Merge pull request #953 from Checkmarx/bug/miryamFoifer/ignoreApplicationWhenProjectExists

Do Not Update An Existing Project With A New Application(AST-70427)

Author: cx-miryam-foifer

internal/commands/project.go

@@ -233,7 +233,7 @@ func runCreateProjectCommand(
 		applicationName, _ := cmd.Flags().GetString(commonParams.ApplicationName)
 		var applicationID []string
 		if applicationName != "" {
-			application, getAppErr := getApplication(applicationName, applicationsWrapper)
+			application, getAppErr := services.GetApplication(applicationName, applicationsWrapper)
 			if getAppErr != nil {
 				return getAppErr
 			}

internal/commands/scan.go

@@ -24,7 +24,6 @@ import (
 	"github.com/checkmarx/ast-cli/internal/commands/util"
 	"github.com/checkmarx/ast-cli/internal/commands/util/printer"
 	"github.com/checkmarx/ast-cli/internal/constants"
-	errorConstants "github.com/checkmarx/ast-cli/internal/constants/errors"
 	exitCodes "github.com/checkmarx/ast-cli/internal/constants/exit-codes"
 	"github.com/checkmarx/ast-cli/internal/logger"
 	"github.com/checkmarx/ast-cli/internal/services"
@@ -709,23 +708,8 @@ func setupScanTypeProjectAndConfig(
 		return errors.Errorf("Project name is required")
 	}
 
-	applicationName, _ := cmd.Flags().GetString(commonParams.ApplicationName)
-
-	var applicationID []string
-	if applicationName != "" {
-		application, getAppErr := getApplication(applicationName, applicationsWrapper)
-		if getAppErr != nil {
-			return getAppErr
-		}
-		if application == nil {
-			return errors.Errorf(errorConstants.ApplicationDoesntExistOrNoPermission)
-		}
-		applicationID = []string{application.ID}
-	}
-
 	// We need to convert the project name into an ID
 	projectID, findProjectErr := services.FindProject(
-		applicationID,
 		info["project"].(map[string]interface{})["id"].(string),
 		cmd,
 		projectsWrapper,
@@ -799,34 +783,6 @@ func setupScanTypeProjectAndConfig(
 	return nil
 }
 
-func getApplication(applicationName string, applicationsWrapper wrappers.ApplicationsWrapper) (*wrappers.Application, error) {
-	if applicationName != "" {
-		params := make(map[string]string)
-		params["name"] = applicationName
-		resp, err := applicationsWrapper.Get(params)
-		if err != nil {
-			return nil, err
-		}
-		if resp.Applications != nil && len(resp.Applications) > 0 {
-			application := verifyApplicationNameExactMatch(applicationName, resp)
-
-			return application, nil
-		}
-	}
-	return nil, nil
-}
-
-func verifyApplicationNameExactMatch(applicationName string, resp *wrappers.ApplicationsResponseModel) *wrappers.Application {
-	var application *wrappers.Application
-	for i := range resp.Applications {
-		if resp.Applications[i].Name == applicationName {
-			application = &resp.Applications[i]
-			break
-		}
-	}
-	return application
-}
-
 func getResubmitConfiguration(scansWrapper wrappers.ScansWrapper, projectID, userScanTypes string) (
 	[]wrappers.Config,
 	error,

internal/commands/scan_test.go

@@ -55,7 +55,7 @@ const (
 	SCSScoreCardError             = "SCS scan failed to start: Scorecard scan is missing required flags, please include in the ast-cli arguments: " +
 		"--scs-repo-url your_repo_url --scs-repo-token your_repo_token"
 	outputFileName              = "test_output.log"
-	noUpdatesForExistingProject = "No applicationId or tags to update. Skipping project update."
+	noUpdatesForExistingProject = "No tags to update. Skipping project update."
 )
 
 func TestScanHelp(t *testing.T) {
@@ -193,18 +193,13 @@ func TestCreateScanWithThreshold_ShouldSuccess(t *testing.T) {
 	execCmdNilAssertion(t, "scan", "create", "--project-name", "MOCK", "-s", dummyRepo, "-b", "dummy_branch", "--scan-types", "sast", "--threshold", "sca-low=1 ; sast-medium=2")
 }
 
