Security scans: Removing repository truncation for project scans (#4499)

laileni-aws · web-flow · commit 6554b9e27d03 · 2024-05-24T11:05:50.000-07:00
* Removing project truncation for project scans
diff --git a/plugins/toolkit/jetbrains-core/it/software/aws/toolkits/jetbrains/services/codewhisperer/CodeWhispererIntegrationTestBase.kt b/plugins/toolkit/jetbrains-core/it/software/aws/toolkits/jetbrains/services/codewhisperer/CodeWhispererIntegrationTestBase.kt
@@ -208,7 +208,7 @@ open class CodeWhispererIntegrationTestBase(val projectRule: CodeInsightTestFixt
                 verify(
                     scanManager,
                     timeout(60000).atLeastOnce()
-                ).renderResponseOnUIThread(issuesCaptor.capture(), any(), any(), CodeWhispererConstants.CodeAnalysisScope.PROJECT)
+                ).renderResponseOnUIThread(issuesCaptor.capture(), any(), CodeWhispererConstants.CodeAnalysisScope.PROJECT)
                 issues = issuesCaptor.lastValue
             }
             verify(telemetryServiceSpy, timeout(60000).atLeastOnce()).sendSecurityScanEvent(codeScanEventCaptor.capture(), anyOrNull())
diff --git a/plugins/toolkit/jetbrains-core/src/software/aws/toolkits/jetbrains/services/codewhisperer/codescan/CodeWhispererCodeScanManager.kt b/plugins/toolkit/jetbrains-core/src/software/aws/toolkits/jetbrains/services/codewhisperer/codescan/CodeWhispererCodeScanManager.kt
@@ -252,7 +252,6 @@ class CodeWhispererCodeScanManager(val project: Project) {
                             renderResponseOnUIThread(
                                 issues,
                                 codeScanResponse.responseContext.payloadContext.scannedFiles,
-                                codeScanSessionConfig.isProjectTruncated(),
                                 scope
                             )
                             codeScanStatus = Result.Succeeded
@@ -631,7 +630,6 @@ class CodeWhispererCodeScanManager(val project: Project) {
     suspend fun renderResponseOnUIThread(
         issues: List<CodeWhispererCodeScanIssue>,
         scannedFiles: List<VirtualFile>,
-        isProjectTruncated: Boolean,
         scope: CodeWhispererConstants.CodeAnalysisScope
     ) {
         withContext(getCoroutineUiContext()) {
@@ -650,14 +648,14 @@ class CodeWhispererCodeScanManager(val project: Project) {
                 codeScanIssuesContent.displayName =
                     message("codewhisperer.codescan.scan_display_with_issues", totalIssuesCount, INACTIVE_TEXT_COLOR)
             }
-            codeScanResultsPanel.updateAndDisplayScanResults(codeScanTreeModel, scannedFiles, isProjectTruncated, scope)
+            codeScanResultsPanel.updateAndDisplayScanResults(codeScanTreeModel, scannedFiles, scope)
         }
     }
 
     @TestOnly
-    suspend fun testRenderResponseOnUIThread(issues: List<CodeWhispererCodeScanIssue>, scannedFiles: List<VirtualFile>, isProjectTruncated: Boolean) {
+    suspend fun testRenderResponseOnUIThread(issues: List<CodeWhispererCodeScanIssue>, scannedFiles: List<VirtualFile>) {
         assert(ApplicationManager.getApplication().isUnitTestMode)
-        renderResponseOnUIThread(issues, scannedFiles, isProjectTruncated, CodeWhispererConstants.CodeAnalysisScope.PROJECT)
+        renderResponseOnUIThread(issues, scannedFiles, CodeWhispererConstants.CodeAnalysisScope.PROJECT)
     }
 
     companion object {
diff --git a/plugins/toolkit/jetbrains-core/src/software/aws/toolkits/jetbrains/services/codewhisperer/codescan/CodeWhispererCodeScanResultsView.kt b/plugins/toolkit/jetbrains-core/src/software/aws/toolkits/jetbrains/services/codewhisperer/codescan/CodeWhispererCodeScanResultsView.kt
@@ -4,7 +4,6 @@
 package software.aws.toolkits.jetbrains.services.codewhisperer.codescan
 
