rebase from main

Author: cx-anjali-deore

.github/workflows/ci.yml

@@ -45,6 +45,10 @@ jobs:
         run: go build -o ./bin/cx ./cmd
       - name: Install gocovmerge
         run: go install github.com/wadey/gocovmerge@latest
+      - name: Install pre-commit
+        run: |
+         pip install pre-commit
+         pre-commit install
       - name: Go Integration test
         shell: bash
         env:

cmd/main.go

@@ -27,7 +27,8 @@ func main() {
 	var err error
 	bindProxy()
 	bindKeysToEnvAndDefault()
-	configuration.LoadConfiguration()
+	err = configuration.LoadConfiguration()
+	exitIfError(err)
 	scans := viper.GetString(params.ScansPathKey)
 	groups := viper.GetString(params.GroupsPathKey)
 	logs := viper.GetString(params.LogsPathKey)
@@ -85,7 +86,7 @@ func main() {
 	scaRealTimeWrapper := wrappers.NewHTTPScaRealTimeWrapper()
 	chatWrapper := wrappers.NewChatWrapper()
 	featureFlagsWrapper := wrappers.NewFeatureFlagsHTTPWrapper(featureFlagsPath)
-	policyWrapper := wrappers.NewHTTPPolicyWrapper(policyEvaluationPath)
+	policyWrapper := wrappers.NewHTTPPolicyWrapper(policyEvaluationPath, featureFlagsWrapper)
 	sastMetadataWrapper := wrappers.NewSastIncrementalHTTPWrapper(sastMetadataPath)
 	accessManagementWrapper := wrappers.NewAccessManagementHTTPWrapper(accessManagementPath)
 	byorWrapper := wrappers.NewByorHTTPWrapper(byorPath)

internal/commands/policymanagement/policy.go

@@ -110,12 +110,11 @@ func isPolicyEvaluated(
 			log.Println("Policy status: ", policyResponseModel.Status)
 			return false, nil, nil
 		}
-	}
-	// Case the policy is evaluated or None
-	logger.PrintIfVerbose("Policy evaluation finished with status: " + policyResponseModel.Status)
-	if policyResponseModel.Status == completedPolicy || policyResponseModel.Status == nonePolicy {
-		logger.PrintIfVerbose("Policy status: " + policyResponseModel.Status)
-		return true, policyResponseModel, nil
+		logger.PrintIfVerbose("Policy evaluation finished with status: " + policyResponseModel.Status)
+		if policyResponseModel.Status == completedPolicy || policyResponseModel.Status == nonePolicy {
+			logger.PrintIfVerbose("Policy status: " + policyResponseModel.Status)
+			return true, policyResponseModel, nil
+		}
 	}
 	return true, nil, nil
 }

internal/commands/result.go

@@ -201,7 +201,7 @@ func NewResultsCommand(
 	codeBashingCmd := resultCodeBashing(codeBashingWrapper)
 	bflResultCmd := resultBflSubCommand(bflWrapper)
 	exitCodeSubcommand := exitCodeSubCommand(scanWrapper)
-	riskManagementSubCommand := riskManagementSubCommand(riskManagementWrapper)
+	riskManagementSubCommand := riskManagementSubCommand(riskManagementWrapper, featureFlagsWrapper)
 	resultCmd.AddCommand(
 		showResultCmd, bflResultCmd, codeBashingCmd, exitCodeSubcommand, riskManagementSubCommand,
 	)
@@ -226,7 +226,8 @@ func exitCodeSubCommand(scanWrapper wrappers.ScansWrapper) *cobra.Command {
 
