Fix for Scan Create command with Source as zip with ScaResolver issue (AST-73409) (#1190)

cx-anjali-deore · web-flow · commit cc6d11ca8ea7 · 2025-06-17T17:01:09.000+05:30
* Added check for zip for scaresolver issue
diff --git a/internal/commands/scan.go b/internal/commands/scan.go
@@ -1593,12 +1593,17 @@ func getUploadURLFromSource(cmd *cobra.Command, uploadsWrapper wrappers.UploadsW
 	sourceDirFilter, _ := cmd.Flags().GetString(commonParams.SourceDirFilterFlag)
 	userIncludeFilter, _ := cmd.Flags().GetString(commonParams.IncludeFilterFlag)
 	projectName, _ := cmd.Flags().GetString(commonParams.ProjectName)
+	scaResolverPath, _ := cmd.Flags().GetString(commonParams.ScaResolverFlag)
 	containerEngineCLIEnabled, _ := wrappers.GetSpecificFeatureFlag(featureFlagsWrapper, wrappers.ContainerEngineCLIEnabled)
 
 	containerScanTriggered := strings.Contains(actualScanTypes, commonParams.ContainersType) && containerEngineCLIEnabled.Status
 	scaResolverParams, scaResolver := getScaResolverFlags(cmd)
 
 	zipFilePath, directoryPath, err := definePathForZipFileOrDirectory(cmd)
+
+	if zipFilePath != "" && scaResolverPath != "" {
+		return "", "", errors.New("Scanning Zip files is not supported by ScaResolver.Please use non-zip source")
+	}
 	if err != nil {
 		return "", "", errors.Wrapf(err, "%s: Input in bad format", failedCreating)
 	}
diff --git a/internal/commands/scan_test.go b/internal/commands/scan_test.go
@@ -62,8 +62,9 @@ const (
 	InvalidEngineMessage                   = "Please verify if engine is installed"
 	SCSScoreCardError                      = "SCS scan failed to start: Scorecard scan is missing required flags, please include in the ast-cli arguments: " +
 		"--scs-repo-url your_repo_url --scs-repo-token your_repo_token"
-	outputFileName              = "test_output.log"
-	noUpdatesForExistingProject = "No tags to update. Skipping project update."
+	outputFileName                = "test_output.log"
+	noUpdatesForExistingProject   = "No tags to update. Skipping project update."
+	ScaResolverZipNotSupportedErr = "Scanning Zip files is not supported by ScaResolver.Please use non-zip source"
 )
 
 func TestScanHelp(t *testing.T) {
@@ -2218,3 +2219,21 @@ func TestIsContainersEngineEnabled_FlagRetrievalFails(t *testing.T) {
 
 	assert.Assert(t, !result, "expected result to be false")
 }
+
+func TestCreateScanWith_ScaResolver_Source_as_Zip(t *testing.T) {
+	clearFlags()
+	baseArgs := []string{
+		"scan",
+		"create",
+		"--project-name",
+		"MOCK",
+		"-s",
+		"data/sources.zip",
+		"-b",
+		"dummy_branch",
+		"--sca-resolver",
+		"ScaResolver.exe",
+	}
+	err := execCmdNotNilAssertion(t, baseArgs...)
+	assert.Assert(t, strings.Contains(err.Error(), ScaResolverZipNotSupportedErr), err.Error())
+}
diff --git a/test/integration/scan_test.go b/test/integration/scan_test.go
@@ -2351,3 +2351,18 @@ func deletePreset(engine, presetID string) error {
 
 	return nil
 }
+
+func TestCreateScan_WithScaResolver_ZipSource_Fail(t *testing.T) {
+	configuration.LoadConfiguration()
+	args := []string{
+		"scan", "create",
+		flag(params.ProjectName), getProjectNameForScanTests(),
+		flag(params.SourcesFlag), "data/insecure.zip",
+		flag(params.ScanTypes), params.ScaType,
+		flag(params.BranchFlag), "dummy_branch",
+		flag(params.ScaResolverFlag), "ScaResolver.exe",
+	}
+
+	err, _ := executeCommand(t, args...)
+	assert.Error(t, err, "Scanning Zip files is not supported by ScaResolver.Please use non-zip source")
+}