 import com.intellij.icons.AllIcons
-import com.intellij.ide.BrowserUtil
 import com.intellij.openapi.actionSystem.ActionGroup
 import com.intellij.openapi.actionSystem.ActionManager
 import com.intellij.openapi.actionSystem.ActionToolbar
@@ -27,7 +26,6 @@ import java.awt.BorderLayout
 import java.awt.Component
 import java.awt.GridBagConstraints
 import java.awt.GridBagLayout
-import java.net.URI
 import java.time.Instant
 import java.time.format.DateTimeFormatter
 import javax.swing.BorderFactory
@@ -122,7 +120,6 @@ internal class CodeWhispererCodeScanResultsView(private val project: Project) :
     fun updateAndDisplayScanResults(
         scanTreeModel: CodeWhispererCodeScanTreeModel,
         scannedFiles: List<VirtualFile>,
-        isProjectTruncated: Boolean,
         scope: CodeWhispererConstants.CodeAnalysisScope
     ) {
         codeScanTree.apply {
@@ -134,13 +131,6 @@ internal class CodeWhispererCodeScanResultsView(private val project: Project) :
             this.scannedFiles = scannedFiles
         }
 
-        if (isProjectTruncated) {
-            learnMoreLabelLink.addActionListener {
-                // TODO: Change this URL to point to updated security scan documentation
-                BrowserUtil.browse(URI("https://docs.aws.amazon.com/codewhisperer/latest/userguide/security-scans.html"))
-            }
-        }
-
         resultsPanel.apply {
             if (components.contains(progressIndicator)) remove(progressIndicator)
             add(BorderLayout.CENTER, splitter)
@@ -151,7 +141,7 @@ internal class CodeWhispererCodeScanResultsView(private val project: Project) :
         }
 
         if (scope == CodeWhispererConstants.CodeAnalysisScope.PROJECT) {
-            changeInfoLabelToDisplayScanCompleted(scannedFiles.size, isProjectTruncated)
+            changeInfoLabelToDisplayScanCompleted(scannedFiles.size)
         }
     }
 
@@ -244,28 +234,21 @@ internal class CodeWhispererCodeScanResultsView(private val project: Project) :
         }
     }
 
-    private fun changeInfoLabelToDisplayScanCompleted(numScannedFiles: Int, isProjectTruncated: Boolean) {
+    private fun changeInfoLabelToDisplayScanCompleted(numScannedFiles: Int) {
         completeInfoLabel.isVisible = true
         infoLabelPrefix.icon = AllIcons.Actions.Commit
         infoLabelPrefix.text = message(
             "codewhisperer.codescan.run_scan_complete",
             numScannedFiles,
             (codeScanTree.model as CodeWhispererCodeScanTreeModel).getTotalIssuesCount(),
             project.name,
-            if (isProjectTruncated) 1 else 0,
             INACTIVE_TEXT_COLOR,
             DateTimeFormatter.ISO_INSTANT.format(Instant.now())
         )
         infoLabelPrefix.repaint()
         infoLabelPrefix.isVisible = true
         scannedFilesLabelLink.text = message("codewhisperer.codescan.view_scanned_files", numScannedFiles)
         scannedFilesLabelLink.isVisible = true
-        if (isProjectTruncated) {
-            learnMoreLabelLink.apply {
-                text = message("aws.settings.learn_more")
-                isVisible = true
-            }
-        }
     }
 
     private fun createToolbar(): ActionToolbar {
diff --git a/plugins/toolkit/jetbrains-core/src/software/aws/toolkits/jetbrains/services/codewhisperer/codescan/sessionconfig/CodeScanSessionConfig.kt b/plugins/toolkit/jetbrains-core/src/software/aws/toolkits/jetbrains/services/codewhisperer/codescan/sessionconfig/CodeScanSessionConfig.kt
@@ -45,8 +45,6 @@ class CodeScanSessionConfig(
     }
         private set
 
-    private var isProjectTruncated = false
-
     /**
      * Timeout for the overall job - "Run Security Scan".
      */
@@ -60,11 +58,8 @@ class CodeScanSessionConfig(
         else -> (DEFAULT_PAYLOAD_LIMIT_IN_BYTES)
     }
 
-    private fun willExceedPayloadLimit(currentTotalFileSize: Long, currentFileSize: Long): Boolean {
-        val exceedsLimit = currentTotalFileSize > getPayloadLimitInBytes() - currentFileSize
-        isProjectTruncated = isProjectTruncated || exceedsLimit
-        return exceedsLimit
-    }
+    private fun willExceedPayloadLimit(currentTotalFileSize: Long, currentFileSize: Long): Boolean =
+        currentTotalFileSize.let { totalSize -> totalSize > (getPayloadLimitInBytes() - currentFileSize) }
 
     private var programmingLanguage: CodeWhispererProgrammingLanguage = selectedFile?.programmingLanguage() ?: CodeWhispererUnknownLanguage.INSTANCE
 