 	return exitCodeCmd
 }
-func riskManagementSubCommand(riskManagement wrappers.RiskManagementWrapper) *cobra.Command {
+func riskManagementSubCommand(riskManagement wrappers.RiskManagementWrapper, featureFlagsWrapper wrappers.FeatureFlagsWrapper,
+) *cobra.Command {
 	riskManagementCmd := &cobra.Command{
 		Use:   "risk-management",
 		Short: "Show risk-management results of a project",
@@ -236,7 +237,7 @@ func riskManagementSubCommand(riskManagement wrappers.RiskManagementWrapper) *co
 			$ cx results risk-management --project-id <project Id> --limit <limit> (1-50, default: 50)
 		`,
 		),
-		RunE: runRiskManagementCommand(riskManagement),
+		RunE: runRiskManagementCommand(riskManagement, featureFlagsWrapper),
 	}
 
 	riskManagementCmd.PersistentFlags().String(commonParams.ProjectIDFlag, "", "Project ID")
@@ -350,11 +351,17 @@ func runGetExitCodeCommand(scanWrapper wrappers.ScansWrapper) func(cmd *cobra.Co
 	}
 }
 
-func runRiskManagementCommand(riskManagement wrappers.RiskManagementWrapper) func(cmd *cobra.Command, args []string) error {
+func runRiskManagementCommand(riskManagement wrappers.RiskManagementWrapper, featureFlagsWrapper wrappers.FeatureFlagsWrapper,
+) func(cmd *cobra.Command, args []string) error {
 	return func(cmd *cobra.Command, args []string) error {
 		projectID, _ := cmd.Flags().GetString(commonParams.ProjectIDFlag)
 		limit, _ := cmd.Flags().GetInt(commonParams.LimitFlag)
 
+		flagResponse, _ := wrappers.GetSpecificFeatureFlag(featureFlagsWrapper, wrappers.RiskManagementEnabled)
+		ASPMEnabled := flagResponse.Status
+		if !ASPMEnabled {
+			return errors.Errorf("%s", "Risk management results are currently unavailable for your tenant.")
+		}
 		results, err := getRiskManagementResults(riskManagement, projectID)
 		if err != nil {
 			return err
@@ -1536,11 +1543,13 @@ func parseScaExportPackage(packages []wrappers.ScaPackage) *[]wrappers.ScaPackag
 	for _, pkg := range packages {
 		pkg := pkg
 		scaPackages = append(scaPackages, wrappers.ScaPackageCollection{
-			ID:                  pkg.ID,
-			Locations:           pkg.Locations,
-			DependencyPathArray: parsePackagePathToDependencyPath(&pkg),
-			Outdated:            pkg.Outdated,
-			IsDirectDependency:  pkg.IsDirectDependency,
+			ID:                      pkg.ID,
+			Locations:               pkg.Locations,
+			DependencyPathArray:     parsePackagePathToDependencyPath(&pkg),
+			Outdated:                pkg.Outdated,
+			IsDirectDependency:      pkg.IsDirectDependency,
+			IsDevelopmentDependency: pkg.IsDevelopmentDependency,
+			IsTestDependency:        pkg.IsTestDependency,
 		})
 	}
 	return &scaPackages

internal/commands/result_test.go

@@ -1562,6 +1562,79 @@ func TestRiskManagementHelp(t *testing.T) {
 	execCmdNilAssertion(t, "help", "results", "risk-management")
 }
 