-func TestScanCreate_ExistingApplicationAndProject_CreateProjectUnderApplicationSuccessfully(t *testing.T) {
-	execCmdNilAssertion(t, "scan", "create", "--project-name", "MOCK", "--application-name", "MOCK", "-s", dummyRepo, "-b", "dummy_branch")
-}
-
 func TestScanCreate_ApplicationNameIsNotExactMatch_FailedToCreateScan(t *testing.T) {
-	err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "MOCK", "--application-name", "MOC", "-s", dummyRepo, "-b", "dummy_branch")
+	err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "non-existing-project", "--application-name", "MOC", "-s", dummyRepo, "-b", "dummy_branch")
 	assert.Assert(t, err.Error() == errorConstants.ApplicationDoesntExistOrNoPermission)
 }
 
-func TestScanCreate_ExistingProjectAndApplicationWithNoPermission_FailedToCreateScan(t *testing.T) {
-	err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "MOCK", "--application-name", mock.ApplicationDoesntExist, "-s", dummyRepo, "-b", "dummy_branch")
-	assert.Assert(t, err.Error() == errorConstants.ApplicationDoesntExistOrNoPermission)
+func TestScanCreate_ExistingProjectAndApplicationWithNoPermission_ShouldCreateScan(t *testing.T) {
+	execCmdNilAssertion(t, "scan", "create", "--project-name", "MOCK", "--application-name", mock.ApplicationDoesntExist, "-s", dummyRepo, "-b", "dummy_branch")
 }
 
 func TestScanCreate_ExistingApplicationWithNoPermission_FailedToCreateScan(t *testing.T) {
@@ -213,20 +208,16 @@ func TestScanCreate_ExistingApplicationWithNoPermission_FailedToCreateScan(t *te
 }
 
 func TestScanCreate_OnReceivingHttpBadRequestStatusCode_FailedToCreateScan(t *testing.T) {
-	err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "MOCK", "--application-name", mock.FakeBadRequest400, "-s", dummyRepo, "-b", "dummy_branch")
+	err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "non-existing-project", "--application-name", mock.FakeBadRequest400, "-s", dummyRepo, "-b", "dummy_branch")
 	assert.Assert(t, err.Error() == errorConstants.FailedToGetApplication)
 }
 
 func TestScanCreate_OnReceivingHttpInternalServerErrorStatusCode_FailedToCreateScan(t *testing.T) {
-	err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "MOCK", "--application-name", mock.FakeInternalServerError500, "-s", dummyRepo, "-b", "dummy_branch")
+	err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "non-existing-project",
+		"--application-name", mock.FakeInternalServerError500, "-s", dummyRepo, "-b", "dummy_branch")
 	assert.Assert(t, err.Error() == errorConstants.FailedToGetApplication)
 }
 
-func TestCreateScanInsideApplicationProjectExistNoPermissions(t *testing.T) {
-	err := execCmdNotNilAssertion(t, "scan", "create", "--project-name", "MOCK", "--application-name", mock.NoPermissionApp, "-s", dummyRepo, "-b", "dummy_branch")
-	assert.Assert(t, err.Error() == errorConstants.ApplicationDoesntExistOrNoPermission)
-}
-
 func TestCreateScanSourceDirectory(t *testing.T) {
 	baseArgs := []string{"scan", "create", "--project-name", "MOCK", "-b", "dummy_branch"}
 	execCmdNilAssertion(t, append(baseArgs, "-s", "data", "--file-filter", "!.java")...)
@@ -411,6 +402,23 @@ func TestCreateScan_WhenProjectNotExists_ShouldCreateProjectAndAssignGroup(t *te
 	assert.Equal(t, strings.Contains(stdoutString, "Updating project groups"), true, "Expected output: %s", "Updating project groups")
 }
 