@@ -159,7 +154,7 @@ class CodeScanSessionConfig(
                         if (!changeListManager.isIgnoredFile(current) && !files.contains(current.path)
                         ) {
                             if (willExceedPayloadLimit(currentTotalFileSize, current.length)) {
-                                break@moduleLoop
+                                fileTooLarge()
                             } else {
                                 val language = current.programmingLanguage()
                                 if (language != CodeWhispererPlainText.INSTANCE && language != CodeWhispererUnknownLanguage.INSTANCE) {
@@ -196,8 +191,6 @@ class CodeScanSessionConfig(
         return PayloadMetadata(files, currentTotalFileSize, currentTotalLines, maxCountLanguage.toTelemetryType())
     }
 
-    fun isProjectTruncated() = isProjectTruncated
-
     fun getPath(root: String, relativePath: String = ""): Path? = try {
         Path.of(root, relativePath).normalize()
     } catch (e: Exception) {
diff --git a/plugins/toolkit/jetbrains-core/tst/software/aws/toolkits/jetbrains/services/codewhisperer/codescan/CodeWhispererCodeScanTestBase.kt b/plugins/toolkit/jetbrains-core/tst/software/aws/toolkits/jetbrains/services/codewhisperer/codescan/CodeWhispererCodeScanTestBase.kt
@@ -251,7 +251,6 @@ open class CodeWhispererCodeScanTestBase(projectRule: CodeInsightTestFixtureRule
         assertThat(includedSourceFiles.size).isEqualTo(includedSourceFilesSize)
         assertThat(srcPayloadSize).isEqualTo(totalSize)
         assertThat(totalLines).isEqualTo(expectedTotalLines)
-        assertThat(sessionConfigSpy.isProjectTruncated()).isFalse
         assertThat(maxCountLanguage).isEqualTo(payloadLanguage)
     }
 
@@ -286,7 +285,6 @@ open class CodeWhispererCodeScanTestBase(projectRule: CodeInsightTestFixtureRule
             scanManagerSpy.testRenderResponseOnUIThread(
                 codeScanResponse.issues,
                 codeScanResponse.responseContext.payloadContext.scannedFiles,
-                sessionConfigSpy.isProjectTruncated()
             )
             assertNotNull(scanManagerSpy.getScanTree().model)
             val treeModel = scanManagerSpy.getScanTree().model as? CodeWhispererCodeScanTreeModel
diff --git a/plugins/toolkit/jetbrains-core/tst/software/aws/toolkits/jetbrains/services/codewhisperer/codescan/CodeWhispererProjectCodeScanTest.kt b/plugins/toolkit/jetbrains-core/tst/software/aws/toolkits/jetbrains/services/codewhisperer/codescan/CodeWhispererProjectCodeScanTest.kt
@@ -7,6 +7,7 @@ import com.intellij.openapi.vfs.VirtualFile
 import org.assertj.core.api.Assertions.assertThat
 import org.junit.Before
 import org.junit.Test
+import org.junit.jupiter.api.assertThrows
 import org.mockito.kotlin.any
 import org.mockito.kotlin.spy
 import org.mockito.kotlin.stub
@@ -92,33 +93,13 @@ class CodeWhispererProjectCodeScanTest : CodeWhispererCodeScanTestBase(PythonCod
     }
 
     @Test
-    fun `test createPayload with custom payload limit`() {
+    fun `test createPayload should throw CodeWhispererCodeScanException if project size is more than Payload Limit`() {
         sessionConfigSpy.stub {
             onGeneric { getPayloadLimitInBytes() }.thenReturn(900)
         }
-        val payload = sessionConfigSpy.createPayload()
-        assertNotNull(payload)
-        assertThat(sessionConfigSpy.isProjectTruncated()).isTrue
-
-        assertThat(payload.context.totalFiles).isEqualTo(3)
-
-        assertThat(payload.context.scannedFiles.size).isEqualTo(3)
-        assertThat(payload.context.scannedFiles).containsExactly(testYaml, testTf, readMeMd)
-
-        // Adding 16 Bytes for read me Markdown file across all tests.
-        assertThat(payload.context.srcPayloadSize).isEqualTo(651)
-        assertThat(payload.context.language).isEqualTo(CodewhispererLanguage.Yaml)
-        assertThat(payload.context.totalLines).isEqualTo(29)
-        assertNotNull(payload.srcZip)
-
-        val bufferedInputStream = BufferedInputStream(payload.srcZip.inputStream())
-        val zis = ZipInputStream(bufferedInputStream)
-        var filesInZip = 0
-        while (zis.nextEntry != null) {
-            filesInZip += 1
+        assertThrows<CodeWhispererCodeScanException> {
+            sessionConfigSpy.createPayload()
         }
-
-        assertThat(filesInZip).isEqualTo(3)
     }
 
