From 463ff5e5a43b498b091083d46f14c2071e3ba506 Mon Sep 17 00:00:00 2001 From: miryamfoiferCX Date: Wed, 4 Dec 2024 11:12:16 +0200 Subject: [PATCH 01/14] Dont Update New Application When Project Exists --- internal/services/projects.go | 23 +++-------------------- 1 file changed, 3 insertions(+), 20 deletions(-) diff --git a/internal/services/projects.go b/internal/services/projects.go index e536b74ed..f77dc1362 100644 --- a/internal/services/projects.go +++ b/internal/services/projects.go @@ -44,11 +44,8 @@ func FindProject( resp, cmd, projectsWrapper, - groupsWrapper, accessManagementWrapper, - applicationWrapper, projectName, - applicationID, projectTags, projectPrivatePackage, featureFlagsWrapper) @@ -178,18 +175,14 @@ func updateProject( resp *wrappers.ProjectsCollectionResponseModel, cmd *cobra.Command, projectsWrapper wrappers.ProjectsWrapper, - groupsWrapper wrappers.GroupsWrapper, accessManagementWrapper wrappers.AccessManagementWrapper, - applicationsWrapper wrappers.ApplicationsWrapper, projectName string, - applicationID []string, projectTags string, projectPrivatePackage string, featureFlagsWrapper wrappers.FeatureFlagsWrapper, ) (string, error) { var projectID string - applicationName, _ := cmd.Flags().GetString(commonParams.ApplicationName) var projModel = wrappers.Project{} for i := 0; i < len(resp.Projects); i++ { if resp.Projects[i].Name == projectName { @@ -202,8 +195,8 @@ func updateProject( projModel.RepoURL = resp.Projects[i].RepoURL } } - if projectTags == "" && projectPrivatePackage == "" && len(applicationID) == 0 { - logger.PrintIfVerbose("No applicationId or tags to update. Skipping project update.") + if projectTags == "" && projectPrivatePackage == "" { + logger.PrintIfVerbose("No tags to update. Skipping project update.") return projectID, nil } if projectPrivatePackage != "" { @@ -226,22 +219,12 @@ func updateProject( logger.PrintIfVerbose("Updating project tags") projModel.Tags = createTagMap(projectTags) } - if len(applicationID) > 0 { - logger.PrintIfVerbose("Updating project applicationIds") - projModel.ApplicationIds = createApplicationIds(applicationID, projModelResp.ApplicationIds) - } + err = projectsWrapper.Update(projectID, &projModel) if err != nil { return "", errors.Errorf("%s: %v", failedUpdatingProj, err) } - if applicationName != "" || len(applicationID) > 0 { - err = verifyApplicationAssociationDone(applicationName, projectID, applicationsWrapper) - if err != nil { - return projectID, err - } - } - return projectID, nil } From 9d059c6772a8438b41d8a4fe8b4f4825cf10aa7c Mon Sep 17 00:00:00 2001 From: miryamfoiferCX Date: Wed, 4 Dec 2024 12:13:09 +0200 Subject: [PATCH 02/14] fix UT --- internal/commands/scan_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/commands/scan_test.go b/internal/commands/scan_test.go index c8d341feb..bbadc4d82 100644 --- a/internal/commands/scan_test.go +++ b/internal/commands/scan_test.go @@ -55,7 +55,7 @@ const ( SCSScoreCardError = "SCS scan failed to start: Scorecard scan is missing required flags, please include in the ast-cli arguments: " + "--scs-repo-url your_repo_url --scs-repo-token your_repo_token" outputFileName = "test_output.log" - noUpdatesForExistingProject = "No applicationId or tags to update. Skipping project update." + noUpdatesForExistingProject = "No tags to update. Skipping project update." ) func TestScanHelp(t *testing.T) { From 6445278f11e6f02c3c23767ba01de3609d7d6617 Mon Sep 17 00:00:00 2001 From: miryamfoiferCX Date: Wed, 4 Dec 2024 13:43:00 +0200 Subject: [PATCH 03/14] check application permissions only if create a project and not in each scan creation --- internal/commands/scan.go | 83 +++++++++++++++++------------------ internal/services/projects.go | 52 +++++++++++++++++++++- 2 files changed, 92 insertions(+), 43 deletions(-) diff --git a/internal/commands/scan.go b/internal/commands/scan.go index d5b8c29f8..72fce24e4 100644 --- a/internal/commands/scan.go +++ b/internal/commands/scan.go @@ -24,7 +24,6 @@ import ( "github.com/checkmarx/ast-cli/internal/commands/util" "github.com/checkmarx/ast-cli/internal/commands/util/printer" "github.com/checkmarx/ast-cli/internal/constants" - errorConstants "github.com/checkmarx/ast-cli/internal/constants/errors" exitCodes "github.com/checkmarx/ast-cli/internal/constants/exit-codes" "github.com/checkmarx/ast-cli/internal/logger" "github.com/checkmarx/ast-cli/internal/services" @@ -709,23 +708,23 @@ func setupScanTypeProjectAndConfig( return errors.Errorf("Project name is required") } - applicationName, _ := cmd.Flags().GetString(commonParams.ApplicationName) - - var applicationID []string - if applicationName != "" { - application, getAppErr := getApplication(applicationName, applicationsWrapper) - if getAppErr != nil { - return getAppErr - } - if application == nil { - return errors.Errorf(errorConstants.ApplicationDoesntExistOrNoPermission) - } - applicationID = []string{application.ID} - } + //applicationName, _ := cmd.Flags().GetString(commonParams.ApplicationName) + // + //var applicationID []string + //if applicationName != "" { + // application, getAppErr := getApplication(applicationName, applicationsWrapper) + // if getAppErr != nil { + // return getAppErr + // } + // if application == nil { + // return errors.Errorf(errorConstants.ApplicationDoesntExistOrNoPermission) + // } + // applicationID = []string{application.ID} + //} // We need to convert the project name into an ID projectID, findProjectErr := services.FindProject( - applicationID, + /*applicationID,*/ info["project"].(map[string]interface{})["id"].(string), cmd, projectsWrapper, @@ -799,33 +798,33 @@ func setupScanTypeProjectAndConfig( return nil } -func getApplication(applicationName string, applicationsWrapper wrappers.ApplicationsWrapper) (*wrappers.Application, error) { - if applicationName != "" { - params := make(map[string]string) - params["name"] = applicationName - resp, err := applicationsWrapper.Get(params) - if err != nil { - return nil, err - } - if resp.Applications != nil && len(resp.Applications) > 0 { - application := verifyApplicationNameExactMatch(applicationName, resp) - - return application, nil - } - } - return nil, nil -} - -func verifyApplicationNameExactMatch(applicationName string, resp *wrappers.ApplicationsResponseModel) *wrappers.Application { - var application *wrappers.Application - for i := range resp.Applications { - if resp.Applications[i].Name == applicationName { - application = &resp.Applications[i] - break - } - } - return application -} +//func getApplication(applicationName string, applicationsWrapper wrappers.ApplicationsWrapper) (*wrappers.Application, error) { +// if applicationName != "" { +// params := make(map[string]string) +// params["name"] = applicationName +// resp, err := applicationsWrapper.Get(params) +// if err != nil { +// return nil, err +// } +// if resp.Applications != nil && len(resp.Applications) > 0 { +// application := verifyApplicationNameExactMatch(applicationName, resp) +// +// return application, nil +// } +// } +// return nil, nil +//} + +//func verifyApplicationNameExactMatch(applicationName string, resp *wrappers.ApplicationsResponseModel) *wrappers.Application { +// var application *wrappers.Application +// for i := range resp.Applications { +// if resp.Applications[i].Name == applicationName { +// application = &resp.Applications[i] +// break +// } +// } +// return application +//} func getResubmitConfiguration(scansWrapper wrappers.ScansWrapper, projectID, userScanTypes string) ( []wrappers.Config, diff --git a/internal/services/projects.go b/internal/services/projects.go index f77dc1362..db8906197 100644 --- a/internal/services/projects.go +++ b/internal/services/projects.go @@ -1,6 +1,7 @@ package services import ( + errorConstants "github.com/checkmarx/ast-cli/internal/constants/errors" "slices" "strconv" "time" @@ -22,7 +23,6 @@ const ( ) func FindProject( - applicationID []string, projectName string, cmd *cobra.Command, projectsWrapper wrappers.ProjectsWrapper, @@ -54,6 +54,13 @@ func FindProject( projectGroups, _ := cmd.Flags().GetString(commonParams.ProjectGroupList) projectPrivatePackage, _ := cmd.Flags().GetString(commonParams.ProjecPrivatePackageFlag) + + applicationName, _ := cmd.Flags().GetString(commonParams.ApplicationName) + applicationID, appErr := getApplicationId(applicationName, applicationWrapper) + if appErr != nil { + return "", appErr + } + projectID, err := createProject(projectName, cmd, projectsWrapper, groupsWrapper, accessManagementWrapper, applicationWrapper, applicationID, projectGroups, projectPrivatePackage, featureFlagsWrapper) if err != nil { @@ -86,6 +93,49 @@ func GetProjectsCollectionByProjectName(projectName string, projectsWrapper wrap return resp, nil } +func getApplicationId(applicationName string, applicationsWrapper wrappers.ApplicationsWrapper) ([]string, error) { + var applicationID []string + if applicationName != "" { + application, getAppErr := getApplication(applicationName, applicationsWrapper) + if getAppErr != nil { + return nil, getAppErr + } + if application == nil { + return nil, errors.Errorf(errorConstants.ApplicationDoesntExistOrNoPermission) + } + applicationID = []string{application.ID} + } + return applicationID, nil +} + +func getApplication(applicationName string, applicationsWrapper wrappers.ApplicationsWrapper) (*wrappers.Application, error) { + if applicationName != "" { + params := make(map[string]string) + params["name"] = applicationName + resp, err := applicationsWrapper.Get(params) + if err != nil { + return nil, err + } + if resp.Applications != nil && len(resp.Applications) > 0 { + application := verifyApplicationNameExactMatch(applicationName, resp) + + return application, nil + } + } + return nil, nil +} + +func verifyApplicationNameExactMatch(applicationName string, resp *wrappers.ApplicationsResponseModel) *wrappers.Application { + var application *wrappers.Application + for i := range resp.Applications { + if resp.Applications[i].Name == applicationName { + application = &resp.Applications[i] + break + } + } + return application +} + func createProject( projectName string, cmd *cobra.Command, From ae7f6ccf57921ea0509cf7292d6fea1057a65f4e Mon Sep 17 00:00:00 2001 From: miryamfoiferCX Date: Wed, 4 Dec 2024 13:48:42 +0200 Subject: [PATCH 04/14] fix compilation issue --- internal/commands/util/import.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/commands/util/import.go b/internal/commands/util/import.go index 92dccb85e..ea1483265 100644 --- a/internal/commands/util/import.go +++ b/internal/commands/util/import.go @@ -65,7 +65,7 @@ func runImportCommand( return errors.Errorf(errorConstants.ProjectNameIsRequired) } - projectID, err := services.FindProject(nil, projectName, cmd, projectsWrapper, groupsWrapper, accessManagementWrapper, applicationsWrapper, featureFlagsWrapper) + projectID, err := services.FindProject(projectName, cmd, projectsWrapper, groupsWrapper, accessManagementWrapper, applicationsWrapper, featureFlagsWrapper) if err != nil { return err } From 3a79ac9196d8e0edd5bc4b30211f641927c95577 Mon Sep 17 00:00:00 2001 From: miryamfoiferCX Date: Wed, 4 Dec 2024 13:53:52 +0200 Subject: [PATCH 05/14] fix compilation issue - 2 --- internal/commands/project.go | 2 +- internal/services/projects.go | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/internal/commands/project.go b/internal/commands/project.go index 8afb1f6c7..5a8742ada 100644 --- a/internal/commands/project.go +++ b/internal/commands/project.go @@ -233,7 +233,7 @@ func runCreateProjectCommand( applicationName, _ := cmd.Flags().GetString(commonParams.ApplicationName) var applicationID []string if applicationName != "" { - application, getAppErr := getApplication(applicationName, applicationsWrapper) + application, getAppErr := services.GetApplication(applicationName, applicationsWrapper) if getAppErr != nil { return getAppErr } diff --git a/internal/services/projects.go b/internal/services/projects.go index db8906197..2411cb4cd 100644 --- a/internal/services/projects.go +++ b/internal/services/projects.go @@ -96,7 +96,7 @@ func GetProjectsCollectionByProjectName(projectName string, projectsWrapper wrap func getApplicationId(applicationName string, applicationsWrapper wrappers.ApplicationsWrapper) ([]string, error) { var applicationID []string if applicationName != "" { - application, getAppErr := getApplication(applicationName, applicationsWrapper) + application, getAppErr := GetApplication(applicationName, applicationsWrapper) if getAppErr != nil { return nil, getAppErr } @@ -108,7 +108,7 @@ func getApplicationId(applicationName string, applicationsWrapper wrappers.Appli return applicationID, nil } -func getApplication(applicationName string, applicationsWrapper wrappers.ApplicationsWrapper) (*wrappers.Application, error) { +func GetApplication(applicationName string, applicationsWrapper wrappers.ApplicationsWrapper) (*wrappers.Application, error) { if applicationName != "" { params := make(map[string]string) params["name"] = applicationName From 8daaef03739edaefaaf1d3924fa3f06e6fcd4492 Mon Sep 17 00:00:00 2001 From: miryamfoiferCX Date: Wed, 4 Dec 2024 13:57:06 +0200 Subject: [PATCH 06/14] Update scan.go --- internal/commands/scan.go | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/internal/commands/scan.go b/internal/commands/scan.go index 72fce24e4..1cf51212c 100644 --- a/internal/commands/scan.go +++ b/internal/commands/scan.go @@ -708,20 +708,6 @@ func setupScanTypeProjectAndConfig( return errors.Errorf("Project name is required") } - //applicationName, _ := cmd.Flags().GetString(commonParams.ApplicationName) - // - //var applicationID []string - //if applicationName != "" { - // application, getAppErr := getApplication(applicationName, applicationsWrapper) - // if getAppErr != nil { - // return getAppErr - // } - // if application == nil { - // return errors.Errorf(errorConstants.ApplicationDoesntExistOrNoPermission) - // } - // applicationID = []string{application.ID} - //} - // We need to convert the project name into an ID projectID, findProjectErr := services.FindProject( /*applicationID,*/ From c414781fce18f0643728f78197a10e48b251a313 Mon Sep 17 00:00:00 2001 From: miryamfoiferCX Date: Wed, 4 Dec 2024 13:59:19 +0200 Subject: [PATCH 07/14] Update scan.go --- internal/commands/scan.go | 28 ---------------------------- 1 file changed, 28 deletions(-) diff --git a/internal/commands/scan.go b/internal/commands/scan.go index 1cf51212c..b88842fbf 100644 --- a/internal/commands/scan.go +++ b/internal/commands/scan.go @@ -784,34 +784,6 @@ func setupScanTypeProjectAndConfig( return nil } -//func getApplication(applicationName string, applicationsWrapper wrappers.ApplicationsWrapper) (*wrappers.Application, error) { -// if applicationName != "" { -// params := make(map[string]string) -// params["name"] = applicationName -// resp, err := applicationsWrapper.Get(params) -// if err != nil { -// return nil, err -// } -// if resp.Applications != nil && len(resp.Applications) > 0 { -// application := verifyApplicationNameExactMatch(applicationName, resp) -// -// return application, nil -// } -// } -// return nil, nil -//} - -//func verifyApplicationNameExactMatch(applicationName string, resp *wrappers.ApplicationsResponseModel) *wrappers.Application { -// var application *wrappers.Application -// for i := range resp.Applications { -// if resp.Applications[i].Name == applicationName { -// application = &resp.Applications[i] -// break -// } -// } -// return application -//} - func getResubmitConfiguration(scansWrapper wrappers.ScansWrapper, projectID, userScanTypes string) ( []wrappers.Config, error, From 8eb3c3076012b252adee6e75bc333a683c25c141 Mon Sep 17 00:00:00 2001 From: miryamfoiferCX Date: Wed, 4 Dec 2024 14:08:05 +0200 Subject: [PATCH 08/14] add tests --- internal/commands/scan_test.go | 31 ++++++++++++++++++++++ internal/wrappers/mock/application-mock.go | 15 ++++++++++- internal/wrappers/mock/constants.go | 1 + test/integration/scan_test.go | 29 ++++++++++++++++++++ 4 files changed, 75 insertions(+), 1 deletion(-) diff --git a/internal/commands/scan_test.go b/internal/commands/scan_test.go index bbadc4d82..0b793ad37 100644 --- a/internal/commands/scan_test.go +++ b/internal/commands/scan_test.go @@ -411,6 +411,23 @@ func TestCreateScan_WhenProjectNotExists_ShouldCreateProjectAndAssignGroup(t *te assert.Equal(t, strings.Contains(stdoutString, "Updating project groups"), true, "Expected output: %s", "Updating project groups") } +func TestCreateScan_WhenProjectNotExists_ShouldCreateProjectAndAssociateApplication(t *testing.T) { + file := createOutputFile(t, outputFileName) + defer deleteOutputFile(file) + defer logger.SetOutput(os.Stdout) + + baseArgs := []string{"scan", "create", "--project-name", "newProject", "-s", ".", "--branch", "main", "--application-name", mock.ExistingApplication, "--debug"} + execCmdNilAssertion( + t, + baseArgs..., + ) + stdoutString, err := util.ReadFileAsString(file.Name()) + if err != nil { + t.Fatalf("Failed to read log file: %v", err) + } + assert.Equal(t, strings.Contains(stdoutString, "application association done successfully"), true, "Expected output: %s", "application association done successfully") +} + func TestScanWorkflowMissingID(t *testing.T) { err := execCmdNotNilAssertion(t, "scan", "workflow") assert.Error(t, err, "Please provide a scan ID", err.Error()) @@ -624,6 +641,20 @@ func TestCreateScan_WhenProjectExists_ShouldIgnoreGroups(t *testing.T) { } assert.Equal(t, strings.Contains(stdoutString, noUpdatesForExistingProject), true, "Expected output: %s", noUpdatesForExistingProject) } + +func TestCreateScan_WhenProjectExists_ShouldIgnoreApplication(t *testing.T) { + file := createOutputFile(t, outputFileName) + defer deleteOutputFile(file) + defer logger.SetOutput(os.Stdout) + baseArgs := []string{scanCommand, "create", "--project-name", "MOCK", "-s", dummyRepo, "-b", "dummy_branch", + "--debug", "--application-name", "anyApplication"} + execCmdNilAssertion(t, baseArgs...) + stdoutString, err := util.ReadFileAsString(file.Name()) + if err != nil { + t.Fatalf("Failed to read log file: %v", err) + } + assert.Equal(t, strings.Contains(stdoutString, noUpdatesForExistingProject), true, "Expected output: %s", noUpdatesForExistingProject) +} func TestScanCreateLastSastScanTimeWithInvalidValue(t *testing.T) { baseArgs := []string{"scan", "create", "--project-name", "MOCK", "-s", dummyRepo, "-b", "dummy_branch", "--sca-exploitable-path", "true", "--sca-last-sast-scan-time", "notaniteger"} err := execCmdNotNilAssertion(t, baseArgs...) diff --git a/internal/wrappers/mock/application-mock.go b/internal/wrappers/mock/application-mock.go index d7d83df9b..fdb9e01a9 100644 --- a/internal/wrappers/mock/application-mock.go +++ b/internal/wrappers/mock/application-mock.go @@ -28,14 +28,27 @@ func (a ApplicationsMockWrapper) Get(params map[string]string) (*wrappers.Applic Name: "MOCK", Description: "This is a mock application", Criticality: 2, - ProjectIds: []string{"ProjectID1", "ProjectID2", "MOCK", "test_project", "ID-new-project-name"}, + ProjectIds: []string{"ProjectID1", "ProjectID2", "MOCK", "test_project", "ID-new-project-name", "ID-newProject"}, CreatedAt: time.Now(), } + if params["name"] == ExistingApplication { + mockApplication.Name = ExistingApplication + mockApplication.ID = "ID-newProject" + return &wrappers.ApplicationsResponseModel{ + TotalCount: 1, + Applications: []wrappers.Application{mockApplication}, + }, nil + } response := &wrappers.ApplicationsResponseModel{ TotalCount: 1, Applications: []wrappers.Application{mockApplication}, } + if params["name"] == "anyApplication" { + response.TotalCount = 0 + response.Applications = []wrappers.Application{} + } + return response, nil } diff --git a/internal/wrappers/mock/constants.go b/internal/wrappers/mock/constants.go index 39b4b9984..37ae46493 100644 --- a/internal/wrappers/mock/constants.go +++ b/internal/wrappers/mock/constants.go @@ -2,6 +2,7 @@ package mock const ( ApplicationDoesntExist = "application-doesnt-exist" + ExistingApplication = "application-exists" NoPermissionApp = "NoPermissionApp" FakeBadRequest400 = "fake-http-status-bad-request" FakeUnauthorized401 = "fake-unauthorized-response" diff --git a/test/integration/scan_test.go b/test/integration/scan_test.go index 99cfa416f..623130d3a 100644 --- a/test/integration/scan_test.go +++ b/test/integration/scan_test.go @@ -1578,6 +1578,35 @@ func TestScanCreate_WhenProjectExists_ShouldNotUpdateGroups(t *testing.T) { t.Errorf("When project exists, groups before and after scan creation should be equal. Got %v, want %v", groupsAfterScanCreate, groupsBeforeScanCreate) } +} + +func TestScanCreate_WhenProjectExists_ShouldNotUpdateApplication(t *testing.T) { + projectID, projectName := getRootProject(t) + project := showProject(t, projectID) + applicationsBeforeScanCreate := project.ApplicationIds + + args := []string{ + scanCommand, "create", + flag(params.ProjectName), projectName, + flag(params.SourcesFlag), Zip, + flag(params.ScanTypes), "sast", + flag(params.PresetName), "Checkmarx Default", + flag(params.BranchFlag), "dummy_branch", + flag(params.ApplicationName), "wrong_application", + "--async", + } + + err, _ := executeCommand(t, args...) + if err != nil { + assertError(t, err, "running a scan should pass") + } + + project = showProject(t, projectID) + applicationsAfterScanCreate := project.ApplicationIds + if !reflect.DeepEqual(applicationsBeforeScanCreate, applicationsAfterScanCreate) { + t.Errorf("When project exists, applications before and after scan creation should be equal. Got %v, want %v", applicationsAfterScanCreate, applicationsBeforeScanCreate) + } + } func TestScanCreateExploitablePath(t *testing.T) { _, projectName := getRootProject(t) From aa1e57f71a98cb54becb2294eebb8f3df9eb2c42 Mon Sep 17 00:00:00 2001 From: miryamfoiferCX Date: Wed, 4 Dec 2024 14:43:51 +0200 Subject: [PATCH 09/14] fix UT - no error model can be sent as we don't have validation on it (removed checking groups and applications) --- internal/services/projects_test.go | 17 ----------------- 1 file changed, 17 deletions(-) diff --git a/internal/services/projects_test.go b/internal/services/projects_test.go index 00235b3fd..0fc0a77ba 100644 --- a/internal/services/projects_test.go +++ b/internal/services/projects_test.go @@ -60,7 +60,6 @@ func TestFindProject(t *testing.T) { ttt := tt t.Run(tt.name, func(t *testing.T) { got, err := FindProject( - ttt.args.applicationID, ttt.args.projectName, ttt.args.cmd, ttt.args.projectsWrapper, @@ -240,19 +239,6 @@ func Test_updateProject(t *testing.T) { projectPrivatePackage: "true", featureFlagsWrapper: &mock.FeatureFlagsMockWrapper{}, }, want: "ID-project-name", wantErr: false}, - {name: "When called with mock fake error model return fake error from project create", args: args{ - projectName: "mock-some-error-model", - resp: &wrappers.ProjectsCollectionResponseModel{ - Projects: []wrappers.ProjectResponseModel{ - {ID: "ID-mock-some-error-model", Name: "mock-some-error-model"}}, - }, - cmd: &cobra.Command{}, - projectsWrapper: &mock.ProjectsMockWrapper{}, - groupsWrapper: &mock.GroupsMockWrapper{}, - accessManagementWrapper: &mock.AccessManagementMockWrapper{}, - applicationID: []string{"1"}, - featureFlagsWrapper: &mock.FeatureFlagsMockWrapper{}, - }, want: "", wantErr: true}, } for _, tt := range tests { ttt := tt @@ -261,11 +247,8 @@ func Test_updateProject(t *testing.T) { ttt.args.resp, ttt.args.cmd, ttt.args.projectsWrapper, - ttt.args.groupsWrapper, ttt.args.accessManagementWrapper, - ttt.args.applicationsWrapper, ttt.args.projectName, - ttt.args.applicationID, ttt.args.projectTags, ttt.args.projectPrivatePackage, ttt.args.featureFlagsWrapper) From 5a0a21d5c6c50efc2eea27d08d11fb474eb74944 Mon Sep 17 00:00:00 2001 From: miryamfoiferCX Date: Thu, 5 Dec 2024 08:47:31 +0200 Subject: [PATCH 10/14] fix linter & UT --- internal/commands/scan_test.go | 20 +++++--------------- internal/services/projects.go | 6 +++--- 2 files changed, 8 insertions(+), 18 deletions(-) diff --git a/internal/commands/scan_test.go b/internal/commands/scan_test.go index 0b793ad37..514e1444d 100644 --- a/internal/commands/scan_test.go +++ b/internal/commands/scan_test.go @@ -193,18 +193,13 @@ func TestCreateScanWithThreshold_ShouldSuccess(t *testing.T) { execCmdNilAssertion(t, "scan", "create", "--project-name", "MOCK", "-s", dummyRepo, "-b", "dummy_branch", "--scan-types", "sast", "--threshold", "sca-low=1 ; sast-medium=2") } -func TestScanCreate_ExistingApplicationAndProject_CreateProjectUnderApplicationSuccessfully(t *testing.T) { - execCmdNilAssertion(t, "scan", "create", "--project-name", "MOCK", "--application-name", "MOCK", "-s", dummyRepo, "-b", "dummy_branch") -} - func TestScanCreate_ApplicationNameIsNotExactMatch_FailedToCreateScan(t *testing.T) { - err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "MOCK", "--application-name", "MOC", "-s", dummyRepo, "-b", "dummy_branch") + err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "non-existing-project", "--application-name", "MOC", "-s", dummyRepo, "-b", "dummy_branch") assert.Assert(t, err.Error() == errorConstants.ApplicationDoesntExistOrNoPermission) } -func TestScanCreate_ExistingProjectAndApplicationWithNoPermission_FailedToCreateScan(t *testing.T) { - err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "MOCK", "--application-name", mock.ApplicationDoesntExist, "-s", dummyRepo, "-b", "dummy_branch") - assert.Assert(t, err.Error() == errorConstants.ApplicationDoesntExistOrNoPermission) +func TestScanCreate_ExistingProjectAndApplicationWithNoPermission_ShouldCreateScan(t *testing.T) { + execCmdNilAssertion(t, "scan", "create", "--project-name", "MOCK", "--application-name", mock.ApplicationDoesntExist, "-s", dummyRepo, "-b", "dummy_branch") } func TestScanCreate_ExistingApplicationWithNoPermission_FailedToCreateScan(t *testing.T) { @@ -213,20 +208,15 @@ func TestScanCreate_ExistingApplicationWithNoPermission_FailedToCreateScan(t *te } func TestScanCreate_OnReceivingHttpBadRequestStatusCode_FailedToCreateScan(t *testing.T) { - err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "MOCK", "--application-name", mock.FakeBadRequest400, "-s", dummyRepo, "-b", "dummy_branch") + err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "non-existing-project", "--application-name", mock.FakeBadRequest400, "-s", dummyRepo, "-b", "dummy_branch") assert.Assert(t, err.Error() == errorConstants.FailedToGetApplication) } func TestScanCreate_OnReceivingHttpInternalServerErrorStatusCode_FailedToCreateScan(t *testing.T) { - err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "MOCK", "--application-name", mock.FakeInternalServerError500, "-s", dummyRepo, "-b", "dummy_branch") + err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "non-existing-project", "--application-name", mock.FakeInternalServerError500, "-s", dummyRepo, "-b", "dummy_branch") assert.Assert(t, err.Error() == errorConstants.FailedToGetApplication) } -func TestCreateScanInsideApplicationProjectExistNoPermissions(t *testing.T) { - err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "MOCK", "--application-name", mock.NoPermissionApp, "-s", dummyRepo, "-b", "dummy_branch") - assert.Assert(t, err.Error() == errorConstants.ApplicationDoesntExistOrNoPermission) -} - func