+func TestCreateScan_WhenProjectNotExists_ShouldCreateProjectAndAssociateApplication(t *testing.T) {
+	file := createOutputFile(t, outputFileName)
+	defer deleteOutputFile(file)
+	defer logger.SetOutput(os.Stdout)
+
+	baseArgs := []string{"scan", "create", "--project-name", "newProject", "-s", ".", "--branch", "main", "--application-name", mock.ExistingApplication, "--debug"}
+	execCmdNilAssertion(
+		t,
+		baseArgs...,
+	)
+	stdoutString, err := util.ReadFileAsString(file.Name())
+	if err != nil {
+		t.Fatalf("Failed to read log file: %v", err)
+	}
+	assert.Equal(t, strings.Contains(stdoutString, "application association done successfully"), true, "Expected output: %s", "application association done successfully")
+}
+
 func TestScanWorkflowMissingID(t *testing.T) {
 	err := execCmdNotNilAssertion(t, "scan", "workflow")
 	assert.Error(t, err, "Please provide a scan ID", err.Error())
@@ -624,6 +632,20 @@ func TestCreateScan_WhenProjectExists_ShouldIgnoreGroups(t *testing.T) {
 	}
 	assert.Equal(t, strings.Contains(stdoutString, noUpdatesForExistingProject), true, "Expected output: %s", noUpdatesForExistingProject)
 }
+
+func TestCreateScan_WhenProjectExists_ShouldIgnoreApplication(t *testing.T) {
+	file := createOutputFile(t, outputFileName)
+	defer deleteOutputFile(file)
+	defer logger.SetOutput(os.Stdout)
+	baseArgs := []string{scanCommand, "create", "--project-name", "MOCK", "-s", dummyRepo, "-b", "dummy_branch",
+		"--debug", "--application-name", "anyApplication"}
+	execCmdNilAssertion(t, baseArgs...)
+	stdoutString, err := util.ReadFileAsString(file.Name())
+	if err != nil {
+		t.Fatalf("Failed to read log file: %v", err)
+	}
+	assert.Equal(t, strings.Contains(stdoutString, noUpdatesForExistingProject), true, "Expected output: %s", noUpdatesForExistingProject)
+}
 func TestScanCreateLastSastScanTimeWithInvalidValue(t *testing.T) {
 	baseArgs := []string{"scan", "create", "--project-name", "MOCK", "-s", dummyRepo, "-b", "dummy_branch", "--sca-exploitable-path", "true", "--sca-last-sast-scan-time", "notaniteger"}
 	err := execCmdNotNilAssertion(t, baseArgs...)

internal/commands/util/import.go

@@ -65,7 +65,7 @@ func runImportCommand(
 			return errors.Errorf(errorConstants.ProjectNameIsRequired)
 		}
 
-		projectID, err := services.FindProject(nil, projectName, cmd, projectsWrapper, groupsWrapper, accessManagementWrapper, applicationsWrapper, featureFlagsWrapper)
+		projectID, err := services.FindProject(projectName, cmd, projectsWrapper, groupsWrapper, accessManagementWrapper, applicationsWrapper, featureFlagsWrapper)
 		if err != nil {
 			return err
 		}

internal/services/applications.go

@@ -1,6 +1,11 @@
 package services
 
-import "github.com/checkmarx/ast-cli/internal/wrappers/utils"
+import (
+	errorConstants "github.com/checkmarx/ast-cli/internal/constants/errors"
+	"github.com/checkmarx/ast-cli/internal/wrappers"
+	"github.com/checkmarx/ast-cli/internal/wrappers/utils"
+	"github.com/pkg/errors"
+)
 