+func TestRiskManagement_ShouldFFBeFalseAndReturnError(t *testing.T) {
+	clearFlags()
+	err := execCmdNotNilAssertion(t, "results", "risk-management")
+	assert.Equal(t, err.Error(), "Risk management results are currently unavailable for your tenant.", "Expected error message")
+
+}
+
 func TestRiskManagement(t *testing.T) {
+	clearFlags()
+	mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.RiskManagementEnabled, Status: true}
 	execCmdNilAssertion(t, "results", "risk-management")
 }
+
+func Test_addPackageInformation_DependencyTypes(t *testing.T) {
+	// Create dependency paths with different types
+	var dependencyPaths = [][]wrappers.DependencyPath{
+		{{
+			ID:            "dev-pkg",
+			IsDevelopment: true,
+		}},
+		{{
+			ID:            "test-pkg",
+			IsDevelopment: false,
+		}},
+	}
+
+	// Create results model with two results - one dev and one test
+	resultsModel := &wrappers.ScanResultsCollection{
+		Results: []*wrappers.ScanResult{
+			{
+				Type: "sca",
+				ScanResultData: wrappers.ScanResultData{
+					PackageIdentifier: "dev-pkg",
+				},
+			},
+			{
+				Type: "sca",
+				ScanResultData: wrappers.ScanResultData{
+					PackageIdentifier: "test-pkg",
+				},
+			},
+		},
+	}
+
+	// Create package model with different dev/test settings
+	scaPackageModel := &[]wrappers.ScaPackageCollection{
+		{
+			ID:                      "dev-pkg",
+			DependencyPathArray:     dependencyPaths[:1],
+			IsDevelopmentDependency: true,
+			IsTestDependency:        false,
+		},
+		{
+			ID:                      "test-pkg",
+			DependencyPathArray:     dependencyPaths[1:],
+			IsDevelopmentDependency: false,
+			IsTestDependency:        true,
+		},
+	}
+
+	scaTypeModel := &[]wrappers.ScaTypeCollection{{}}
+
+	// Execute the function
+	resultsModel = addPackageInformation(resultsModel, scaPackageModel, scaTypeModel)
+
+	// Get the results
+	devPackage := resultsModel.Results[0].ScanResultData.ScaPackageCollection
+	testPackage := resultsModel.Results[1].ScanResultData.ScaPackageCollection
+
+	// Verify the fields were transferred correctly
+	assert.Equal(t, true, devPackage.IsDevelopmentDependency, "First package should be marked as development dependency")
+	assert.Equal(t, false, devPackage.IsTestDependency, "First package should not be marked as test dependency")
+
+	assert.Equal(t, false, testPackage.IsDevelopmentDependency, "Second package should not be marked as development dependency")
+	assert.Equal(t, true, testPackage.IsTestDependency, "Second package should be marked as test dependency")
+}

internal/commands/util/configuration_test.go

@@ -1,6 +1,8 @@
 package util
 
 import (
+	"github.com/checkmarx/ast-cli/internal/params"
+	"github.com/spf13/viper"
 	"os"
 	"strings"
 	"testing"
@@ -47,9 +49,11 @@ func TestGetConfigFilePath_CheckmarxConfigFileExists_Success(t *testing.T) {
 }
 
 func TestWriteSingleConfigKeyToExistingFile_ChangeAscaPortToZero_Success(t *testing.T) {
-	configuration.LoadConfiguration()
+	err := configuration.LoadConfiguration()
+	assert.NilError(t, err)
+
 	configFilePath, _ := configuration.GetConfigFilePath()
-	err := configuration.SafeWriteSingleConfigKey(configFilePath, cxAscaPort, 0)
+	err = configuration.SafeWriteSingleConfigKey(configFilePath, cxAscaPort, 0)
 	assert.NilError(t, err)
 
 	config, err := configuration.LoadConfig(configFilePath)
@@ -78,7 +82,9 @@ func TestWriteSingleConfigKeyNonExistingFile_CreatingTheFileAndWritesTheKey_Succ
 }
 
 func TestChangedOnlyAscaPortInConfigFile_ConfigFileExistsWithDefaultValues_OnlyAscaPortChangedSuccess(t *testing.T) {
-	configuration.LoadConfiguration()
+	err := configuration.LoadConfiguration()
+	assert.NilError(t, err)
+
 	configFilePath, _ := configuration.GetConfigFilePath()
 
 	oldConfig, err := configuration.LoadConfig(configFilePath)
@@ -100,9 +106,11 @@ func TestChangedOnlyAscaPortInConfigFile_ConfigFileExistsWithDefaultValues_OnlyA
 }
 
