Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Change IsAllowedEngine func to return true when packageEnforcementEnabled is false (AST-76112) #951

Merged
merged 10 commits into from
Dec 3, 2024

Conversation

AlvoBen
Copy link
Collaborator

@AlvoBen AlvoBen commented Nov 28, 2024

By submitting a PR to this repository, you agree to the terms within the Checkmarx Code of Conduct. Please see the contributing guidelines for how to create and submit a high-quality PR for this repo.

Description

When PACKAGE_ENFORCEMENT_ENABLED FF is off, we don't need to check the license, but return true.

References

https://checkmarx.atlassian.net/browse/AST-76112

Testing

Added unit test

Checklist

  • I have added documentation for new/changed functionality in this PR (if applicable).
  • I have updated the CLI help for new/changed functionality in this PR (if applicable).
  • All active GitHub checks for tests, formatting, and security are passing
  • The correct base branch is being used

…bled is set to false because that means that user has license for everything
@AlvoBen AlvoBen requested a review from OrShamirCM as a code owner November 28, 2024 11:00
@OrShamirCM OrShamirCM requested a review from a team November 28, 2024 11:01
@github-actions github-actions bot added bug Something isn't working fix labels Nov 28, 2024
@AlvoBen AlvoBen changed the title Change IsAllowedEngine func to return true when packageEnforcementEnabled is set to false because that means that user has license for everything Change IsAllowedEngine func to return true when packageEnforcementEnabled is false Nov 28, 2024
Copy link

github-actions bot commented Nov 28, 2024

Logo
Checkmarx One – Scan Summary & Detailse20d0900-241b-4a89-8e22-7e09e4d8aa65

No New Or Fixed Issues Found

@AlvoBen AlvoBen changed the title Change IsAllowedEngine func to return true when packageEnforcementEnabled is false Change IsAllowedEngine func to return true when packageEnforcementEnabled is false (AST-76112) Dec 1, 2024
internal/wrappers/jwt-helper.go Outdated Show resolved Hide resolved
internal/services/asca_test.go Outdated Show resolved Hide resolved
@@ -130,3 +131,20 @@ func TestCreateASCAScanRequest_EngineRunningAndDefaultAgentAndNoLicense_Success(
assert.Nil(t, wrapperParams.ASCAWrapper.HealthCheck())
_ = wrapperParams.ASCAWrapper.ShutDown()
}

func TestCreateASCAScanRequest_CheckLicenseWhenPackageEnforcementFFOff_SuccessWithNilError(t *testing.T) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

rename to use the key words when, should

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But this test name is obvious and according to our conventions

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should be something like:
TestCreateASCAScanRequest_whenCheckLicenseWithPackageEnforcementFFOff_shouldSuccess

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe return
if !flagResponse.Status {
return true, nil
}
jwtStruct, err := getJwtStruct()...

Early return if the feature flag is disabled, to avoid unnecessary nested logic

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

good idea!

miryamfoiferCX
miryamfoiferCX previously approved these changes Dec 3, 2024
@AlvoBen
Copy link
Collaborator Author

AlvoBen commented Dec 3, 2024

Test are not passing because stability issue in IAC-Security engine

@AlvoBen AlvoBen merged commit 4847d70 into main Dec 3, 2024
8 of 9 checks passed
@AlvoBen AlvoBen deleted the fix/benalvo/true-for-no-package-enforcement branch December 3, 2024 14:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working fix
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants