Merge pull request #933 from Checkmarx/bug/miryamFoifer/ignoreGroupsWhenProjectExists

Do Not Update An Existing Project With  A New Group (AST-70718)

Author: cx-miryam-foifer

internal/commands/scan_test.go

@@ -12,8 +12,10 @@ import (
 	"strings"
 	"testing"
 
+	"github.com/checkmarx/ast-cli/internal/commands/util"
 	errorConstants "github.com/checkmarx/ast-cli/internal/constants/errors"
 	exitCodes "github.com/checkmarx/ast-cli/internal/constants/exit-codes"
+	"github.com/checkmarx/ast-cli/internal/logger"
 	commonParams "github.com/checkmarx/ast-cli/internal/params"
 	"github.com/checkmarx/ast-cli/internal/wrappers"
 	"github.com/checkmarx/ast-cli/internal/wrappers/mock"
@@ -52,6 +54,8 @@ const (
 	InvalidEngineMessage          = "Please verify if engine is installed"
 	SCSScoreCardError             = "SCS scan failed to start: Scorecard scan is missing required flags, please include in the ast-cli arguments: " +
 		"--scs-repo-url your_repo_url --scs-repo-token your_repo_token"
+	outputFileName              = "test_output.log"
+	noUpdatesForExistingProject = "No applicationId or tags to update. Skipping project update."
 )
 
 func TestScanHelp(t *testing.T) {
@@ -382,14 +386,31 @@ func TestCreateScanBranches(t *testing.T) {
 	execCmdNilAssertion(t, "scan", "create", "--project-name", "MOCK", "-s", dummyRepo, "-b", "branch_defined")
 }
 
-func TestCreateScanWithProjectGroup(t *testing.T) {
+func TestCreateScan_WhenProjectNotExistsAndInvalidGroup_ShouldFail(t *testing.T) {
 	err := execCmdNotNilAssertion(
 		t,
-		"scan", "create", "--project-name", "invalidGroup", "-s", ".", "--branch", "main", "--project-groups", "invalidGroup",
+		"scan", "create", "--project-name", "newProject", "-s", ".", "--branch", "main", "--project-groups", "invalidGroup",
 	)
 	assert.Assert(t, err.Error() == "Failed updating a project: Failed finding groups: [invalidGroup]", "\n the received error is:", err.Error())
 }
 
+func TestCreateScan_WhenProjectNotExists_ShouldCreateProjectAndAssignGroup(t *testing.T) {
+	file := createOutputFile(t, outputFileName)
+	defer deleteOutputFile(file)
+	defer logger.SetOutput(os.Stdout)
+
+	baseArgs := []string{"scan", "create", "--project-name", "newProject", "-s", ".", "--branch", "main", "--project-groups", "existsGroup1", "--debug"}
+	execCmdNilAssertion(
+		t,
+		baseArgs...,
+	)
+	stdoutString, err := util.ReadFileAsString(file.Name())
+	if err != nil {
+		t.Fatalf("Failed to read log file: %v", err)
+	}
+	assert.Equal(t, strings.Contains(stdoutString, "Updating project groups"), true, "Expected output: %s", "Updating project groups")
+}
+
 func TestScanWorkflowMissingID(t *testing.T) {
 	err := execCmdNotNilAssertion(t, "scan", "workflow")
 	assert.Error(t, err, "Please provide a scan ID", err.Error())
@@ -590,11 +611,18 @@ func TestCreateScanProjectTags(t *testing.T) {
 		"--project-tags", "test", "--debug")
 }
 
-func TestCreateScanProjecGroupsError(t *testing.T) {
+func TestCreateScan_WhenProjectExists_ShouldIgnoreGroups(t *testing.T) {
+	file := createOutputFile(t, outputFileName)
+	defer deleteOutputFile(file)
+	defer logger.SetOutput(os.Stdout)
 	baseArgs := []string{scanCommand, "create", "--project-name", "MOCK", "-s", dummyRepo, "-b", "dummy_branch",
-		"--debug", "--project-groups", "err"}
-	err := execCmdNotNilAssertion(t, baseArgs...)
-	assert.Error(t, err, "Failed updating a project: Failed finding groups: [err]", err.Error())
+		"--debug", "--project-groups", "anyProjectGroup"}
+	execCmdNilAssertion(t, baseArgs...)
+	stdoutString, err := util.ReadFileAsString(file.Name())
+	if err != nil {
+		t.Fatalf("Failed to read log file: %v", err)
+	}
+	assert.Equal(t, strings.Contains(stdoutString, noUpdatesForExistingProject), true, "Expected output: %s", noUpdatesForExistingProject)
 }
 func TestScanCreateLastSastScanTimeWithInvalidValue(t *testing.T) {
 	baseArgs := []string{"scan", "create", "--project-name", "MOCK", "-s", dummyRepo, "-b", "dummy_branch", "--sca-exploitable-path", "true", "--sca-last-sast-scan-time", "notaniteger"}
@@ -1275,3 +1303,20 @@ func TestFilterMatched(t *testing.T) {
 		})
 	}
 }
+
+func createOutputFile(t *testing.T, fileName string) *os.File {
+	file, err := os.Create(fileName)
+	if err != nil {
+		t.Fatalf("Failed to create log file: %v", err)
+	}
+	logger.SetOutput(file)
+	return file
+}
+
+func deleteOutputFile(file *os.File) {
+	file.Close()
+	err := os.Remove(file.Name())
+	if err != nil {
+		logger.Printf("Failed to remove log file: %v", err)
+	}
+}

internal/services/projects.go

@@ -38,7 +38,6 @@ func FindProject(
 
 	for i := 0; i < len(resp.Projects); i++ {
 		if resp.Projects[i].Name == projectName {
-			projectGroups, _ := cmd.Flags().GetString(commonParams.ProjectGroupList)
 			projectTags, _ := cmd.Flags().GetString(commonParams.ProjectTagList)
 			projectPrivatePackage, _ := cmd.Flags().GetString(commonParams.ProjecPrivatePackageFlag)
 			return updateProject(
@@ -50,7 +49,6 @@ func FindProject(
 				applicationWrapper,
 				projectName,
 				applicationID,
-				projectGroups,
 				projectTags,
 				projectPrivatePackage,
 				featureFlagsWrapper)
@@ -185,7 +183,6 @@ func updateProject(
 	applicationsWrapper wrappers.ApplicationsWrapper,
 	projectName string,
 	applicationID []string,
-	projectGroups string,
 	projectTags string,
 	projectPrivatePackage string,
 	featureFlagsWrapper wrappers.FeatureFlagsWrapper,
@@ -205,8 +202,8 @@ func updateProject(
 			projModel.RepoURL = resp.Projects[i].RepoURL
 		}
 	}
-	if projectGroups == "" && projectTags == "" && projectPrivatePackage == "" && len(applicationID) == 0 {
-		logger.PrintIfVerbose("No groups, applicationId or tags to update. Skipping project update.")
+	if projectTags == "" && projectPrivatePackage == "" && len(applicationID) == 0 {
+		logger.PrintIfVerbose("No applicationId or tags to update. Skipping project update.")
 		return projectID, nil
 	}
 	if projectPrivatePackage != "" {
@@ -245,26 +242,9 @@ func updateProject(
 		}
 	}
 
-	if projectGroups != "" {
-		err = UpsertProjectGroupsByUpdateFlow(groupsWrapper, &projModel, projectsWrapper, accessManagementWrapper, projModelResp, projectGroups, projectID, projectName, featureFlagsWrapper)
-		if err != nil {
-			return projectID, err
-		}
-	}
 	return projectID, nil
 }
 
-func UpsertProjectGroupsByUpdateFlow(groupsWrapper wrappers.GroupsWrapper, projModel *wrappers.Project, projectsWrapper wrappers.ProjectsWrapper,
-	accessManagementWrapper wrappers.AccessManagementWrapper, projModelResp *wrappers.ProjectResponseModel,
-	projectGroups string, projectID string, projectName string, featureFlagsWrapper wrappers.FeatureFlagsWrapper) error {
-	groupsMap, groups, groupErr := GetGroupMap(groupsWrapper, projectGroups, projModelResp, featureFlagsWrapper)
-	if groupErr != nil {
-		return groupErr
-	}
-	projModel.Groups = groups
-	return UpsertProjectGroups(projModel, projectsWrapper, accessManagementWrapper, projectID, projectName, featureFlagsWrapper, groupsMap)
-}
-
 func UpsertProjectGroups(projModel *wrappers.Project, projectsWrapper wrappers.ProjectsWrapper,
 	accessManagementWrapper wrappers.AccessManagementWrapper, projectID string, projectName string,
 	featureFlagsWrapper wrappers.FeatureFlagsWrapper, groupsMap []*wrappers.Group) error {

internal/services/projects_test.go

@@ -266,7 +266,6 @@ func Test_updateProject(t *testing.T) {
 				ttt.args.applicationsWrapper,
 				ttt.args.projectName,
 				ttt.args.applicationID,
-				ttt.args.projectGroups,
 				ttt.args.projectTags,
 				ttt.args.projectPrivatePackage,
 				ttt.args.featureFlagsWrapper)

test/integration/scan_test.go

@@ -12,6 +12,7 @@ import (
 	"log"
 	"os"
 	"path/filepath"
+	"reflect"
 	"runtime"
 	"strings"
 	"testing"
@@ -1550,8 +1551,10 @@ func TestScanGeneratingPdfReportWithPdfOptions(t *testing.T) {
 //
 //}
 
-func TestScanCreateUsingWrongProjectGroups(t *testing.T) {
-	_, projectName := getRootProject(t)
+func TestScanCreate_WhenProjectExists_ShouldNotUpdateGroups(t *testing.T) {
+	projectID, projectName := getRootProject(t)
+	project := showProject(t, projectID)
+	groupsBeforeScanCreate := project.Groups
 
 	args := []string{
 		scanCommand, "create",
@@ -1561,10 +1564,20 @@ func TestScanCreateUsingWrongProjectGroups(t *testing.T) {
 		flag(params.PresetName), "Checkmarx Default",
 		flag(params.BranchFlag), "dummy_branch",
 		flag(params.ProjectGroupList), "wrong_group",
+		"--async",
 	}
 
 	err, _ := executeCommand(t, args...)
-	assertError(t, err, "Failed finding groups")
+	if err != nil {
+		assertError(t, err, "running a scan should pass")
+	}
+
+	project = showProject(t, projectID)
+	groupsAfterScanCreate := project.Groups
+	if !reflect.DeepEqual(groupsBeforeScanCreate, groupsAfterScanCreate) {
+		t.Errorf("When project exists, groups before and after scan creation should be equal. Got %v, want %v", groupsAfterScanCreate, groupsBeforeScanCreate)
+	}
+
 }
 func TestScanCreateExploitablePath(t *testing.T) {
 	_, projectName := getRootProject(t)