TestCreateScanSourceDirectory(t *testing.T) { baseArgs := []string{"scan", "create", "--project-name", "MOCK", "-b", "dummy_branch"} execCmdNilAssertion(t, append(baseArgs, "-s", "data", "--file-filter", "!.java")...) diff --git a/internal/services/projects.go b/internal/services/projects.go index 2411cb4cd..2637e7376 100644 --- a/internal/services/projects.go +++ b/internal/services/projects.go @@ -1,11 +1,11 @@ package services import ( - errorConstants "github.com/checkmarx/ast-cli/internal/constants/errors" "slices" "strconv" "time" + errorConstants "github.com/checkmarx/ast-cli/internal/constants/errors" "github.com/checkmarx/ast-cli/internal/logger" commonParams "github.com/checkmarx/ast-cli/internal/params" "github.com/checkmarx/ast-cli/internal/wrappers" @@ -56,7 +56,7 @@ func FindProject( projectPrivatePackage, _ := cmd.Flags().GetString(commonParams.ProjecPrivatePackageFlag) applicationName, _ := cmd.Flags().GetString(commonParams.ApplicationName) - applicationID, appErr := getApplicationId(applicationName, applicationWrapper) + applicationID, appErr := getApplicationID(applicationName, applicationWrapper) if appErr != nil { return "", appErr } @@ -93,7 +93,7 @@ func GetProjectsCollectionByProjectName(projectName string, projectsWrapper wrap return resp, nil } -func getApplicationId(applicationName string, applicationsWrapper wrappers.ApplicationsWrapper) ([]string, error) { +func getApplicationID(applicationName string, applicationsWrapper wrappers.ApplicationsWrapper) ([]string, error) { var applicationID []string if applicationName != "" { application, getAppErr := GetApplication(applicationName, applicationsWrapper) From 1eb7df22e575c4840b220f41903691b883d3f83f Mon Sep 17 00:00:00 2001 From: miryamfoiferCX Date: Thu, 5 Dec 2024 08:49:32 +0200 Subject: [PATCH 11/14] Update scan.go --- internal/commands/scan.go | 1 - 1 file changed, 1 deletion(-) diff --git a/internal/commands/scan.go b/internal/commands/scan.go index b88842fbf..ce31348b9 100644 --- a/internal/commands/scan.go +++ b/internal/commands/scan.go @@ -710,7 +710,6 @@ func setupScanTypeProjectAndConfig( // We need to convert the project name into an ID projectID, findProjectErr := services.FindProject( - /*applicationID,*/ info["project"].(map[string]interface{})["id"].(string), cmd, projectsWrapper, From 16faf599ff368ebfb281e64883db6ce3541f5dc7 Mon Sep 17 00:00:00 2001 From: miryamfoiferCX Date: Thu, 5 Dec 2024 09:02:44 +0200 Subject: [PATCH 12/14] move code to applications.go service --- internal/services/applications.go | 50 ++++++++++++++++++++++++++++++- internal/services/projects.go | 44 --------------------------- 2 files changed, 49 insertions(+), 45 deletions(-) diff --git a/internal/services/applications.go b/internal/services/applications.go index 586fe9c60..744e89670 100644 --- a/internal/services/applications.go +++ b/internal/services/applications.go @@ -1,6 +1,11 @@ package services -import "github.com/checkmarx/ast-cli/internal/wrappers/utils" +import ( + errorConstants "github.com/checkmarx/ast-cli/internal/constants/errors" + "github.com/checkmarx/ast-cli/internal/wrappers" + "github.com/checkmarx/ast-cli/internal/wrappers/utils" + "github.com/pkg/errors" +) func createApplicationIds(applicationID, existingApplicationIds []string) []string { for _, id := range applicationID { @@ -10,3 +15,46 @@ func createApplicationIds(applicationID, existingApplicationIds []string) []stri } return existingApplicationIds } + +func getApplicationID(applicationName string, applicationsWrapper wrappers.ApplicationsWrapper) ([]string, error) { + var applicationID []string + if applicationName != "" { + application, getAppErr := GetApplication(applicationName, applicationsWrapper) + if getAppErr != nil { + return nil, getAppErr + } + if application == nil { + return nil, errors.Errorf(errorConstants.ApplicationDoesntExistOrNoPermission) + } + applicationID = []string{application.ID} + } + return applicationID, nil +} + +func GetApplication(applicationName string, applicationsWrapper wrappers.ApplicationsWrapper) (*wrappers.Application, error) { + if applicationName != "" { + params := make(map[string]string) + params["name"] = applicationName + resp, err := applicationsWrapper.Get(params) + if err != nil { + return nil, err + } + if resp.Applications != nil && len(resp.Applications) > 0 { + application := verifyApplicationNameExactMatch(applicationName, resp) + + return application, nil + } + } + return