tests: add codewhisperer integration tests (#3176)

PR adding CodeWhisperer integration tests.

Adds integration test scenarios listed under 'Testing scenarios' in client side ops doc here.

Note:
    * To run tests, use VSC launch config (select Integration Tests option and click RUN AND DEBUG - see screenshot below). Tests do not work with Integration Tests (current file) option.
    * User must have a valid CodeWhisperer auth connection prior to running tests. If the user does not have a valid auth connection or if the tests are run using npm scripts, these integration tests will skip.

Author: crossrac

src/codewhisperer/util/authUtil.ts

@@ -28,7 +28,7 @@ import { getCodeCatalystDevEnvId } from '../../shared/vscode/env'
 
 export const awsBuilderIdSsoProfile = createBuilderIdProfile()
 // No connections are valid within C9
-const isValidCodeWhispererConnection = (conn: Connection): conn is SsoConnection =>
+export const isValidCodeWhispererConnection = (conn: Connection): conn is SsoConnection =>
     !isCloud9() && isSsoConnection(conn) && hasScopes(conn, codewhispererScopes)
 
 export class AuthUtil {

src/integrationTest/codewhisperer/e2e/referenceTracker.test.ts

@@ -0,0 +1,125 @@
+/*!
+ * Copyright 2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import * as assert from 'assert'
+import * as codewhispererClient from '../../../codewhisperer/client/codewhisperer'
+import { ConfigurationEntry } from '../../../codewhisperer/models/model'
+import { setValidConnection, skiptTestIfNoValidConn } from '../../util/codewhispererUtil'
+import { RecommendationHandler } from '../../../codewhisperer/service/recommendationHandler'
+import { createMockTextEditor, resetCodeWhispererGlobalVariables } from '../../../test/codewhisperer/testUtil'
+import { invokeRecommendation } from '../../../codewhisperer/commands/invokeRecommendation'
+
+/*
+New model deployment may impact references returned. 
+
+These tests:
+    1) are not required for github approval flow 
+    2) will be auto-skipped until fix for manual runs is posted.
+*/
+
+const leftContext = `InAuto.GetContent(
+    InAuto.servers.auto, "vendors.json",
+    function (data) {
+        let block = '';
+        for(let i = 0; i < data.length; i++) {
+            block += '<a href="' + data`
+
+const rightContext = `[i].title + '">' + cars[i].title + '</a>';
+        }
+        $('#cars').html(block);
+    });`
+
+describe('CodeWhisperer service invocation', async function () {
+    let validConnection: boolean
+    const client = new codewhispererClient.DefaultCodeWhispererClient()
+    const configWithRefs: ConfigurationEntry = {
+        isShowMethodsEnabled: true,
+        isManualTriggerEnabled: true,
+        isAutomatedTriggerEnabled: true,
+        isSuggestionsWithCodeReferencesEnabled: true,
+    }
+    const configWithNoRefs: ConfigurationEntry = {
+        isShowMethodsEnabled: true,
+        isManualTriggerEnabled: true,
+        isAutomatedTriggerEnabled: true,
+        isSuggestionsWithCodeReferencesEnabled: false,
+    }
+
+    before(async function () {
+        validConnection = await setValidConnection()
+    })
+
+    beforeEach(function () {
+        resetCodeWhispererGlobalVariables()
+        RecommendationHandler.instance.clearRecommendations()
+        //TODO: remove this line (this.skip()) when these tests no longer auto-skipped
+        this.skip()
+        //valid connection required to run tests
+        skiptTestIfNoValidConn(validConnection, this)
+       
+    })
+
+    it('trigger known to return recs with references returns rec with reference', async function () {
+        //check that handler is empty before invocation
+        const requestIdBefore = RecommendationHandler.instance.requestId
+        const sessionIdBefore = RecommendationHandler.instance.sessionId
+        const validRecsBefore = RecommendationHandler.instance.isValidResponse()
+
+        assert.ok(requestIdBefore.length === 0)
+        assert.ok(sessionIdBefore.length === 0)
+        assert.ok(!validRecsBefore)
+
+        const doc = leftContext + rightContext
+        const filename = 'test.js'
+        const language = 'javascript'
+        const line = 5
+        const character = 39
+        const mockEditor = createMockTextEditor(doc, filename, language, line, character)
+
+        await invokeRecommendation(mockEditor, client, configWithRefs)
+
+        const requestId = RecommendationHandler.instance.requestId
+        const sessionId = RecommendationHandler.instance.sessionId
+        const validRecs = RecommendationHandler.instance.isValidResponse()
+        const references = RecommendationHandler.instance.recommendations[0].references
+
+        assert.ok(requestId.length > 0)
+        assert.ok(sessionId.length > 0)
+        assert.ok(validRecs)
+        assert.ok(references !== undefined)
+        //TODO: uncomment this assert when this test is no longer auto-skipped
+        // assert.ok(references.length > 0)
+    })
+
+    //This test will fail if user is logged in with IAM identity center
+    it('trigger known to return rec with references does not return rec with references when reference tracker setting is off', async function () {
+        //check that handler is empty before invocation
+        const requestIdBefore = RecommendationHandler.instance.requestId
+        const sessionIdBefore = RecommendationHandler.instance.sessionId
+        const validRecsBefore = RecommendationHandler.instance.isValidResponse()
+        
+        assert.ok(requestIdBefore.length === 0)
+        assert.ok(sessionIdBefore.length === 0)
+        assert.ok(!validRecsBefore)
+
+        const doc = leftContext + rightContext
+        const filename = 'test.js'
+        const language = 'javascript'
+        const line = 5
+        const character = 39
+        const mockEditor = createMockTextEditor(doc, filename, language, line, character)
+
+        await invokeRecommendation(mockEditor, client, configWithNoRefs)
+
+        const requestId = RecommendationHandler.instance.requestId
+        const sessionId = RecommendationHandler.instance.sessionId
+        const validRecs = RecommendationHandler.instance.isValidResponse()
+ 
+        assert.ok(requestId.length > 0)
+        assert.ok(sessionId.length > 0)
+        //no recs returned because example request returns 1 rec with reference, so no recs returned when references off
+        assert.ok(!validRecs)
+    })
+})

