 500
   funlen:

cmd/main.go

@@ -51,6 +51,7 @@ func main() {
 	policyEvaluationPath := viper.GetString(params.PolicyEvaluationPathKey)
 	sastMetadataPath := viper.GetString(params.SastMetadataPathKey)
 	accessManagementPath := viper.GetString(params.AccessManagementPathKey)
+	byorPath := viper.GetString(params.ByorPathKey)
 
 	scansWrapper := wrappers.NewHTTPScansWrapper(scans)
 	resultsPdfReportsWrapper := wrappers.NewResultsPdfReportsHTTPWrapper(resultsPdfPath)
@@ -81,6 +82,7 @@ func main() {
 	policyWrapper := wrappers.NewHTTPPolicyWrapper(policyEvaluationPath)
 	sastMetadataWrapper := wrappers.NewSastIncrementalHTTPWrapper(sastMetadataPath)
 	accessManagementWrapper := wrappers.NewAccessManagementHTTPWrapper(accessManagementPath)
+	byorWrapper := wrappers.NewByorHTTPWrapper(byorPath)
 
 	astCli := commands.NewAstCLI(
 		applicationsWrapper,
@@ -112,6 +114,7 @@ func main() {
 		policyWrapper,
 		sastMetadataWrapper,
 		accessManagementWrapper,
+		byorWrapper,
 	)
 	exitListener()
 	err = astCli.Execute()

go.mod

@@ -1,6 +1,6 @@
 module github.com/checkmarx/ast-cli
 
-go 1.22.2
+go 1.22.3
 
 require (
 	github.com/MakeNowJust/heredoc v1.0.0
@@ -14,27 +14,29 @@ require (
 	github.com/pkg/errors v0.9.1
 	github.com/spf13/cobra v1.8.0
 	github.com/spf13/viper v1.18.2
+	github.com/stretchr/testify v1.9.0
 	github.com/tomnomnom/linkheader v0.0.0-20180905144013-02ca5825eb80
 	golang.org/x/crypto v0.22.0
 	golang.org/x/text v0.14.0
 	gotest.tools v2.2.0+incompatible
 )
 
 require (
+	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/fsnotify/fsnotify v1.7.0 // indirect
 	github.com/google/go-cmp v0.5.9 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/magiconair/properties v1.8.7 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/pelletier/go-toml/v2 v2.1.0 // indirect
+	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/sagikazarmark/locafero v0.4.0 // indirect
 	github.com/sagikazarmark/slog-shim v0.1.0 // indirect
 	github.com/sourcegraph/conc v0.3.0 // indirect
 	github.com/spf13/afero v1.11.0 // indirect
 	github.com/spf13/cast v1.6.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
-	github.com/stretchr/testify v1.9.0 // indirect
 	github.com/subosito/gotenv v1.6.0 // indirect
 	github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
 	go.uber.org/atomic v1.9.0 // indirect
@@ -43,5 +45,4 @@ require (
 	golang.org/x/sys v0.19.0 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-
 )

go.sum

@@ -86,7 +86,6 @@ golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30=
 golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M=
 golang.org/x/exp v0.0.0-20230905200255-921286631fa9 h1:GoHiUyI/Tp2nVkLI2mCxVkOjsbSXD66ic0XW0js0R9g=
 golang.org/x/exp v0.0.0-20230905200255-921286631fa9/go.mod h1:S2oDrQGGwySpoQPVqRShND87VCbxmc6bL1Yd2oYrm6k=
-golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
 golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o=
 golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=

internal/commands/.scripts/integration_up.sh

@@ -13,8 +13,8 @@ rm -rf ScaResolver-linux64.tar.gz
 go test \
   -tags integration \
   -v \
-  -timeout 90m \
-  -coverpkg github.com/checkmarx/ast-cli/internal/commands,github.com/checkmarx/ast-cli/internal/wrappers \
+  -timeout 210m \
+  -coverpkg github.com/checkmarx/ast-cli/internal/commands,github.com/checkmarx/ast-cli/internal/services,github.com/checkmarx/ast-cli/internal/wrappers \
   -coverprofile cover.out \
   github.com/checkmarx/ast-cli/test/integration
 

internal/commands/.scripts/up.sh

@@ -4,4 +4,4 @@ wget https://sca-downloads.s3.amazonaws.com/cli/latest/ScaResolver-linux64.tar.g
 tar -xzvf ScaResolver-linux64.tar.gz -C /tmp
 rm -rf ScaResolver-linux64.tar.gz
 # ignore mock and wrappers packages, as they checked by integration tests
-go test $(go list ./... | grep -v "mock" | grep -v "wrappers" | grep -v "bitbucketserver" | grep -v "logger") -coverprofile cover.out
+go test $(go list ./... | grep -v "mock" | grep -v "wrappers" | grep -v "bitbucketserver" | grep -v "logger") -timeout 940.000s -coverprofile cover.out

internal/commands/groups.go

@@ -2,110 +2,25 @@ package commands
 
 import (
 	"encoding/json"
-	"strings"
 
