NEW @W-16360876@ Implemented describeRules() functionality for FlowTest

[jfeingold35]

This PR does the following:

• Deletes a bunch of files from the locally stored FlowTest folder that never should have been committed in the first place.
• Updates several files within the locally stored FlowTest folder to provide the new API for rule description.
• Utilizes that API to get descriptions for the FlowTest queries, and converts those into the CodeAnalyzer house style.

[jfeingold35]

The query_name field has spaces in it, and the query_id field has periods in it. So I chose to use the one with spaces in it for now. We can have a discussion about what postprocessing might be needed to bring the names more into line with our best practices.

[jfeingold35]

The sorting is necessary because the output printed to stdout isn't sorted at this time. Robert intends to update it with sorting, and when he does I will change it here too.

[stephen-carter-at-sf]

I see that code coverage for this flowtest package is no longer 100% like all other packages

 code-analyzer-flowtest-engine/src        |     100 |      100 |     100 |     100 |                   
  config.ts                               |     100 |      100 |     100 |     100 |                   
  engine.ts                               |     100 |      100 |     100 |     100 |                   
  messages.ts                             |     100 |      100 |     100 |     100 |                   
  plugin.ts                               |     100 |      100 |     100 |     100 |                   
 code-analyzer-flowtest-engine/src/python |   90.56 |    44.44 |   77.77 |   92.15 |                   
  FlowTestCommandWrapper.ts               |     100 |      100 |     100 |     100 |                   
  PythonCommandExecutor.ts                |   78.26 |    28.57 |      70 |   80.95 | 35-45             
  PythonVersionIdentifier.ts              |     100 |      100 |      80 |     100 |                     

If possible, can we either add in code coverage for anything to be submitted or add in the ignore comments where code coverage isn't easily able to be covered?

Or will these be hit when the run method is implemented?

[stephen-carter-at-sf]

Improved: Now I see

------------------------------------------|---------|----------|---------|---------|-------------------
File                                      | % Stmts | % Branch | % Funcs | % Lines | Uncovered Line #s 
------------------------------------------|---------|----------|---------|---------|-------------------
  PythonVersionIdentifier.ts              |     100 |      100 |      80 |     100 |           

Maybe there is 1 function that isn't fully hit.

[stephen-carter-at-sf]

The describe command should be looking at the workspace if it is provided to see if the workspace even contains relevant files (in this case, flow based xml files). If there is a workspace and there are no relevant files, then no rules should be returned. That is, we shouldn't be doing any work if there are no flow files in the workspace.

[jfeingold35]

It looks like the extensions the FlowTest tool looks for are .flow-meta.xml and .flow. So I'll make the plugin look for those too.

[stephen-carter-at-sf]

Nitpick: Can these private methods instead be functions?

Also maybe call this function toRuleDescription(flowTestRule: FlowTestRuleDiscriptor) and then simply make your line 29 to be

const ruleDescriptions: RuleDescription[] = flowTestRules.map(toRuleDescription);

[stephen-carter-at-sf]

Since it is now a function (and not tied to a class instance), I believe you could have also just done flowTestRules.map(toRuleDescription)

[stephen-carter-at-sf]

It looks like in the catalog.goldfile.json that an example query_name is Flow: SystemModeWithSharing recordUpdates data and here it looks like we are using this as the rule name. This does not seem good to me.

Robert closed the Enhancement Request for rules having shorter names (see https://git.soma.salesforce.com/SecurityTools/FlowSecurityLinter/issues/39) ... but it looks like he maintained spaces and colons in the names. For example I see

query_name = f"Flow Security: User access to {elem_type} {check_labels_val} in mode {run_mode}"
got turned into

query_name = f"Flow: {run_mode} {elem_type} {check_labels_val}"

which is still too long.

So either we need to go back to him and make these names even shorter without spaces and colons, or we'll need to create a mapping on our end (either fixed or dynamic).

For example on our end we could probably just remove the prefix "Flow: " and then convert all spaces to dashes for now or something. So instead of
Flow: SystemModeWithSharing recordUpdates data maybe the name could for now just be SystemModeWithSharing-recordUpdates-data

But I created https://git.soma.salesforce.com/SecurityTools/FlowSecurityLinter/issues/47 to ask that we may receive better names.

[stephen-carter-at-sf]

This seems relevant to possible user debugging... so maybe make this to LogLevel.Debug instead of LogLevel.Fine.