nil, nil +} + +func verifyApplicationNameExactMatch(applicationName string, resp *wrappers.ApplicationsResponseModel) *wrappers.Application { + var application *wrappers.Application + for i := range resp.Applications { + if resp.Applications[i].Name == applicationName { + application = &resp.Applications[i] + break + } + } + return application +} diff --git a/internal/services/projects.go b/internal/services/projects.go index 2637e7376..c5fd9084a 100644 --- a/internal/services/projects.go +++ b/internal/services/projects.go @@ -5,7 +5,6 @@ import ( "strconv" "time" - errorConstants "github.com/checkmarx/ast-cli/internal/constants/errors" "github.com/checkmarx/ast-cli/internal/logger" commonParams "github.com/checkmarx/ast-cli/internal/params" "github.com/checkmarx/ast-cli/internal/wrappers" @@ -93,49 +92,6 @@ func GetProjectsCollectionByProjectName(projectName string, projectsWrapper wrap return resp, nil } -func getApplicationID(applicationName string, applicationsWrapper wrappers.ApplicationsWrapper) ([]string, error) { - var applicationID []string - if applicationName != "" { - application, getAppErr := GetApplication(applicationName, applicationsWrapper) - if getAppErr != nil { - return nil, getAppErr - } - if application == nil { - return nil, errors.Errorf(errorConstants.ApplicationDoesntExistOrNoPermission) - } - applicationID = []string{application.ID} - } - return applicationID, nil -} - -func GetApplication(applicationName string, applicationsWrapper wrappers.ApplicationsWrapper) (*wrappers.Application, error) { - if applicationName != "" { - params := make(map[string]string) - params["name"] = applicationName - resp, err := applicationsWrapper.Get(params) - if err != nil { - return nil, err - } - if resp.Applications != nil && len(resp.Applications) > 0 { - application := verifyApplicationNameExactMatch(applicationName, resp) - - return application, nil - } - } - return nil, nil -} - -func verifyApplicationNameExactMatch(applicationName string, resp *wrappers.ApplicationsResponseModel) *wrappers.Application { - var application *wrappers.Application - for i := range resp.Applications { - if resp.Applications[i].Name == applicationName { - application = &resp.Applications[i] - break - } - } - return application -} - func createProject( projectName string, cmd *cobra.Command, From c19a9872f1b5a93b600c42de43d126836f37eca9 Mon Sep 17 00:00:00 2001 From: miryamfoiferCX Date: Thu, 5 Dec 2024 09:08:17 +0200 Subject: [PATCH 13/14] fix for linter --- internal/commands/scan_test.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/internal/commands/scan_test.go b/internal/commands/scan_test.go index 514e1444d..39d9a6444 100644 --- a/internal/commands/scan_test.go +++ b/internal/commands/scan_test.go @@ -213,7 +213,8 @@ func TestScanCreate_OnReceivingHttpBadRequestStatusCode_FailedToCreateScan(t *te } func TestScanCreate_OnReceivingHttpInternalServerErrorStatusCode_FailedToCreateScan(t *testing.T) { - err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "non-existing-project", "--application-name", mock.FakeInternalServerError500, "-s", dummyRepo, "-b", "dummy_branch") + err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "non-existing-project", + "--application-name", mock.FakeInternalServerError500, "-s", dummyRepo, "-b", "dummy_branch") assert.Assert(t, err.Error() == errorConstants.FailedToGetApplication) } From cfde4266f1b0e99c0e39f72922c316e15b0ee3e7 Mon Sep 17 00:00:00 2001 From: miryamfoiferCX Date: Thu, 5 Dec 2024 10:13:27 +0200 Subject: [PATCH 14/14] fix for integration test --- test/integration/scan_test.go | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/test/integration/scan_test.go b/test/integration/scan_test.go index 623130d3a..d2a4e38bd 100644 --- a/test/integration/scan_test.go +++ b/test/integration/scan_test.go @@ -347,15 +347,14 @@ func TestScanCreate_ExistingApplicationAndNotExistingProject_CreatingNewProjectA assert.Assert(t, projectID != "", "Project ID should not be empty") } -func TestScanCreate_ApplicationDoesntExist_FailScanWithError(t *testing.T) { +func TestScanCreate_WithNewProjectAndApplicationDoesntExist_ShouldFailScanWithError(t *testing.T) { args := []string{ "scan", "create", flag(params.ApplicationName), "application-that-doesnt-exist", - flag(params.ProjectName), getProjectNameForScanTests(), + flag(params.ProjectName), "newProject", flag(params.SourcesFlag), ".", flag(params.ScanTypes), params.IacType, flag(params.BranchFlag), "dummy_branch", - flag(params.DebugFlag), } err, _ := executeCommand(t, args...)