Merge pull request #84 from leanix/feature/CID-3590/picking-up-wrong-file-as-manifest

mohamedlajmileanix · web-flow · commit f78338342154 · 2025-03-07T09:16:18.000+01:00
CID-3590: Skip manifest files with wrong name
diff --git a/src/main/kotlin/net/leanix/githubagent/services/GitHubScanningService.kt b/src/main/kotlin/net/leanix/githubagent/services/GitHubScanningService.kt
@@ -129,7 +129,7 @@ class GitHubScanningService(
 
     fun fetchManifestFilesAndSend(installation: Installation, repository: RepositoryDto) {
         if (repository.archived) return
-        val manifestFiles = fetchManifestFiles(installation, repository.name).getOrThrow().items
+        val manifestFiles = fetchManifestFiles(installation, repository.name).getOrThrow()
         val manifestFilesContents = fetchManifestContents(
             installation,
             manifestFiles,
@@ -149,13 +149,14 @@ class GitHubScanningService(
 
     private fun fetchManifestFiles(installation: Installation, repositoryName: String) = runCatching {
         val installationToken = cachingService.get("installationToken:${installation.id}").toString()
-        rateLimitHandler.executeWithRateLimitHandler(RateLimitType.SEARCH) {
+        val manifestFiles = rateLimitHandler.executeWithRateLimitHandler(RateLimitType.SEARCH) {
             gitHubClient.searchManifestFiles(
                 "Bearer $installationToken",
                 "" +
                     "repo:${installation.account.login}/$repositoryName filename:$MANIFEST_FILE_NAME"
             )
         }
+        manifestFiles.items.filter { it.name.lowercase() == MANIFEST_FILE_NAME }
     }
     private fun fetchManifestContents(
         installation: Installation,
diff --git a/src/main/kotlin/net/leanix/githubagent/services/WebhookEventService.kt b/src/main/kotlin/net/leanix/githubagent/services/WebhookEventService.kt
@@ -110,9 +110,9 @@ class WebhookEventService(
         repositoryName: String,
         installationToken: String
     ) {
-        val addedManifestFiles = headCommit.added.filter { it.contains(MANIFEST_FILE_NAME) }
-        val modifiedManifestFiles = headCommit.modified.filter { it.contains(MANIFEST_FILE_NAME) }
-        val removedManifestFiles = headCommit.removed.filter { it.contains(MANIFEST_FILE_NAME) }
+        val addedManifestFiles = headCommit.added.filter { isLeanixManifestFile(it.lowercase()) }
+        val modifiedManifestFiles = headCommit.modified.filter { isLeanixManifestFile(it.lowercase()) }
+        val removedManifestFiles = headCommit.removed.filter { isLeanixManifestFile(it.lowercase()) }
 
         addedManifestFiles.forEach { filePath ->
             handleAddedOrModifiedManifestFile(
@@ -143,6 +143,8 @@ class WebhookEventService(
         }
     }
 
+    private fun isLeanixManifestFile(it: String) = it == MANIFEST_FILE_NAME || it.endsWith("/$MANIFEST_FILE_NAME")
+
     private fun getInstallationToken(installationId: Int): String {
         var installationToken = cachingService.get("installationToken:$installationId")?.toString()
         if (installationToken == null) {
diff --git a/src/main/kotlin/net/leanix/githubagent/shared/Constants.kt b/src/main/kotlin/net/leanix/githubagent/shared/Constants.kt
@@ -12,7 +12,7 @@ val SUPPORTED_EVENT_TYPES = listOf(
     "INSTALLATION",
 )
 
-val fileNameMatchRegex = Regex("/?$MANIFEST_FILE_NAME\$")
+val fileNameMatchRegex = Regex("/?$MANIFEST_FILE_NAME\$", RegexOption.IGNORE_CASE)
 
 const val GITHUB_APP_LABEL = "GitHub App"
 const val INSTALLATION_LABEL = "Installation"
diff --git a/src/test/kotlin/net/leanix/githubagent/services/GitHubScanningServiceTest.kt b/src/test/kotlin/net/leanix/githubagent/services/GitHubScanningServiceTest.kt
@@ -288,6 +288,147 @@ class GitHubScanningServiceTest {
         assertEquals(fileSlot.captured.manifestFiles[0].path, "")
     }
 