 func createApplicationIds(applicationID, existingApplicationIds []string) []string {
 	for _, id := range applicationID {
@@ -10,3 +15,46 @@ func createApplicationIds(applicationID, existingApplicationIds []string) []stri
 	}
 	return existingApplicationIds
 }
+
+func getApplicationID(applicationName string, applicationsWrapper wrappers.ApplicationsWrapper) ([]string, error) {
+	var applicationID []string
+	if applicationName != "" {
+		application, getAppErr := GetApplication(applicationName, applicationsWrapper)
+		if getAppErr != nil {
+			return nil, getAppErr
+		}
+		if application == nil {
+			return nil, errors.Errorf(errorConstants.ApplicationDoesntExistOrNoPermission)
+		}
+		applicationID = []string{application.ID}
+	}
+	return applicationID, nil
+}
+
+func GetApplication(applicationName string, applicationsWrapper wrappers.ApplicationsWrapper) (*wrappers.Application, error) {
+	if applicationName != "" {
+		params := make(map[string]string)
+		params["name"] = applicationName
+		resp, err := applicationsWrapper.Get(params)
+		if err != nil {
+			return nil, err
+		}
+		if resp.Applications != nil && len(resp.Applications) > 0 {
+			application := verifyApplicationNameExactMatch(applicationName, resp)
+
+			return application, nil
+		}
+	}
+	return nil, nil
+}
+
+func verifyApplicationNameExactMatch(applicationName string, resp *wrappers.ApplicationsResponseModel) *wrappers.Application {
+	var application *wrappers.Application
+	for i := range resp.Applications {
+		if resp.Applications[i].Name == applicationName {
+			application = &resp.Applications[i]
+			break
+		}
+	}
+	return application
+}

internal/services/projects.go

@@ -22,7 +22,6 @@ const (
 )
 
 func FindProject(
-	applicationID []string,
 	projectName string,
 	cmd *cobra.Command,
 	projectsWrapper wrappers.ProjectsWrapper,
@@ -41,12 +40,19 @@ func FindProject(
 		if project.Name == projectName {
 			projectTags, _ := cmd.Flags().GetString(commonParams.ProjectTagList)
 			projectPrivatePackage, _ := cmd.Flags().GetString(commonParams.ProjecPrivatePackageFlag)
-			return updateProject(&project, cmd, projectsWrapper, applicationWrapper, applicationID, projectTags, projectPrivatePackage)
+			return updateProject(&project, projectsWrapper, projectTags, projectPrivatePackage)
 		}
 	}
 
 	projectGroups, _ := cmd.Flags().GetString(commonParams.ProjectGroupList)
 	projectPrivatePackage, _ := cmd.Flags().GetString(commonParams.ProjecPrivatePackageFlag)
+
+	applicationName, _ := cmd.Flags().GetString(commonParams.ApplicationName)
+	applicationID, appErr := getApplicationID(applicationName, applicationWrapper)
+	if appErr != nil {
+		return "", appErr
+	}
+
 	projectID, err := createProject(projectName, cmd, projectsWrapper, groupsWrapper, accessManagementWrapper, applicationWrapper,
 		applicationID, projectGroups, projectPrivatePackage, featureFlagsWrapper)
 	if err != nil {
@@ -165,16 +171,15 @@ func verifyApplicationAssociationDone(applicationName, projectID string, applica
 
