Skip to content

Commit

Permalink
Merge pull request #933 from Checkmarx/bug/miryamFoifer/ignoreGroupsW…
Browse files Browse the repository at this point in the history
…henProjectExists

Do Not Update An Existing Project With  A New Group (AST-70718)
  • Loading branch information
miryamfoiferCX authored Nov 13, 2024
2 parents d8e3069 + 27a5be5 commit f55f4ff
Show file tree
Hide file tree
Showing 4 changed files with 69 additions and 32 deletions.
57 changes: 51 additions & 6 deletions internal/commands/scan_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,10 @@ import (
"strings"
"testing"

"github.com/checkmarx/ast-cli/internal/commands/util"
errorConstants "github.com/checkmarx/ast-cli/internal/constants/errors"
exitCodes "github.com/checkmarx/ast-cli/internal/constants/exit-codes"
"github.com/checkmarx/ast-cli/internal/logger"
commonParams "github.com/checkmarx/ast-cli/internal/params"
"github.com/checkmarx/ast-cli/internal/wrappers"
"github.com/checkmarx/ast-cli/internal/wrappers/mock"
Expand Down Expand Up @@ -52,6 +54,8 @@ const (
InvalidEngineMessage = "Please verify if engine is installed"
SCSScoreCardError = "SCS scan failed to start: Scorecard scan is missing required flags, please include in the ast-cli arguments: " +
"--scs-repo-url your_repo_url --scs-repo-token your_repo_token"
outputFileName = "test_output.log"
noUpdatesForExistingProject = "No applicationId or tags to update. Skipping project update."
)

func TestScanHelp(t *testing.T) {
Expand Down Expand Up @@ -382,14 +386,31 @@ func TestCreateScanBranches(t *testing.T) {
execCmdNilAssertion(t, "scan", "create", "--project-name", "MOCK", "-s", dummyRepo, "-b", "branch_defined")
}

func TestCreateScanWithProjectGroup(t *testing.T) {
func TestCreateScan_WhenProjectNotExistsAndInvalidGroup_ShouldFail(t *testing.T) {
err := execCmdNotNilAssertion(
t,
"scan", "create", "--project-name", "invalidGroup", "-s", ".", "--branch", "main", "--project-groups", "invalidGroup",
"scan", "create", "--project-name", "newProject", "-s", ".", "--branch", "main", "--project-groups", "invalidGroup",
)
assert.Assert(t, err.Error() == "Failed updating a project: Failed finding groups: [invalidGroup]", "\n the received error is:", err.Error())
}

func TestCreateScan_WhenProjectNotExists_ShouldCreateProjectAndAssignGroup(t *testing.T) {
file := createOutputFile(t, outputFileName)
defer deleteOutputFile(file)
defer logger.SetOutput(os.Stdout)

baseArgs := []string{"scan", "create", "--project-name", "newProject", "-s", ".", "--branch", "main", "--project-groups", "existsGroup1", "--debug"}
execCmdNilAssertion(
t,
baseArgs...,
)
stdoutString, err := util.ReadFileAsString(file.Name())
if err != nil {
t.Fatalf("Failed to read log file: %v", err)
}
assert.Equal(t, strings.Contains(stdoutString, "Updating project groups"), true, "Expected output: %s", "Updating project groups")
}

func TestScanWorkflowMissingID(t *testing.T) {
err := execCmdNotNilAssertion(t, "scan", "workflow")
assert.Error(t, err, "Please provide a scan ID", err.Error())
Expand Down Expand Up @@ -590,11 +611,18 @@ func TestCreateScanProjectTags(t *testing.T) {
"--project-tags", "test", "--debug")
}

func TestCreateScanProjecGroupsError(t *testing.T) {
func TestCreateScan_WhenProjectExists_ShouldIgnoreGroups(t *testing.T) {
file := createOutputFile(t, outputFileName)
defer deleteOutputFile(file)
defer logger.SetOutput(os.Stdout)
baseArgs := []string{scanCommand, "create", "--project-name", "MOCK", "-s", dummyRepo, "-b", "dummy_branch",
"--debug", "--project-groups", "err"}
err := execCmdNotNilAssertion(t, baseArgs...)
assert.Error(t, err, "Failed updating a project: Failed finding groups: [err]", err.Error())
"--debug", "--project-groups", "anyProjectGroup"}
execCmdNilAssertion(t, baseArgs...)
stdoutString, err := util.ReadFileAsString(file.Name())
if err != nil {
t.Fatalf("Failed to read log file: %v", err)
}
assert.Equal(t, strings.Contains(stdoutString, noUpdatesForExistingProject), true, "Expected output: %s", noUpdatesForExistingProject)
}
func TestScanCreateLastSastScanTimeWithInvalidValue(t *testing.T) {
baseArgs := []string{"scan", "create", "--project-name", "MOCK", "-s", dummyRepo, "-b", "dummy_branch", "--sca-exploitable-path", "true", "--sca-last-sast-scan-time", "notaniteger"}
Expand Down Expand Up @@ -1275,3 +1303,20 @@ func TestFilterMatched(t *testing.T) {
})
}
}

func createOutputFile(t *testing.T, fileName string) *os.File {
file, err := os.Create(fileName)
if err != nil {
t.Fatalf("Failed to create log file: %v", err)
}
logger.SetOutput(file)
return file
}