 func TestWriteSingleConfigKeyStringToExistingFile_UpdateScsScanOverviewPath_Success(t *testing.T) {
-	configuration.LoadConfiguration()
+	err := configuration.LoadConfiguration()
+	assert.NilError(t, err)
+
 	configFilePath, _ := configuration.GetConfigFilePath()
-	err := configuration.SafeWriteSingleConfigKeyString(configFilePath, cxScsScanOverviewPath, defaultScsScanOverviewPath)
+	err = configuration.SafeWriteSingleConfigKeyString(configFilePath, cxScsScanOverviewPath, defaultScsScanOverviewPath)
 	assert.NilError(t, err)
 
 	config, err := configuration.LoadConfig(configFilePath)
@@ -131,7 +139,9 @@ func TestWriteSingleConfigKeyStringNonExistingFile_CreatingTheFileAndWritesTheKe
 }
 
 func TestChangedOnlyScsScanOverviewPathInConfigFile_ConfigFileExistsWithDefaultValues_OnlyScsScanOverviewPathChangedSuccess(t *testing.T) {
-	configuration.LoadConfiguration()
+	err := configuration.LoadConfiguration()
+	assert.NilError(t, err)
+
 	configFilePath, _ := configuration.GetConfigFilePath()
 
 	oldConfig, err := configuration.LoadConfig(configFilePath)
@@ -151,3 +161,12 @@ func TestChangedOnlyScsScanOverviewPathInConfigFile_ConfigFileExistsWithDefaultV
 		}
 	}
 }
+
+func TestGetConfigFilePath_CustomFile(t *testing.T) {
+	expectedPath := "/custom/path/checkmarxcli.yaml"
+	viper.Set(params.ConfigFilePathKey, expectedPath)
+
+	actualPath, err := configuration.GetConfigFilePath()
+	assert.NilError(t, err)
+	assert.Equal(t, actualPath, expectedPath, "Expected path to match the set value in viper")
+}

internal/constants/feature-flags/feature-flags.go

@@ -2,5 +2,5 @@ package featureflags
 
 const (
 	AccessManagementEnabled = "ACCESS_MANAGEMENT_ENABLED"
-	AccessManagementPhase2  = "ACCESS_MANAGEMENT_PHASE2"
+	AccessManagementPhase2  = "ACCESS_MANAGEMENT_PHASE_2"
 )

internal/params/binds.go

@@ -74,5 +74,6 @@ var EnvVarsBinds = []struct {
 	{ASCAPortKey, ASCAPortEnv, ""},
 	{ScsRepoTokenKey, ScsRepoTokenEnv, ""},
 	{RiskManagementPathKey, RiskManagementPathEnv, "api/risk-management/projects/%s/results"},
+	{ConfigFilePathKey, ConfigFilePathEnv, ""},
 	{EnginePathKey, EnginePathEnv, "api/engines"},
 }

internal/params/envs.go

@@ -73,5 +73,6 @@ const (
 	ASCAPortEnv                         = "CX_ASCA_PORT"
 	ScsRepoTokenEnv                     = "SCS_REPO_TOKEN"
 	RiskManagementPathEnv               = "CX_RISK_MANAGEMENT_PATH"
+	ConfigFilePathEnv                   = "CX_CONFIG_FILE_PATH"
 	EnginePathEnv                       = "CX_ENGINE_PATH"
 )

internal/params/keys.go

@@ -73,5 +73,6 @@ var (
 	ASCAPortKey                         = strings.ToLower(ASCAPortEnv)
 	ScsRepoTokenKey                     = strings.ToLower(ScsRepoTokenEnv)
 	RiskManagementPathKey               = strings.ToLower(RiskManagementPathEnv)
+	ConfigFilePathKey                   = strings.ToLower(ConfigFilePathEnv)
 	EnginePathKey                       = strings.ToLower(ResultsPathKey)
 )