+	featureFlagsConstants "github.com/checkmarx/ast-cli/internal/constants/feature-flags"
 	commonParams "github.com/checkmarx/ast-cli/internal/params"
+	"github.com/checkmarx/ast-cli/internal/services"
 	"github.com/checkmarx/ast-cli/internal/wrappers"
-	"github.com/pkg/errors"
 	"github.com/spf13/cobra"
 )
 
-const accessManagementEnabled = "ACCESS_MANAGEMENT_ENABLED" // feature flag
-
-func createGroupsMap(groupsStr string, groupsWrapper wrappers.GroupsWrapper) ([]*wrappers.Group, error) {
-	groups := strings.Split(groupsStr, ",")
-	var groupsMap []*wrappers.Group
-	var groupsNotFound []string
-	for _, group := range groups {
-		if len(group) > 0 {
-			groupsFromEnv, err := groupsWrapper.Get(group)
-			if err != nil {
-				groupsNotFound = append(groupsNotFound, group)
-			} else {
-				findGroup := findGroupByName(groupsFromEnv, group)
-				if findGroup != nil && findGroup.Name != "" {
-					groupsMap = append(groupsMap, findGroup)
-				} else {
-					groupsNotFound = append(groupsNotFound, group)
-				}
-			}
-		}
-	}
-	if len(groupsNotFound) > 0 {
-		return nil, errors.Errorf("%s: %v", failedFindingGroup, groupsNotFound)
-	}
-	return groupsMap, nil
-}
-
-func findGroupByName(groups []wrappers.Group, name string) *wrappers.Group {
-	for i := 0; i < len(groups); i++ {
-		if groups[i].Name == name {
-			return &groups[i]
-		}
-	}
-	return nil
-}
-
 func updateGroupValues(input *[]byte, cmd *cobra.Command, groupsWrapper wrappers.GroupsWrapper) ([]*wrappers.Group, error) {
 	groupListStr, _ := cmd.Flags().GetString(commonParams.GroupList)
-	groups, err := createGroupsMap(groupListStr, groupsWrapper)
+	groups, err := services.CreateGroupsMap(groupListStr, groupsWrapper)
 	if err != nil {
 		return groups, err
 	}
-	if !wrappers.FeatureFlags[accessManagementEnabled] {
+	if !wrappers.FeatureFlags[featureFlagsConstants.AccessManagementEnabled] {
 		var info map[string]interface{}
 		_ = json.Unmarshal(*input, &info)
-		info["groups"] = getGroupIds(groups)
+		info["groups"] = services.GetGroupIds(groups)
 		*input, _ = json.Marshal(info)
 	}
 	return groups, nil
 }
-func getGroupsForRequest(groups []*wrappers.Group) []string {
-	if !wrappers.FeatureFlags[accessManagementEnabled] {
-		return getGroupIds(groups)
-	}
-	return nil
-}
-func getGroupIds(groups []*wrappers.Group) []string {
-	var groupIds []string
-	for _, group := range groups {
-		groupIds = append(groupIds, group.ID)
-	}
-	return groupIds
-}
-
-func assignGroupsToProjectNewAccessManagement(projectID string, projectName string, groups []*wrappers.Group,
-	accessManagement wrappers.AccessManagementWrapper) error {
-	if !wrappers.FeatureFlags[accessManagementEnabled] {
-		return nil
-	}
-	groupsAssignedToTheProject, err := accessManagement.GetGroups(projectID)
-	if err != nil {
-		return err
-	}
-	groupsToAssign := getGroupsToAssign(groups, groupsAssignedToTheProject)
-	if len(groupsToAssign) == 0 {
-		return nil
-	}
-
-	err = accessManagement.CreateGroupsAssignment(projectID, projectName, groupsToAssign)
-	if err != nil {
-		return err
-	}
-	return nil
-}
-
-func getGroupsToAssign(receivedGroups, existingGroups []*wrappers.Group) []*wrappers.Group {
-	var groupsToAssign []*wrappers.Group
-	var groupsMap = make(map[string]bool)
-	for _, existingGroup := range existingGroups {
-		groupsMap[existingGroup.ID] = true
-	}
-	for _, receivedGroup := range receivedGroups {
-		find := groupsMap[receivedGroup.ID]
-		if !find {
-			groupsToAssign = append(groupsToAssign, receivedGroup)
-		}
-	}
-	return groupsToAssign
-}