+    @Test
+    fun `scanGitHubResources should not send manifest files over WebSocket for manifest files with wrong name`() {
+        // given
+        every { cachingService.get("runId") } returns runId
+        every { gitHubGraphQLService.getRepositories(any(), any()) } returns PagedRepositories(
+            repositories = listOf(
+                RepositoryDto(
+                    id = "repo1",
+                    name = "TestRepo",
+                    organizationName = "testOrg",
+                    description = "A test repository",
+                    url = "https://github.com/testRepo",
+                    defaultBranch = "main",
+                    archived = false,
+                    visibility = RepositoryVisibility.PUBLIC,
+                    updatedAt = "2024-01-01T00:00:00Z",
+                    languages = listOf("Kotlin", "Java"),
+                    topics = listOf("test", "example"),
+                )
+            ),
+            hasNextPage = false,
+            cursor = null
+        )
+        every { gitHubClient.searchManifestFiles(any(), any()) } returns GitHubSearchResponse(
+            1,
+            listOf(
+                ItemResponse(
+                    name = MANIFEST_FILE_NAME,
+                    path = MANIFEST_FILE_NAME,
+                    repository = RepositoryItemResponse(
+                        name = "TestRepo",
+                        fullName = "testOrg/TestRepo"
+                    ),
+                    url = "http://url"
+                ),
+                ItemResponse(
+                    name = MANIFEST_FILE_NAME,
+                    path = "a/$MANIFEST_FILE_NAME",
+                    repository = RepositoryItemResponse(
+                        name = "TestRepo",
+                        fullName = "testOrg/TestRepo"
+                    ),
+                    url = "http://url"
+                ),
+                ItemResponse(
+                    name = "a-$MANIFEST_FILE_NAME",
+                    path = "a/a-$MANIFEST_FILE_NAME",
+                    repository = RepositoryItemResponse(
+                        name = "TestRepo",
+                        fullName = "testOrg/TestRepo"
+                    ),
+                    url = "http://url"
+                )
+            )
+        )
+        every { gitHubGraphQLService.getManifestFileContent(any(), any(), MANIFEST_FILE_NAME, any()) } returns "content"
+        every {
+            gitHubGraphQLService.getManifestFileContent(any(), any(), "a/$MANIFEST_FILE_NAME", any())
+        } returns "content"
+
+        // when
+        gitHubScanningService.scanGitHubResources()
+
+        // then
+        verify(exactly = 1) { webSocketService.sendMessage(eq("$runId/manifestFiles"), any()) }
+        verify(exactly = 1) { syncLogService.sendInfoLog("Scanning repository TestRepo for manifest files.") }
+        verify(exactly = 1) { syncLogService.sendInfoLog("Found 2 manifest files in repository TestRepo.") }
+    }
+
+    @Test
+    fun `scanGitHubResources should accept manifest files with case ignored`() {
+        // given
+        every { cachingService.get("runId") } returns runId
+        every { gitHubGraphQLService.getRepositories(any(), any()) } returns PagedRepositories(
+            repositories = listOf(
+                RepositoryDto(
+                    id = "repo1",
+                    name = "TestRepo",
+                    organizationName = "testOrg",
+                    description = "A test repository",
+                    url = "https://github.com/testRepo",
+                    defaultBranch = "main",
+                    archived = false,
+                    visibility = RepositoryVisibility.PUBLIC,
+                    updatedAt = "2024-01-01T00:00:00Z",
+                    languages = listOf("Kotlin", "Java"),
+                    topics = listOf("test", "example"),
+                )
+            ),
+            hasNextPage = false,
+            cursor = null
+        )
+        every { gitHubClient.searchManifestFiles(any(), any()) } returns GitHubSearchResponse(
+            1,
+            listOf(
+                ItemResponse(
+                    name = "leanIX.yaml",
+                    path = "leanIX.yaml",
+                    repository = RepositoryItemResponse(
+                        name = "TestRepo",
+                        fullName = "testOrg/TestRepo"
+                    ),
+                    url = "http://url"
+                ),
+                ItemResponse(
+                    name = "lEAnIX.yaml",
+                    path = "a/lEAnIX.yaml",
+                    repository = RepositoryItemResponse(
+                        name = "TestRepo",
+                        fullName = "testOrg/TestRepo"
+                    ),
+                    url = "http://url"
+                ),
+                ItemResponse(
+                    name = MANIFEST_FILE_NAME,
+                    path = "b/$MANIFEST_FILE_NAME",
+                    repository = RepositoryItemResponse(
+                        name = "TestRepo",
+                        fullName = "testOrg/TestRepo"
+                    ),
+                    url = "http://url"
+                )
+            )
+        )
+        every {
+            gitHubGraphQLService.getManifestFileContent(any(), any(), "b/leanix.yaml", any())
+        } returns "content"
+        every {
+            gitHubGraphQLService.getManifestFileContent(any(), any(), "leanIX.yaml", any())
+        } returns "content"
+        every {
+            gitHubGraphQLService.getManifestFileContent(any(), any(), "a/lEAnIX.yaml", any())
+        } returns "content"
+
+        // when
+        gitHubScanningService.scanGitHubResources()
+
+        // then
+        verify(exactly = 1) { syncLogService.sendInfoLog("Found 3 manifest files in repository TestRepo.") }
+    }
+
     @Test
     fun `scanGitHubResources should skip organizations without correct permissions and events`() {
         every { cachingService.get("runId") } returns runId
diff --git a/src/test/kotlin/net/leanix/githubagent/services/WebhookEventServiceTest.kt b/src/test/kotlin/net/leanix/githubagent/services/WebhookEventServiceTest.kt
@@ -118,6 +118,108 @@ class WebhookEventServiceTest {
         }
     }
 