func deleteOutputFile(file *os.File) {
file.Close()
err := os.Remove(file.Name())
if err != nil {
logger.Printf("Failed to remove log file: %v", err)
}
}
24 changes: 2 additions & 22 deletions internal/services/projects.go
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,6 @@ func FindProject(

for i := 0; i < len(resp.Projects); i++ {
if resp.Projects[i].Name == projectName {
projectGroups, _ := cmd.Flags().GetString(commonParams.ProjectGroupList)
projectTags, _ := cmd.Flags().GetString(commonParams.ProjectTagList)
projectPrivatePackage, _ := cmd.Flags().GetString(commonParams.ProjecPrivatePackageFlag)
return updateProject(
Expand All @@ -50,7 +49,6 @@ func FindProject(
applicationWrapper,
projectName,
applicationID,
projectGroups,
projectTags,
projectPrivatePackage,
featureFlagsWrapper)
Expand Down Expand Up @@ -185,7 +183,6 @@ func updateProject(
applicationsWrapper wrappers.ApplicationsWrapper,
projectName string,
applicationID []string,
projectGroups string,
projectTags string,
projectPrivatePackage string,
featureFlagsWrapper wrappers.FeatureFlagsWrapper,
Expand All @@ -205,8 +202,8 @@ func updateProject(
projModel.RepoURL = resp.Projects[i].RepoURL
}
}
if projectGroups == "" && projectTags == "" && projectPrivatePackage == "" && len(applicationID) == 0 {
logger.PrintIfVerbose("No groups, applicationId or tags to update. Skipping project update.")
if projectTags == "" && projectPrivatePackage == "" && len(applicationID) == 0 {
logger.PrintIfVerbose("No applicationId or tags to update. Skipping project update.")
return projectID, nil
}
if projectPrivatePackage != "" {
Expand Down Expand Up @@ -245,26 +242,9 @@ func updateProject(
}
}

if projectGroups != "" {
err = UpsertProjectGroupsByUpdateFlow(groupsWrapper, &projModel, projectsWrapper, accessManagementWrapper, projModelResp, projectGroups, projectID, projectName, featureFlagsWrapper)
if err != nil {
return projectID, err
}
}
return projectID, nil
}

func UpsertProjectGroupsByUpdateFlow(groupsWrapper wrappers.GroupsWrapper, projModel *wrappers.Project, projectsWrapper wrappers.ProjectsWrapper,
accessManagementWrapper wrappers.AccessManagementWrapper, projModelResp *wrappers.ProjectResponseModel,
projectGroups string, projectID string, projectName string, featureFlagsWrapper wrappers.FeatureFlagsWrapper) error {
groupsMap, groups, groupErr := GetGroupMap(groupsWrapper, projectGroups, projModelResp, featureFlagsWrapper)
if groupErr != nil {
return groupErr
}
projModel.Groups = groups
return UpsertProjectGroups(projModel, projectsWrapper, accessManagementWrapper, projectID, projectName, featureFlagsWrapper, groupsMap)
}

func UpsertProjectGroups(projModel *wrappers.Project, projectsWrapper wrappers.ProjectsWrapper,
accessManagementWrapper wrappers.AccessManagementWrapper, projectID string, projectName string,
featureFlagsWrapper wrappers.FeatureFlagsWrapper, groupsMap []*wrappers.Group) error {
Expand Down
1 change: 0 additions & 1 deletion internal/services/projects_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -266,7 +266,6 @@ func Test_updateProject(t *testing.T) {
ttt.args.applicationsWrapper,
ttt.args.projectName,
ttt.args.applicationID,
ttt.args.projectGroups,
ttt.args.projectTags,
ttt.args.projectPrivatePackage,
ttt.args.featureFlagsWrapper)
Expand Down
19 changes: 16 additions & 3 deletions test/integration/scan_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ import (
"log"
"os"
"path/filepath"
"reflect"
"runtime"
"strings"
"testing"
Expand Down Expand Up @@ -1550,8 +1551,10 @@ func TestScanGeneratingPdfReportWithPdfOptions(t *testing.T) {
//
//}

func TestScanCreateUsingWrongProjectGroups(t *testing.T) {
_, projectName := getRootProject(t)
func TestScanCreate_WhenProjectExists_ShouldNotUpdateGroups(t *testing.T) {
projectID, projectName := getRootProject(t)
project := showProject(t, projectID)
groupsBeforeScanCreate := project.Groups

args := []string{
scanCommand, "create",
Expand All @@ -1561,10 +1564,20 @@ func TestScanCreateUsingWrongProjectGroups(t *testing.T) {
flag(params.PresetName), "Checkmarx Default",
flag(params.BranchFlag), "dummy_branch",
flag(params.ProjectGroupList), "wrong_group",
"--async",
}

err, _ := executeCommand(t, args...)
assertError(t, err, "Failed finding groups")
if err != nil {
assertError(t, err, "running a scan should pass")
}

project = showProject(t, projectID)
groupsAfterScanCreate := project.Groups
if !reflect.DeepEqual(groupsBeforeScanCreate, groupsAfterScanCreate) {
t.Errorf("When project exists, groups before and after scan creation should be equal. Got %v, want %v", groupsAfterScanCreate, groupsBeforeScanCreate)
}

}
func TestScanCreateExploitablePath(t *testing.T) {
_, projectName := getRootProject(t)
Expand Down

0 comments on commit f55f4ff

Please sign in to comment.