     @Test
diff --git a/plugins/toolkit/resources/resources/software/aws/toolkits/resources/MessagesBundle.properties b/plugins/toolkit/resources/resources/software/aws/toolkits/resources/MessagesBundle.properties
@@ -750,7 +750,7 @@ codewhisperer.codescan.no_file_open=Amazon Q: No file is open in an active edito
 codewhisperer.codescan.no_file_open_telemetry=Open a valid file to scan.
 codewhisperer.codescan.problems_window_not_found=Unable to display Security Scan results as the Problems View tool window cannot be fetched.
 codewhisperer.codescan.run_scan=Run Project Scan
-codewhisperer.codescan.run_scan_complete=<html><body> Security Scan completed for {0, choice, 1#1 file|2#{0,number} files}. {1, choice, 0#No issues|1#1 issue|2#{1,number} issues} found in {2}. {3, choice, 0# |1# File size limit reached.} <font color="{4}">  Last Run {5} </font></body></html>
+codewhisperer.codescan.run_scan_complete=<html><body> Security Scan completed for {0, choice, 1#1 file|2#{0,number} files}. {1, choice, 0#No issues|1#1 issue|2#{1,number} issues} found in {2}. <font color="{3}">  Last Run {4} </font></body></html>
 codewhisperer.codescan.run_scan_error=Amazon Q encountered an error while scanning for security issues. Please try again later.
 codewhisperer.codescan.run_scan_error_telemetry=Security scan failed.
 codewhisperer.codescan.run_scan_info=Select 'Run' in toolbar to scan this package for security issues.

Original file line number	Diff line number	Diff line change
`@@ -208,7 +208,7 @@ open class CodeWhispererIntegrationTestBase(val projectRule: CodeInsightTestFixt`
`208`	`208`	`verify(`
`209`	`209`	`scanManager,`
`210`	`210`	`timeout(60000).atLeastOnce()`
`211`		`- ).renderResponseOnUIThread(issuesCaptor.capture(), any(), any(), CodeWhispererConstants.CodeAnalysisScope.PROJECT)`
	`211`	`+ ).renderResponseOnUIThread(issuesCaptor.capture(), any(), CodeWhispererConstants.CodeAnalysisScope.PROJECT)`
`212`	`212`	`issues = issuesCaptor.lastValue`
`213`	`213`	`}`
`214`	`214`	`verify(telemetryServiceSpy, timeout(60000).atLeastOnce()).sendSecurityScanEvent(codeScanEventCaptor.capture(), anyOrNull())`
Original file line number	Diff line number	Diff line change
`@@ -251,7 +251,6 @@ open class CodeWhispererCodeScanTestBase(projectRule: CodeInsightTestFixtureRule`
`251`	`251`	`assertThat(includedSourceFiles.size).isEqualTo(includedSourceFilesSize)`
`252`	`252`	`assertThat(srcPayloadSize).isEqualTo(totalSize)`
`253`	`253`	`assertThat(totalLines).isEqualTo(expectedTotalLines)`
`254`		`- assertThat(sessionConfigSpy.isProjectTruncated()).isFalse`
`255`	`254`	`assertThat(maxCountLanguage).isEqualTo(payloadLanguage)`
`256`	`255`	`}`
`257`	`256`
`@@ -286,7 +285,6 @@ open class CodeWhispererCodeScanTestBase(projectRule: CodeInsightTestFixtureRule`
`286`	`285`	`scanManagerSpy.testRenderResponseOnUIThread(`
`287`	`286`	`codeScanResponse.issues,`
`288`	`287`	`codeScanResponse.responseContext.payloadContext.scannedFiles,`
`289`		`- sessionConfigSpy.isProjectTruncated()`
`290`	`288`	`)`
`291`	`289`	`assertNotNull(scanManagerSpy.getScanTree().model)`
`292`	`290`	`val treeModel = scanManagerSpy.getScanTree().model as? CodeWhispererCodeScanTreeModel`