+    @Test
+    fun `should not process push event with wrong name`() {
+        val payload = """{
+            "repository": {
+                "name": "repo",
+                "full_name": "owner/repo",
+                "owner": {"name": "owner"},
+                "default_branch": "main"
+            },
+            "head_commit": {
+                "added": [],
+                "modified": ["$MANIFEST_FILE_NAME", "a-$MANIFEST_FILE_NAME", "a/$MANIFEST_FILE_NAME", "a/a-$MANIFEST_FILE_NAME"],
+                "removed": []
+            },
+            "installation": {"id": 1},
+            "ref": "refs/heads/main"
+        }"""
+
+        webhookEventService.consumeWebhookEvent("PUSH", payload)
+
+        verify(exactly = 1) {
+            webSocketService.sendMessage(
+                "/events/manifestFile",
+                ManifestFileUpdateDto(
+                    "owner/repo",
+                    ManifestFileAction.MODIFIED,
+                    "content",
+                    ""
+                )
+            )
+        }
+
+        verify(exactly = 1) {
+            webSocketService.sendMessage(
+                "/events/manifestFile",
+                ManifestFileUpdateDto(
+                    "owner/repo",
+                    ManifestFileAction.MODIFIED,
+                    "content",
+                    "tree/main/a"
+                )
+            )
+        }
+    }
+
+    @Test
+    fun `should accept manifest files with case ignore`() {
+        val payload = """{
+            "repository": {
+                "name": "repo",
+                "full_name": "owner/repo",
+                "owner": {"name": "owner"},
+                "default_branch": "main"
+            },
+            "head_commit": {
+                "added": [],
+                "modified": ["a/$MANIFEST_FILE_NAME", "b/leanIX.yaml", "LEanIX.yaml"],
+                "removed": []
+            },
+            "installation": {"id": 1},
+            "ref": "refs/heads/main"
+        }"""
+
+        webhookEventService.consumeWebhookEvent("PUSH", payload)
+
+        verify(exactly = 1) {
+            webSocketService.sendMessage(
+                "/events/manifestFile",
+                ManifestFileUpdateDto(
+                    "owner/repo",
+                    ManifestFileAction.MODIFIED,
+                    "content",
+                    "tree/main/b"
+                )
+            )
+        }
+
+        verify(exactly = 1) {
+            webSocketService.sendMessage(
+                "/events/manifestFile",
+                ManifestFileUpdateDto(
+                    "owner/repo",
+                    ManifestFileAction.MODIFIED,
+                    "content",
+                    "tree/main/a"
+                )
+            )
+        }
+
+        verify(exactly = 1) {
+            webSocketService.sendMessage(
+                "/events/manifestFile",
+                ManifestFileUpdateDto(
+                    "owner/repo",
+                    ManifestFileAction.MODIFIED,
+                    "content",
+                    ""
+                )
+            )
+        }
+    }
+
     @Test
     fun `should send all events of type other than push to backend without processing`() {
         val payload = """{

Original file line number	Diff line number	Diff line change
`@@ -12,7 +12,7 @@ val SUPPORTED_EVENT_TYPES = listOf(`
`12`	`12`	`"INSTALLATION",`
`13`	`13`	`)`
`14`	`14`
`15`		`-val fileNameMatchRegex = Regex("/?$MANIFEST_FILE_NAME\$")`
	`15`	`+val fileNameMatchRegex = Regex("/?$MANIFEST_FILE_NAME\$", RegexOption.IGNORE_CASE)`
`16`	`16`
`17`	`17`	`const val GITHUB_APP_LABEL = "GitHub App"`
`18`	`18`	`const val INSTALLATION_LABEL = "Installation"`