src/integrationTest/codewhisperer/e2e/securityScan.test.ts

@@ -0,0 +1,202 @@
+/*!
+ * Copyright 2022 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+import * as assert from 'assert'
+import * as vscode from 'vscode'
+import * as codewhispererClient from '../../../codewhisperer/client/codewhisperer'
+import * as CodeWhispererConstants from '../../../codewhisperer/models/constants'
+import * as path from 'path'
+import * as testutil from '../../../test/testUtil'
+import * as fs from 'fs-extra'
+import { setValidConnection, skiptTestIfNoValidConn } from '../../util/codewhispererUtil'
+import { resetCodeWhispererGlobalVariables } from '../../../test/codewhisperer/testUtil'
+import { getTestWorkspaceFolder } from '../../integrationTestsUtilities'
+import { closeAllEditors } from '../../../test/testUtil'
+import { DependencyGraphFactory } from '../../../codewhisperer/util/dependencyGraph/dependencyGraphFactory'
+import { statSync } from 'fs'
+import {
+    getPresignedUrlAndUpload,
+    createScanJob,
+    pollScanJobStatus,
+    listScanResults,
+} from '../../../codewhisperer/service/securityScanHandler'
+import { makeTemporaryToolkitFolder } from '../../../shared/filesystemUtilities'
+
+const filePromptWithSecurityIssues = `from flask import app
+
+def execute_input_noncompliant():
+    from flask import request
+    module_version = request.args.get("module_version")
+    # Noncompliant: executes unsanitized inputs.
+    exec("import urllib%s as urllib" % module_version)
+        
+def execute_input_compliant():
+    from flask import request
+    module_version = request.args.get("module_version")
+    # Compliant: executes sanitized inputs.
+    exec("import urllib%d as urllib" % int(module_version))`
+
+const largePrompt = 'a'.repeat(CodeWhispererConstants.codeScanPythonPayloadSizeLimitBytes + 1)
+
+const javaPromptNoBuild = `class HelloWorld {
+    public static void main(String[] args) {
+        System.out.println("Hello World!"); 
+    }
+}`
+
+describe('CodeWhisperer security scan', async function () {
+    let validConnection: boolean
+    let tempFolder: string
+    const client = new codewhispererClient.DefaultCodeWhispererClient()
+    const workspaceFolder = getTestWorkspaceFolder()
+
+    before(async function () {
+        validConnection = await setValidConnection()
+    })
+
+    beforeEach(function () {
+        resetCodeWhispererGlobalVariables()
+        //valid connection required to run tests
+        skiptTestIfNoValidConn(validConnection, this)
+    })
+
+    afterEach(async function () {
+        if(tempFolder !== undefined){
+            await fs.remove(tempFolder)
+        }
+    })
+
+    after(function () {
+        closeAllEditors()
+    })
+
+    const openTestFile = async (filePath: string) => {
+        const doc = await vscode.workspace.openTextDocument(filePath)
+        return await vscode.window.showTextDocument(doc, {
+            selection: new vscode.Range(new vscode.Position(0, 0), new vscode.Position(0, 1)),
+        })
+    }
+
+    function getDependencyGraph(languageId: string) {
+        return DependencyGraphFactory.getDependencyGraph(languageId)
+    }
+
+    /*
+    securityJobSetup: combines steps 1 and 2 in startSecurityScan:
+    
+        Step 1: Generate context truncations
+        Step 2: Get presigned Url, upload and clean up
+
+    returns artifactMap and projectPath
+    */
+    async function securityJobSetup(editor: vscode.TextEditor) {
+        const dependencyGraph = getDependencyGraph(editor.document.languageId)
+        if (dependencyGraph === undefined) {
+            throw new Error(`"${editor.document.languageId}" is not supported for security scan.`)
+        }
+        const uri = dependencyGraph.getRootFile(editor)
+
+        if (dependencyGraph.reachSizeLimit(statSync(uri.fsPath).size)) {
+            throw new Error(
+                `Selected file larger than ${dependencyGraph.getReadableSizeLimit()}. Try a different file.`
+            )
+        }
+        const projectPath = dependencyGraph.getProjectPath(uri)
+        const truncation = await dependencyGraph.generateTruncationWithTimeout(