 //nolint:gocyclo
 func updateProject(project *wrappers.ProjectResponseModel,
-	cmd *cobra.Command, projectsWrapper wrappers.ProjectsWrapper, applicationsWrapper wrappers.ApplicationsWrapper,
-	applicationID []string, projectTags string, projectPrivatePackage string) (string, error) {
+	projectsWrapper wrappers.ProjectsWrapper,
+	projectTags string, projectPrivatePackage string) (string, error) {
 	var projectID string
-	applicationName, _ := cmd.Flags().GetString(commonParams.ApplicationName)
 	var projModel = wrappers.Project{}
 	projectID = project.ID
 	projModel.MainBranch = project.MainBranch
 	projModel.RepoURL = project.RepoURL
-	if projectTags == "" && projectPrivatePackage == "" && len(applicationID) == 0 {
-		logger.PrintIfVerbose("No applicationId or tags to update. Skipping project update.")
+	if projectTags == "" && projectPrivatePackage == "" {
+		logger.PrintIfVerbose("No tags to update. Skipping project update.")
 		return projectID, nil
 	}
 	if projectPrivatePackage != "" {
@@ -197,22 +202,12 @@ func updateProject(project *wrappers.ProjectResponseModel,
 		logger.PrintIfVerbose("Updating project tags")
 		projModel.Tags = createTagMap(projectTags)
 	}
-	if len(applicationID) > 0 {
-		logger.PrintIfVerbose("Updating project applicationIds")
-		projModel.ApplicationIds = createApplicationIds(applicationID, projModelResp.ApplicationIds)
-	}
+
 	err = projectsWrapper.Update(projectID, &projModel)
 	if err != nil {
 		return "", errors.Errorf("%s: %v", failedUpdatingProj, err)
 	}
 
-	if applicationName != "" || len(applicationID) > 0 {
-		err = verifyApplicationAssociationDone(applicationName, projectID, applicationsWrapper)
-		if err != nil {
-			return projectID, err
-		}
-	}
-
 	return projectID, nil
 }
 

internal/services/projects_test.go

@@ -60,7 +60,6 @@ func TestFindProject(t *testing.T) {
 		ttt := tt
 		t.Run(tt.name, func(t *testing.T) {
 			got, err := FindProject(
-				ttt.args.applicationID,
 				ttt.args.projectName,
 				ttt.args.cmd,
 				ttt.args.projectsWrapper,
@@ -236,48 +235,12 @@ func Test_updateProject(t *testing.T) {
 			want:    "ID-project-name",
 			wantErr: false,
 		},
-		{
-			name: "When called with application ID",
-			args: args{
-				project: &wrappers.ProjectResponseModel{
-					ID:   "ID-project-name",
-					Name: "project-name",
-				},
-				cmd:                     &cobra.Command{},
-				projectsWrapper:         &mock.ProjectsMockWrapper{},
-				groupsWrapper:           &mock.GroupsMockWrapper{},
-				accessManagementWrapper: &mock.AccessManagementMockWrapper{},
-				projectName:             "project-name",
-				projectPrivatePackage:   "true",
-				featureFlagsWrapper:     &mock.FeatureFlagsMockWrapper{},
-			},
-			want:    "ID-project-name",
-			wantErr: false,
-		},
-		{
-			name: "When called with mock fake error model return fake error from project create",
-			args: args{
-				projectName: "mock-some-error-model",
-				project: &wrappers.ProjectResponseModel{
-					ID:   "ID-mock-some-error-model",
-					Name: "mock-some-error-model",
-				},
-				cmd:                     &cobra.Command{},
-				projectsWrapper:         &mock.ProjectsMockWrapper{},
-				groupsWrapper:           &mock.GroupsMockWrapper{},
-				accessManagementWrapper: &mock.AccessManagementMockWrapper{},
-				applicationID:           []string{"1"},
-				featureFlagsWrapper:     &mock.FeatureFlagsMockWrapper{},
-			},
-			want:    "",
-			wantErr: true,
-		},
 	}
 	for _, tt := range tests {
 		ttt := tt
 		t.Run(tt.name, func(t *testing.T) {
-			got, err := updateProject(ttt.args.project, ttt.args.cmd, ttt.args.projectsWrapper,
-				ttt.args.applicationsWrapper, ttt.args.applicationID, ttt.args.projectTags, ttt.args.projectPrivatePackage)
+			got, err := updateProject(ttt.args.project, ttt.args.projectsWrapper,
+				ttt.args.projectTags, ttt.args.projectPrivatePackage)
 			if (err != nil) != ttt.wantErr {
 				t.Errorf("updateProject() error = %v, wantErr %v", err, ttt.wantErr)
 				return