+            uri,
+            CodeWhispererConstants.contextTruncationTimeoutSeconds
+        )
+
+        let artifactMap
+        try {
+            artifactMap = await getPresignedUrlAndUpload(client, truncation)
+        } finally {
+            dependencyGraph.removeTmpFiles(truncation)
+        }
+        return {
+            artifactMap: artifactMap,
+            projectPath: projectPath,
+        }
+    }
+
+    it('codescan request with valid input params and no security issues completes scan and returns no recommendations', async function () {
+        //set up file and editor
+        const appRoot = path.join(workspaceFolder, 'python3.7-plain-sam-app')
+        const appCodePath = path.join(appRoot, 'hello_world', 'app.py')
+        const editor = await openTestFile(appCodePath)
+
+        //run security scan
+        const securityJobSetupResult = await securityJobSetup(editor)
+        const artifactMap = securityJobSetupResult.artifactMap
+        const projectPath = securityJobSetupResult.projectPath
+
+        //get job status and result
+        const scanJob = await createScanJob(client, artifactMap, editor.document.languageId)
+        const jobStatus = await pollScanJobStatus(client, scanJob.jobId)
+        const securityRecommendationCollection = await listScanResults(
+            client,
+            scanJob.jobId,
+            CodeWhispererConstants.codeScanFindingsSchema,
+            projectPath
+        )
+
+        assert.deepStrictEqual(jobStatus, 'Completed')
+        assert.ok(securityRecommendationCollection.length === 0)
+    })
+
+    it('codescan request with valid input params and security issues completes scan and returns recommendations', async function () {
+        //set up file and editor
+        tempFolder = await makeTemporaryToolkitFolder()
+        const tempFile = path.join(tempFolder, 'test.py')
+        testutil.toFile(filePromptWithSecurityIssues, tempFile)
+        const editor = await openTestFile(tempFile)
+
+        //run security scan
+        const securityJobSetupResult = await securityJobSetup(editor)
+        const artifactMap = securityJobSetupResult.artifactMap
+        const projectPath = securityJobSetupResult.projectPath
+        const scanJob = await createScanJob(client, artifactMap, editor.document.languageId)
+
+        //get job status and result
+        const jobStatus = await pollScanJobStatus(client, scanJob.jobId)
+        const securityRecommendationCollection = await listScanResults(
+            client,
+            scanJob.jobId,
+            CodeWhispererConstants.codeScanFindingsSchema,
+            projectPath
+        )
+
+        assert.deepStrictEqual(jobStatus, 'Completed')
+        assert.ok(securityRecommendationCollection.length === 1)
+    })
+
+    it('codescan request on file that is too large causes scan job setup to fail', async function () {
+        tempFolder = await makeTemporaryToolkitFolder()
+        const tempFile = path.join(tempFolder, 'test2.py')
+        testutil.toFile(largePrompt, tempFile)
+        const editor = await openTestFile(tempFile)
+
+        await assert.rejects(() => securityJobSetup(editor))
+    })
+
+    it('codescan request on java file with no build causes scan job setup to fail', async function () {
+        tempFolder = await makeTemporaryToolkitFolder()
+        const tempFile = path.join(tempFolder, 'test.java')
+        testutil.toFile(javaPromptNoBuild, tempFile)
+        const editor = await openTestFile(tempFile)
+
+        await assert.rejects(() => securityJobSetup(editor))
+    })
+
+    it('codescan request for file in unsupported language fails to generate dependency graph and causes scan setup to fail', async function () {
+        const appRoot = path.join(workspaceFolder, 'go1-plain-sam-app')
+        const appCodePath = path.join(appRoot, 'hello-world', 'main.go')
+        const editor = await openTestFile(appCodePath)
+        const dependencyGraph = getDependencyGraph(editor.document.languageId)
+
+        assert.strictEqual(dependencyGraph, undefined)
+        await assert.rejects(() => securityJobSetup(editor))
+    })
+})